def create_user(self):
user = AccountUser(first_name=self.first_name,
last_name=self.last_name,
email=self.email,
phone=self.phone,
password=self.password,
is_active=self.is_active)
db.session.add(user)
user.save()
return user
def my_event(msg):
user = AccountUser.get_by_id(msg['data'])
session = AccountUserAuthenticated.get_by_user_id(user.id)
if session:
session.delete()
session.save()
else:
db.session.add((AccountUserAuthenticated(user.id, flask.request.sid)))
db.session.commit()
data = {'message': '{0} is online'.format(user.get_full_name()), 'status': 'connect', 'id': user.id}
socketio.emit('connection response', data, namespace='/notification')
app.logger.info('Connection established by {}'.format(msg['data']))
online_users_data = AccountUser.get_online_users()
socketio.emit('online users', online_users_data, namespace='/notification')
def get(self):
q = request.args.get('q')
page = request.args.get('page')
article_query, article_total = Quiz.search(q, 1, 5)
account_query, account_total = AccountUser.search(q, 1, 5)
articles = Quiz.get_all(page)
accounts = AccountUser.get_all(page)
if article_total:
results = utils.MergeDictList([articles, {"type": "quiz"}])
return jsonify(results)
if account_total:
results = utils.MergeDictList([accounts, {"type": "user"}])
return jsonify(dict_ctx=results)
results = {"count": 0, "results": []}
return jsonify(results)
def delete(self):
logged_in_user = AccountUser.get_current_user()
body = request.data
keys = ['id']
if not body:
validated = validator.field_validator(keys, {})
if not validated["success"]:
app.logger.warning(
'{logged_in_user} made request with invalid fields: \n {request_body}'
.format(logged_in_user=logged_in_user.name,
request_body=body))
return jsonify(validated['data']), 400
if request.is_json:
body = request.get_json()
validated = validator.field_validator(keys, body)
if not validated["success"]:
app.logger.warning(
'{logged_in_user} made request with invalid fields: \n {request_body}'
.format(logged_in_user=logged_in_user.name,
request_body=body))
return jsonify(validated['data']), 400
user = AccountUser.get_by_id(body['id'])
if user:
try:
user.delete()
user.save()
app.logger.debug(
"Successfully deleted user with id {}".format(
body['id']))
return jsonify(message="{} successfully deleted user".
format(logged_in_user.name)), 200
except Exception as e:
app.logger.exception(
'Exception occurred. Made by {}'.format(
logged_in_user.name))
return jsonify(
message='An error occurred. {}'.format(str(e))), 400
app.logger.warning(
'{} trying to delete user with id {} who does not exist'.
format(logged_in_user.name, body['id']))
return jsonify(message='User with id {} does not exist'.format(
body['id'])), 404
else:
app.logger.warning(
'{} submitted request with content type header not being application/json'
)
return jsonify(
message='Content-type header is not application/json'), 400
def delete(self):
body = request.data
keys = ['id']
if not body:
validated = validator.field_validator(keys, {})
if not validated["success"]:
app.logger.warning(
'{current_user} made request with invalid fields: \n {request_body}'
.format(current_user=current_user.get_full_name, request_body=body))
return jsonify(validated['data']), 400
if request.is_json:
body = request.get_json()
validated = validator.field_validator(keys, body)
if not validated["success"]:
app.logger.warning(
'{} made request with invalid fields: \n {}'.format(current_user.get_full_name, body))
return jsonify(validated['data']), 400
quiz = Quiz.get_by_id(body['id'])
current_user_roles = AccountUser.get_current_user_roles()
if 'TUTOR' in current_user_roles or 'LEARNER' in current_user_roles:
if quiz.creator_id != current_user.id:
return jsonify(message='You are not allowed to delete this quiz!'), 403
if quiz:
try:
quiz.delete()
quiz.save()
return jsonify(message='Successfully deleted!'), 200
except Exception as e:
app.logger.exception('Exception occurred')
return jsonify(message='An error occurred. {}'.format(str(e))), 400
app.logger.warning('{} trying to update quiz details with {} which does not exist'.
