def put(self):
user = current_user()
args = user_parser_edit.parse_args()
allowed_fields = user_fields.keys()
for key in args.keys():
if key in allowed_fields:
if key == 'username' and args[key] and User.query.filter_by(
username=args.username).first():
return abort(400, message='Username already taken')
elif key == 'username' and args[key] and not valid_username(
args.username):
return abort(400, message='Username is not valid.')
if key == 'email' and args[key] and not valid_email(args[key]):
return abort(400, message='Wrong email supplied')
if args[key] or args[key] is not None:
setattr(user, key, args[key])
if (key == 'password' and args.password
and args.password_confirmation and args.current_password):
if args.password_confirmation != args.password:
return abort(400, message='Passwords don\'t match.')
elif not User.verify_hash(args.current_password,
user.password):
return abort(400,
message='The current password is incorrect')
user.password = User.generate_hash(args.password)
tokens = TokenBlacklist.query.filter_by(
user_identity=str(user.id)).all()
for token in tokens:
db.session.delete(token)
db.session.commit()
return marshal(user, user_fields)
def post(self):
args = answer_new_parser.parse_args()
question = CovidQuestion.query.filter_by(id=args.question).filter_by(
deleted_at=None).first()
if not question:
abort(400, message='Wrong question or it has been deleted')
db.session.add(
CovidAnswer(
answer=args.answer,
question=question,
user=current_user(),
))
db.session.commit()
return jsonify({'success': 1})
def register():
args = register_parser.parse_args()
if User.query.filter(User.username == args.username).count() != 0:
return abort(400, message={'username': '******'})
elif User.query.filter(User.email == args.email).count() != 0:
return abort(400, message={'email': 'Email already registered'})
elif valid_email(args.email) is False:
return abort(400, message={'email': 'This email is not valid'})
user = User(username=args.username,
full_name=args.name,
password=User.generate_hash(args.password),
email=args.email)
db.session.add(user)
db.session.commit()
return jsonify(marshal(user, user_fields))
def put(self):
args = password_recovery_parser.parse_args()
user = User.query.filter_by(recovery_code=args.recovery_code).first()
if not args.recovery_code or not user:
return abort(400, message='Recovery code not valid')
elif user and user.recovery_code_expiration < datetime.datetime.now():
return abort(400, message='Recovery code expired')
if not args.password or (args.password and
args.password != args.password_confirmation):
return abort(400, message='Passwords do not match')
user.password = User.generate_hash(args.password)
user.recovery_code = None
user.recovery_code_expiration = None
tokens = TokenBlacklist.query.filter_by(
user_identity=str(user.id)).all()
for token in tokens:
db.session.delete(token)
db.session.commit()
def login():
args = login_parser.parse_args()
user = User.query.filter_by(username=args.username).first()
if not user or not User.verify_hash(args.password, user.password):
return abort(400, message="Bad username or password")
access_token = create_access_token(identity=user.id)
refresh_token = create_refresh_token(identity=user.id)
return jsonify(user=marshal(user, user_fields),
access_token=access_token,
refresh_token=refresh_token), 200
def post(self):
args = password_recovery_parser.parse_args()
user = User.query.filter_by(email=args.email).first()
if not user:
return abort(400, message='This user does does not exist.')
user.recovery_code = uuid.uuid4().hex
user.recovery_code_expiration = (datetime.datetime.now() +
datetime.timedelta(hours=3))
db.session.commit()
with mail.connect() as conn:
# Send Email
msg = MailMessage("Cambiar contraseña",
sender=("mail", "*****@*****.**"))
msg.add_recipient(user.email)
msg.html = render_template("email/pass_recovery.html", user=user)
conn.send(msg)
return {'success': 1}
def get_bot_response():
text = request.args.get('message')
if not text:
return abort(400, message='Missing message parameter')
return jsonify({'response': str(chatbot.get_response(text))})