diff options
| author | lonkaars <l.leblansch@gmail.com> | 2021-04-15 15:14:44 +0200 |
|---|---|---|
| committer | lonkaars <l.leblansch@gmail.com> | 2021-04-15 15:14:44 +0200 |
| commit | cc53f217f6122151bcae131a42da8f8887f8560d (patch) | |
| tree | 2d09b9fd3758cecc00626c8aac31510dee7a37af /api/user | |
| parent | c5f71bc38772dedb033258416e0cd722f7b9e7af (diff) | |
new valid and util module, more function decorators
Diffstat (limited to 'api/user')
| -rw-r--r-- | api/user/avatar.py | 4 | ||||
| -rw-r--r-- | api/user/info.py | 47 |
2 files changed, 8 insertions, 43 deletions
diff --git a/api/user/avatar.py b/api/user/avatar.py index b034c3e..eebe52b 100644 --- a/api/user/avatar.py +++ b/api/user/avatar.py @@ -1,10 +1,10 @@ from flask import Blueprint, request, Response from db import cursor from auth.login_token import token_login -from user.info import valid_user_id from hierarchy import auth_required from os.path import exists from codecs import decode +import valid default_avatar = open("database/avatars/default.png", "rb").read() @@ -18,7 +18,7 @@ def get_avatar(): user_id = request.args.get("id") or login if not user_id: return "", 400 - if not valid_user_id(user_id): return "", 403 + if not valid.user_id(user_id): return "", 403 avatar_path = f"database/avatars/{user_id}.png" avatar = "" diff --git a/api/user/info.py b/api/user/info.py index ee20814..3711371 100644 --- a/api/user/info.py +++ b/api/user/info.py @@ -1,23 +1,15 @@ from flask import Blueprint, request from db import cursor -from auth.login_token import token_login from rating import get_rating +from hierarchy import one_person import json -# check if user_id exists in database -def valid_user_id(user_id): - query = cursor.execute( - "select user_id from users where user_id = ?", [user_id] - ).fetchone() - return bool(query) - - # get relation to user_2_id from user_1_id's perspective def get_relation_to(user_1_id, user_2_id): relation = cursor.execute("select * from social where " + \ - "(user_1_id = ? and user_2_id = ?) or " + \ - "(user_1_id = ? and user_2_id = ?)", [user_1_id, user_2_id, user_2_id, user_1_id]).fetchone() + "(user_1_id = ? and user_2_id = ?) or " + \ + "(user_1_id = ? and user_2_id = ?)", [user_1_id, user_2_id, user_2_id, user_1_id]).fetchone() if not relation: return "none" if relation[2] == "friendship": return "friends" if relation[2] == "outgoing" and relation[0] == user_1_id: @@ -60,9 +52,7 @@ def format_user(user_id, viewer=''): "rating": get_rating(user_id), #TODO: calculate rating based on game analysis } - if viewer: - #FIXME: validate viewer id? - formatted_user["relation"] = get_relation_to(viewer, user_id) + if viewer: formatted_user["relation"] = get_relation_to(viewer, user_id) return formatted_user @@ -72,34 +62,9 @@ info = Blueprint('info', __name__) # view own user/info if no user_id or username is provided and is logged in, # else view user/info of user with user_id = `user_id` or username = `username` @info.route('/info', methods=['GET', 'POST']) -def index(): - data_string = request.data or "{}" - data = json.loads(data_string) - - username = data.get("username") or "" - user_id = data.get("id") or "" - token = request.cookies.get("token") or "" - viewer = "" - - if all(not v for v in [username, user_id, token]): - return "", 400 - - if username: - temp_user_id = cursor.execute( - "select user_id from users where username = ?", [username] - ).fetchone() - if len(temp_user_id) > 0: user_id = temp_user_id - - if token: - self_id = token_login(token) - if not (username or user_id): - user_id = self_id - if user_id: - viewer = self_id - - if user_id and not valid_user_id(user_id): return "", 403 +@one_person +def index(user_id, viewer): user = format_user(user_id, viewer) - return user, 200 |