format(current_user.name, body['id']))
return jsonify(message='Quiz with id {} does not exist'.format(body['id'])), 404
def disconnect():
app.logger.info("Client disconnecting...")
session = AccountUserAuthenticated.get_by_session_id(flask.request.sid)
session.delete()
session.save()
online_users_data = AccountUser.get_online_users()
socketio.emit('online users', online_users_data, namespace='/notification')
app.logger.info("Socket sent a message to notification namespace")
def get(self):
logged_in_user = AccountUser.get_current_user()
page = request.args.get('page')
user_id = request.args.get('user_id')
email = request.args.get('email')
phone = request.args.get('phone')
if user_id:
account = AccountUser.get_by_id(user_id)
user = AccountUser.get_user(account)
if user:
if user:
return jsonify(user)
app.logger.warning(
'{} submitted {} user id which does not exist'.format(
logged_in_user.name, user_id))
return jsonify(message='{} does not exist'.format(user_id))
if email:
account = AccountUser.get_user_by_email(email)
user = AccountUser.get_user(account)
if user:
return jsonify(user)
app.logger.warning(
'{} submitted {} email which does not exist'.format(
logged_in_user.name, email))
return jsonify(message='{} does not exist'.format(email)), 404
if phone:
account = AccountUser.get_user_by_phone(phone)
user = AccountUser.get_user(account)
if user:
return jsonify(user)
app.logger.warning(
'{} submitted {} phone number which does not exist'.format(
logged_in_user.name, phone))
return jsonify(message='{} does not exist'.format(phone)), 404
users = AccountUser.get_all(int(page) if page else None)
results = []
for v in users.items:
del v._sa_instance_state
results.append(v.__dict__)
data = utils.response_dict(users, results, "/account/user/")
return jsonify(data)
def post(self):
if not request.is_json:
return jsonify({"msg": "Missing JSON in request"}), 400
email = request.json.get('email', None)
password = request.json.get('password', None)
if not email:
return jsonify({"msg": "Missing email parameter"}), 400
if not password:
return jsonify({"msg": "Missing password parameter"}), 400
user = AccountUser.get_user_by_email(email)
if user:
if utils.check_password_hash(user.password, password):
app.logger.info(
"Logged in user with the email {0}".format(email))
# Identity can be any data that is json serializable
access_token = create_access_token(identity=email,
expires_delta=False)
refresh_token = create_refresh_token(identity=email)
results = dict(
access_token=access_token,
refresh_token=refresh_token,
user=dict(id=user.id,
full_name="{} {}".format(user.first_name,
user.last_name),
email=user.email,
roles=[v.role.name for v in user.roles]))
return jsonify(results), 200
else:
app.logger.warning(
"User with the email {0} does not exist".format(email),
extra={'stack': True})
return jsonify({"msg": "Bad username or password"}), 401
else:
app.logger.warning(
"User with the email {0} does not exist".format(email),
extra={'stack': True})
return jsonify({"msg": "Bad username or password"}), 401
def post(self):
body = request.data
keys = [
'first_name', 'last_name', 'email', 'phone', 'password', 'role'
]
if not body:
validated = validator.field_validator(keys, {})
if not validated["success"]:
app.logger.warning(
'User made request with invalid fields: \n {}'.format(
body))
return jsonify(validated['data']), 400
if request.is_json:
body = request.get_json()
validated = validator.field_validator(keys, body)
if not validated["success"]:
app.logger.warning(
'User made request with invalid fields: \n {}'.format(
body))
return jsonify(jsonify=validated['data'])
first_name = body['first_name']
middle_name = body['middle_name'] if 'middle_name' in body else None
last_name = body['last_name']
email = body['email']
phone = body['phone']
password = utils.generate_password_hash(
body['password'], app.config.get('BCRYPT_LOG_ROUNDS'))
user_by_email = AccountUser.get_user_by_email(email=email)
if user_by_email:
message = 'User with the email {} exists'.format(email)
app.logger.warning(message)
return jsonify(message=message), 400
user_by_phone = AccountUser.get_user_by_phone(phone=phone)
if user_by_phone:
message = 'User with the phone {} exists'.format(phone)
app.logger.warning(message)
return jsonify(message=message), 400
role = AccountRole.get_by_name(body['role'])
if role == 'ADMIN' or role == 'SUPERUSER':
