diff --git a/SE_API/API.py b/SE_API/API.py index f90b38f..2e66002 100644 --- a/SE_API/API.py +++ b/SE_API/API.py @@ -59,12 +59,21 @@ def confirm_user_to_campus(validation_token): token = str(validation_token).split('|')[0] email_sufix = '@'+str(validation_token).split('|')[1] - if is_user_token_valid(token): - return Response(status=200, response=json.dumps({'token': token, 'suffix': email_sufix})) + user = get_user_by_token(token) + + if user is None: + return forbidden('Forbidden: invalid Token') else: - return Response(response=json.dumps({'message': 'Not A Valid Token!'}), - status=403, - mimetype="application/json") + campus = get_campus_by_suffix(email_sufix) + if campus is None: + return bad_request('Bad Request: Email Suffix ' + email_sufix + ' Not Found') + user.isFirstLogin = False + user.seToken = str(uuid.uuid4()) + if str(campus.key().id()) not in user.campuses_id_list: + user.campuses_id_list.append(str(campus.key().id())) + db.put(user) + return cookieMonster(user.seToken) + @app.route('/api/validation/sendmail/', methods=['POST']) diff --git a/SE_API/Respones_Utils.py b/SE_API/Respones_Utils.py index a7d7b17..b789974 100644 --- a/SE_API/Respones_Utils.py +++ b/SE_API/Respones_Utils.py @@ -3,13 +3,13 @@ __author__ = 'Aran' from flask import Response import json -def bad_request(): - return Response(response=json.dumps({'message': 'Bad Request'}), +def bad_request(message='Bad Request'): + return Response(response=json.dumps({'message': message}), status=400, mimetype="application/json") -def forbidden(message={'message': 'Forbidden'}): - return Response(response=json.dumps(message), +def forbidden(message='Forbidden'): + return Response(response=json.dumps({'message': message}), status=403, mimetype="application/json") \ No newline at end of file diff --git a/SE_API/Validation_Utils.py b/SE_API/Validation_Utils.py index 9226d61..e99b2bd 100644 --- a/SE_API/Validation_Utils.py +++ b/SE_API/Validation_Utils.py @@ -1,6 +1,7 @@ __author__ = 'sagi' from google.appengine.ext import db from models.User import User +from models.Campus import Campus from google.appengine.api import mail @@ -12,6 +13,14 @@ def get_user_by_token(token): return u return None +def get_campus_by_suffix(suffix): + query = Campus.all() + query.filter("email_ending = ", suffix) + + for c in query.run(limit = 1): + return c + return None + def is_user_token_valid(token): user = get_user_by_token(token) if user is not None: diff --git a/models/User.py b/models/User.py index c336d36..8c3e330 100644 --- a/models/User.py +++ b/models/User.py @@ -5,7 +5,7 @@ from google.appengine.ext import db class User(db.Model): username = db.StringProperty(required=True) - name = db.StringProperty(required=True) + name = db.StringProperty(required=False) email = db.StringProperty(required=True) isLecturer = db.BooleanProperty(required=True) accessToken = db.StringProperty(required=True)