API: Email Validation Works (Only Production!)

This commit is contained in:
Sagi Dayan 2015-06-11 22:46:18 +03:00
parent eace60fcac
commit 435bb5ef3d
4 changed files with 28 additions and 10 deletions

View file

@ -59,12 +59,21 @@ def confirm_user_to_campus(validation_token):
token = str(validation_token).split('|')[0] token = str(validation_token).split('|')[0]
email_sufix = '@'+str(validation_token).split('|')[1] email_sufix = '@'+str(validation_token).split('|')[1]
if is_user_token_valid(token): user = get_user_by_token(token)
return Response(status=200, response=json.dumps({'token': token, 'suffix': email_sufix}))
if user is None:
return forbidden('Forbidden: invalid Token')
else: else:
return Response(response=json.dumps({'message': 'Not A Valid Token!'}), campus = get_campus_by_suffix(email_sufix)
status=403, if campus is None:
mimetype="application/json") return bad_request('Bad Request: Email Suffix ' + email_sufix + ' Not Found')
user.isFirstLogin = False
user.seToken = str(uuid.uuid4())
if str(campus.key().id()) not in user.campuses_id_list:
user.campuses_id_list.append(str(campus.key().id()))
db.put(user)
return cookieMonster(user.seToken)
@app.route('/api/validation/sendmail/<string:token>', methods=['POST']) @app.route('/api/validation/sendmail/<string:token>', methods=['POST'])

View file

@ -3,13 +3,13 @@ __author__ = 'Aran'
from flask import Response from flask import Response
import json import json
def bad_request(): def bad_request(message='Bad Request'):
return Response(response=json.dumps({'message': 'Bad Request'}), return Response(response=json.dumps({'message': message}),
status=400, status=400,
mimetype="application/json") mimetype="application/json")
def forbidden(message={'message': 'Forbidden'}): def forbidden(message='Forbidden'):
return Response(response=json.dumps(message), return Response(response=json.dumps({'message': message}),
status=403, status=403,
mimetype="application/json") mimetype="application/json")

View file

@ -1,6 +1,7 @@
__author__ = 'sagi' __author__ = 'sagi'
from google.appengine.ext import db from google.appengine.ext import db
from models.User import User from models.User import User
from models.Campus import Campus
from google.appengine.api import mail from google.appengine.api import mail
@ -12,6 +13,14 @@ def get_user_by_token(token):
return u return u
return None return None
def get_campus_by_suffix(suffix):
query = Campus.all()
query.filter("email_ending = ", suffix)
for c in query.run(limit = 1):
return c
return None
def is_user_token_valid(token): def is_user_token_valid(token):
user = get_user_by_token(token) user = get_user_by_token(token)
if user is not None: if user is not None:

View file

@ -5,7 +5,7 @@ from google.appengine.ext import db
class User(db.Model): class User(db.Model):
username = db.StringProperty(required=True) username = db.StringProperty(required=True)
name = db.StringProperty(required=True) name = db.StringProperty(required=False)
email = db.StringProperty(required=True) email = db.StringProperty(required=True)
isLecturer = db.BooleanProperty(required=True) isLecturer = db.BooleanProperty(required=True)
accessToken = db.StringProperty(required=True) accessToken = db.StringProperty(required=True)