current_user_roles = AccountUser.get_current_user_roles()
if not 'ADMIN' in current_user_roles or not 'SUPERUSER' in current_user_roles:
return jsonify(
message='Forbidden to create user with the roles'), 403
try:
account_user = AccountUser(first_name=first_name,
middle_name=middle_name,
last_name=last_name,
email=email,
phone=phone,
password=password)
account_user = account_user.create(account_user)
account_user_role = AccountUserRole(user_id=account_user.id,
role_id=role.id)
account_user_role.create(account_user_role)
account_user_role.save()
app.logger.debug("Successfully saved new user with")
return jsonify(message="Successfully created!"), 201
except Exception as e:
Base.revert()
app.logger.exception('Exception occurred')
return jsonify(
message='An error occurred. {}'.format(str(e))), 400
else:
app.logger.warning(
'User submitted request with content type header not being application/json'
)
return jsonify(
message='Content-type header is not application/json'), 400
def put(self):
body = request.data
keys = ['id']
if not body:
validated = validator.field_validator(keys, {})
if not validated["success"]:
app.logger.warning(
'{logged_in_user} made request with invalid fields: \n {request_body}'
.format(logged_in_user=current_user.full_name,
request_body=body))
return jsonify(validated['data']), 400
if request.is_json:
body = request.get_json()
validated = validator.field_validator(keys, body)
if not validated["success"]:
app.logger.warning(
'{} made request with invalid fields: \n {}'.format(
current_user.full_name, body))
return jsonify(validated['data']), 400
account_user = AccountUser.get_by_id(body['id'])
if account_user:
first_name = body['first_name']
middle_name = body['middle_name']
last_name = body['last_name']
email = body['email']
phone = body['phone']
old_password = body['old_password']
new_password = body['new_password']
if old_password and new_password:
confirm_password = utils.check_password_hash(
account_user.password, old_password)
if not confirm_password:
app.logger.warning(
'{} submitted password which does not match existing password'
.format(current_user.full_name))
return jsonify(
message=
'Old password does not match existing password'
), 400
password = utils.generate_password_hash(
body['new_password'], app.config.get('BCRYPT_LOG_ROUNDS'))
user_by_email = AccountUser.get_user_with_unique(email=email)
if user_by_email:
message = 'User with the email {} exists'.format(email)
app.logger.warning(message)
return jsonify(message=message), 400
user_by_phone = AccountUser.get_user_with_unique(phone=phone)
if user_by_phone:
message = 'User with the phone {} exists'.format(phone)
app.logger.warning(message)
return jsonify(message=message), 400
try:
if account_user.id == current_user.id:
account_user.first_name = first_name if first_name else account_user.first_name
account_user.middle_name = middle_name if middle_name else account_user.middle_name
account_user.last_name = last_name if last_name else account_user.last_name
account_user.email = email if email else account_user.email
account_user.phone = phone if phone else account_user.phone
account_user.password = password if password else account_user.password
account_user.save()
user = {
"id": account_user.id,
"name": account_user.name,
"email": account_user.email
}
app.logger.debug(
"Successfully updated my user profile with the details: \n{}"
.format(body))
return jsonify({"user": user}), 201
except Exception as e:
app.logger.exception('Exception occurred')
return jsonify(
message='An error occurred. {}'.format(str(e))), 400
app.logger.warning(
'{} trying to update user details with {} who does not exist'.
format(current_user.first_name, body['id']))
return jsonify(message='User with id {} does not exist'.format(
body['id'])), 404
else:
app.logger.warning(
'User submitted request with content type header not being application/json'
)
return jsonify(
message='Content-type header is not application/json'), 400
def user_loader_callback(identity):
if not AccountUser.get_user_by_email(identity):
return None
return AccountUser.get_user_by_email(identity)
def handle_my_custom_event(data):
user = AccountUser.get_current_user()
emit('my response', {'message': '{0} has joined'.format(user.name)}, broadcast=True)
def get(self):
data = AccountUser.get_online_users()
if data:
return jsonify(data)
return jsonify({"count": 0, "results": []})