Beispiel #1
0
 def put(self):
     user = current_user()
     args = user_parser_edit.parse_args()
     allowed_fields = user_fields.keys()
     for key in args.keys():
         if key in allowed_fields:
             if key == 'username' and args[key] and User.query.filter_by(
                     username=args.username).first():
                 return abort(400, message='Username already taken')
             elif key == 'username' and args[key] and not valid_username(
                     args.username):
                 return abort(400, message='Username is not valid.')
             if key == 'email' and args[key] and not valid_email(args[key]):
                 return abort(400, message='Wrong email supplied')
             if args[key] or args[key] is not None:
                 setattr(user, key, args[key])
         if (key == 'password' and args.password
                 and args.password_confirmation and args.current_password):
             if args.password_confirmation != args.password:
                 return abort(400, message='Passwords don\'t match.')
             elif not User.verify_hash(args.current_password,
                                       user.password):
                 return abort(400,
                              message='The current password is incorrect')
             user.password = User.generate_hash(args.password)
             tokens = TokenBlacklist.query.filter_by(
                 user_identity=str(user.id)).all()
             for token in tokens:
                 db.session.delete(token)
     db.session.commit()
     return marshal(user, user_fields)
Beispiel #2
0
 def post(self):
     args = answer_new_parser.parse_args()
     question = CovidQuestion.query.filter_by(id=args.question).filter_by(
         deleted_at=None).first()
     if not question:
         abort(400, message='Wrong question or it has been deleted')
     db.session.add(
         CovidAnswer(
             answer=args.answer,
             question=question,
             user=current_user(),
         ))
     db.session.commit()
     return jsonify({'success': 1})
Beispiel #3
0
def register():
    args = register_parser.parse_args()
    if User.query.filter(User.username == args.username).count() != 0:
        return abort(400, message={'username': '******'})
    elif User.query.filter(User.email == args.email).count() != 0:
        return abort(400, message={'email': 'Email already registered'})
    elif valid_email(args.email) is False:
        return abort(400, message={'email': 'This email is not valid'})

    user = User(username=args.username,
                full_name=args.name,
                password=User.generate_hash(args.password),
                email=args.email)
    db.session.add(user)
    db.session.commit()
    return jsonify(marshal(user, user_fields))
Beispiel #4
0
 def put(self):
     args = password_recovery_parser.parse_args()
     user = User.query.filter_by(recovery_code=args.recovery_code).first()
     if not args.recovery_code or not user:
         return abort(400, message='Recovery code not valid')
     elif user and user.recovery_code_expiration < datetime.datetime.now():
         return abort(400, message='Recovery code expired')
     if not args.password or (args.password and
                              args.password != args.password_confirmation):
         return abort(400, message='Passwords do not match')
     user.password = User.generate_hash(args.password)
     user.recovery_code = None
     user.recovery_code_expiration = None
     tokens = TokenBlacklist.query.filter_by(
         user_identity=str(user.id)).all()
     for token in tokens:
         db.session.delete(token)
     db.session.commit()
Beispiel #5
0
def login():
    args = login_parser.parse_args()
    user = User.query.filter_by(username=args.username).first()
    if not user or not User.verify_hash(args.password, user.password):
        return abort(400, message="Bad username or password")

    access_token = create_access_token(identity=user.id)
    refresh_token = create_refresh_token(identity=user.id)
    return jsonify(user=marshal(user, user_fields),
                   access_token=access_token,
                   refresh_token=refresh_token), 200
Beispiel #6
0
 def post(self):
     args = password_recovery_parser.parse_args()
     user = User.query.filter_by(email=args.email).first()
     if not user:
         return abort(400, message='This user does does not exist.')
     user.recovery_code = uuid.uuid4().hex
     user.recovery_code_expiration = (datetime.datetime.now() +
                                      datetime.timedelta(hours=3))
     db.session.commit()
     with mail.connect() as conn:
         # Send Email
         msg = MailMessage("Cambiar contraseña",
                           sender=("mail", "*****@*****.**"))
         msg.add_recipient(user.email)
         msg.html = render_template("email/pass_recovery.html", user=user)
         conn.send(msg)
     return {'success': 1}
Beispiel #7
0
def get_bot_response():
    text = request.args.get('message')
    if not text:
        return abort(400, message='Missing message parameter')
    return jsonify({'response': str(chatbot.get_response(text))})