-
Notifications
You must be signed in to change notification settings - Fork 1
/
app.py
171 lines (155 loc) · 5.49 KB
/
app.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
import os
from datetime import datetime
from flask import Flask, request, redirect, jsonify, send_file, render_template
import db
from flask_cors import CORS
app = Flask(__name__, static_folder="build")
CORS(app)
ALLOWED_EXTENSIONS = set(['png', 'jpg', 'jpeg'])
"""Test connection GET request
Return json message for connection test
"""
@app.route('/home', methods=['GET'])
def home():
response = jsonify(
{'message': 'Welcome', "Time": datetime.now().__str__()})
response.status_code = 200
return response
# Authintecation
"""Sing in POST request
Take email and password from request body as form data or json
then verify and validate email and password
Return user data with 200 OK response code
Errors:
User not found 404 response code
input empty or miss 400 response code
"""
@app.route('/signin', methods=['POST'])
def signin():
data = request.json
if data == None:
email = request.form.get("email")
password = request.form.get("password")
else:
try:
email = data['email']
password = data['password']
except:
response = jsonify({'message': 'input error'})
response.status_code = 400
return response
if email == None or password == None:
response = jsonify({'message': 'input error'})
response.status_code = 400
return response
else:
result = db.getUser(email, password)
if result == {"message": "Not Exist"}:
response = jsonify(result)
response.status_code = 404
return response
else:
del result['_id']
del result['email']
del result['password']
response = jsonify(result)
response.status_code = 200
return response
"""Sing up POST request
Take name , email and password from request body as form data or json
then verify and validate name , email and password then add user to database
Return json message with 201 OK response code
Errors:
input empty or miss 400 response code
"""
@app.route('/signup', methods=['POST'])
def signup():
data = request.json
if data == None:
name = request.form.get("name")
email = request.form.get("email")
password = request.form.get("password")
else:
try:
name = data['name']
email = data['email']
password = data['password']
except:
response = jsonify({'message': 'input error'})
response.status_code = 400
return response
if email == None or password == None or name == None:
response = jsonify({'message': 'input error'})
response.status_code = 400
return response
else:
result = db.addUser(name, email, password)
response = jsonify(result)
response.status_code = 201
return response
# Check file extention if accepted
def allowed_file(filename):
return '.' in filename and filename.rsplit('.', 1)[1].lower() in ALLOWED_EXTENSIONS
""" File GET request
Take Uploaded Filename as request parameter
Return file if exist 200 code response
"""
@app.route('/files/<filename>', methods=['GET'])
def files(filename):
response = send_file(os.path.join(
"./uploads", filename), as_attachment=True)
response.status_code = 200
return response
"""upload POST request
Take email , password and file from request body as form data
then verify and validate file , email and password
then check file type if allowed
then authenticate user and save file in ./uploads with timestamp file name
Return uploaded file name
Errors:
input empty or miss or bad 400 response code
Unauthorized user 403 response code
"""
@app.route('/upload', methods=['POST'])
def upload_file():
email = request.form.get("email")
password = request.form.get("password")
method = request.form.get("method")
print(method)
if email == None or password == None:
response = jsonify({'message': 'Unauthorized'})
response.status_code = 403
return response
else:
result = db.getUser(email, password)
if result == {"message": "Not Exist"}:
response = jsonify({'message': 'Unauthorized'})
response.status_code = 403
return response
else:
if 'file' not in request.files:
response = jsonify({'message': 'No file part in the request'})
response.status_code = 400
return response
file = request.files['file']
if file.filename == '':
response = jsonify(
{'message': 'No file selected for uploading'})
response.status_code = 400
return response
if file and allowed_file(file.filename):
filename = datetime.now().timestamp().__int__().__str__()
filename = filename + "."
file.filename.split('.', 1)[1].lower()
file.save(os.path.join("./uploads", filename))
db.addphoto(email=email, password=password,
photoName=filename)
response = filename
return response
else:
response = jsonify(
{'message': 'Allowed file types are png, jpg, jpeg'})
response.status_code = 400
return response
if __name__ == "__main__":
app.run()