def put(self): user = current_user() args = user_parser_edit.parse_args() allowed_fields = user_fields.keys() for key in args.keys(): if key in allowed_fields: if key == 'username' and args[key] and User.query.filter_by( username=args.username).first(): return abort(400, message='Username already taken') elif key == 'username' and args[key] and not valid_username( args.username): return abort(400, message='Username is not valid.') if key == 'email' and args[key] and not valid_email(args[key]): return abort(400, message='Wrong email supplied') if args[key] or args[key] is not None: setattr(user, key, args[key]) if (key == 'password' and args.password and args.password_confirmation and args.current_password): if args.password_confirmation != args.password: return abort(400, message='Passwords don\'t match.') elif not User.verify_hash(args.current_password, user.password): return abort(400, message='The current password is incorrect') user.password = User.generate_hash(args.password) tokens = TokenBlacklist.query.filter_by( user_identity=str(user.id)).all() for token in tokens: db.session.delete(token) db.session.commit() return marshal(user, user_fields)
def post(self): args = answer_new_parser.parse_args() question = CovidQuestion.query.filter_by(id=args.question).filter_by( deleted_at=None).first() if not question: abort(400, message='Wrong question or it has been deleted') db.session.add( CovidAnswer( answer=args.answer, question=question, user=current_user(), )) db.session.commit() return jsonify({'success': 1})
def register(): args = register_parser.parse_args() if User.query.filter(User.username == args.username).count() != 0: return abort(400, message={'username': '******'}) elif User.query.filter(User.email == args.email).count() != 0: return abort(400, message={'email': 'Email already registered'}) elif valid_email(args.email) is False: return abort(400, message={'email': 'This email is not valid'}) user = User(username=args.username, full_name=args.name, password=User.generate_hash(args.password), email=args.email) db.session.add(user) db.session.commit() return jsonify(marshal(user, user_fields))
def put(self): args = password_recovery_parser.parse_args() user = User.query.filter_by(recovery_code=args.recovery_code).first() if not args.recovery_code or not user: return abort(400, message='Recovery code not valid') elif user and user.recovery_code_expiration < datetime.datetime.now(): return abort(400, message='Recovery code expired') if not args.password or (args.password and args.password != args.password_confirmation): return abort(400, message='Passwords do not match') user.password = User.generate_hash(args.password) user.recovery_code = None user.recovery_code_expiration = None tokens = TokenBlacklist.query.filter_by( user_identity=str(user.id)).all() for token in tokens: db.session.delete(token) db.session.commit()
def login(): args = login_parser.parse_args() user = User.query.filter_by(username=args.username).first() if not user or not User.verify_hash(args.password, user.password): return abort(400, message="Bad username or password") access_token = create_access_token(identity=user.id) refresh_token = create_refresh_token(identity=user.id) return jsonify(user=marshal(user, user_fields), access_token=access_token, refresh_token=refresh_token), 200
def post(self): args = password_recovery_parser.parse_args() user = User.query.filter_by(email=args.email).first() if not user: return abort(400, message='This user does does not exist.') user.recovery_code = uuid.uuid4().hex user.recovery_code_expiration = (datetime.datetime.now() + datetime.timedelta(hours=3)) db.session.commit() with mail.connect() as conn: # Send Email msg = MailMessage("Cambiar contraseña", sender=("mail", "*****@*****.**")) msg.add_recipient(user.email) msg.html = render_template("email/pass_recovery.html", user=user) conn.send(msg) return {'success': 1}
def get_bot_response(): text = request.args.get('message') if not text: return abort(400, message='Missing message parameter') return jsonify({'response': str(chatbot.get_response(text))})