def put(cls): data = image_schema.load(request.files) filename = f"user_{get_jwt_identity()}" folder = "avatars" avatar_path = image_helper.find_image_any_format(filename, folder) if avatar_path: try: os.remove(avatar_path) except Exception: traceback.print_exc() return {"message": gettext("avatar_delete_failed")}, 500 try: ext = image_helper.get_extension(data["image"].filename) avatar = filename + ext avatar_path = image_helper.save_image(data["image"], folder=folder, name=avatar) basename = image_helper.get_basename(avatar_path) return { "message": gettext("avatar_uploaded").format(basename) }, 200 except UploadNotAllowed: extension = image_helper.get_extension(data["image"]) return ( { "message": gettext("image_illegal_extension").format(extension) }, 400, )
def get(cls, filename: str): user_id = get_jwt_identity() folder = f"user_{user_id}" if not image_helper.is_filename_safe(filename): return { "message": gettext("image_illegal_filename").format(filename) }, 400 try: return send_file(image_helper.get_path(filename, folder=folder)) except FileNotFoundError: return { "message": gettext("image_not_found").format(filename) }, 404
def post(cls, name: str): if ItemModel.find_by_name(name): return {"message": gettext("item_name_exists").format(name)}, 400 item_dict = request.get_json() item_dict["name"] = name item = item_schema.load(item_dict) try: item.save_to_db() except Exception: return {"message": gettext("item_error_inserting")}, 500 return item_schema.dump(item), 201
def get(cls, user_id: int): folder = "avatars" filename = f"user_{user_id}" avatar = image_helper.find_image_any_format(filename, folder) if avatar: return send_file(avatar) return {"message": gettext("avatar_not_found")}, 404
def post(cls): data = image_schema.load(request.files) user_id = get_jwt_identity() folder = f"user_{user_id}" try: image_path = image_helper.save_image(data["image"], folder=folder) basename = image_helper.get_basename(image_path) return {"message": gettext("image_uploaded").format(basename)}, 201 except UploadNotAllowed: extension = image_helper.get_extension(data["image"]) return ( { "message": gettext("image_illegal_extension").format(extension) }, 400, )
def delete(cls, filename: str): user_id = get_jwt_identity() folder = f"user_{user_id}" if not image_helper.is_filename_safe(filename): return { "message": gettext("image_illegal_filename").format(filename) }, 400 try: os.remove(image_helper.get_path(filename, folder=folder)) return {"message": gettext("image_deleted").format(filename)}, 200 except FileNotFoundError: return { "message": gettext("image_not_found").format(filename) }, 404 except Exception: traceback.print_exc() return {"message": gettext("image_delete_failed")}, 500
def get(cls, confirmation_id: str): confirmation = ConfirmationModel.find_by_id(confirmation_id) if not confirmation: return {"message": gettext("confirmation_not_found")}, 404 if confirmation.expired: return {"message": gettext("confirmation_link_expired")}, 400 if confirmation.confirmed: return {"message": gettext("confirmation_already_confirmed")}, 400 confirmation.confirmed = True confirmation.save_to_db() headers = {"Content-Type": "text/html"} return make_response( render_template("confirmation_page.html", email=confirmation.user.email), 200, headers, )
def post(cls): user_data = user_schema.load(request.get_json(), partial=("email", )) user = UserModel.find_by_username(user_data.username) if user and safe_str_cmp(user.password, user_data.password): confirmation = user.most_recent_confirmation if confirmation and confirmation.confirmed: access_token = create_access_token(identity=user.id, fresh=True) refresh_token = create_refresh_token(user.id) return ( { "access_token": access_token, "refresh_token": refresh_token }, 200, ) return { "message": gettext("user_not_confirmed").format(user.username) }, 400 return {"message": gettext("user_invalid_credentials")}, 401
def post(cls, user_id: int): user = UserModel.find_by_id(user_id) if not user: return {"message": gettext("user_not_found")}, 404 try: confirmation = user.most_recent_confirmation if confirmation: if confirmation.confirmed: return { "message": gettext("confirmation_already_confirmed") }, 400 confirmation.force_to_expire() new_confirmation = ConfirmationModel(user_id) new_confirmation.save_to_db() # user.send_confirmation_email() return {"message": gettext("confirmation_resend_successful")} except MailGunException as e: return {"message": str(e)}, 500 except Exception: traceback.print_exc() return {"message": gettext("confirmation_resend_fail")}
def post(cls): user = user_schema.load(request.get_json()) if UserModel.find_by_username(user.username): return {"message": gettext("user_username_exists")}, 400 if UserModel.find_by_email(user.email): return {"message": gettext("user_email_exists")}, 400 try: user.save_to_db() confirmation = ConfirmationModel(user.id) confirmation.save_to_db() # user.send_confirmation_email() return {"message": gettext("user_registered")}, 201 except MailGunException as e: user.delete_from_db() return {"message": str(e)}, 500 except Exception: traceback.print_exc() user.delete_from_db() return {"message": gettext("user_error_creating")}, 500
def get(cls, user_id: int): user = UserModel.find_by_id(user_id) if not user: return {"message": gettext("user_not_found")}, 404 return ( { "current_time": int(time()), "confirmation": [ confirmation_schema.dump(c) for c in user.confirmation.order_by(ConfirmationModel.expire_at) ], }, 200, )
def delete(cls, name: str): item = ItemModel.find_by_name(name) if item: item.delete_from_db() return {"message": gettext("item_deleted")}, 200 return {"message": gettext("item_not_found")}, 404
def get(cls, name: str): item = ItemModel.find_by_name(name) if item: return item_schema.dump(item), 200 return {"message": gettext("item_not_found")}, 404
def post(cls): jti = get_raw_jwt()["jti"] user_id = get_jwt_identity() BLACKLIST.add(jti) return {"message": gettext("user_logged_out").format(user_id)}, 200
def delete(cls, user_id: int): user = UserModel.find_by_id(user_id) if not user: return {"message": gettext("user_not_found")}, 404 user.delete_from_db() return {"message": gettext("user_deleted")}, 200
def get(cls, user_id: int): user = UserModel.find_by_id(user_id) if not user: return {"message": gettext("user_not_found")}, 404 return user_schema.dump(user), 200