def post(self): user_parser = reqparse.RequestParser() user_parser.add_argument("email", type=str, required=True, help="This field cannot be blank.") user_parser.add_argument("password", type=str, required=True, help="This field cannot be blank.") data = user_parser.parse_args() logger.info(data) user = UserModel.find_by_email(data["email"]) logger.info(user) if user and user.check_password(password=data["password"]): access_token = create_access_token( identity=user.id, expires_delta=timedelta(days=365), fresh=True) refresh_token = create_refresh_token(identity=user.id) return { "message": "Login successful.", "access_token": access_token, "refresh_token": refresh_token, "user": user.json() }, constant.CODE_OK return {"message": "Invalid credentials!"}, constant.CODE_UNAUTHORIZED
def update_data_to_db(self, first_name, last_name, email, username): logger.info("START UPDATE TO DB") self.first_name = first_name self.last_name = last_name self.email = email self.username = username db.session.commit() logger.info("END UPDATE TO DB")
def delete(cls): user = UserModel.find_by_id(get_jwt_identity()) logger.info(user) if not user: return {"message": "User not found."}, constant.CODE_NOT_FOUND user.delete_from_db() jti = get_raw_jwt()["jti"] BLACKLIST.add(jti) return {"message": "User deleted successfully."}, constant.CODE_OK
def post(self): user_parser = reqparse.RequestParser() user_parser.add_argument("first_name", type=str, required=True, help="This field cannot be blank.") user_parser.add_argument("last_name", type=str, required=True, help="This field cannot be blank.") user_parser.add_argument("email", type=str, required=True, help="This field cannot be blank.") user_parser.add_argument("username", type=str, required=True, help="This field cannot be blank.") user_parser.add_argument("password", type=str, required=True, help="This field cannot be blank.") user_parser.add_argument("password_confirmation", type=str, required=True, help="This field cannot be blank.") data = user_parser.parse_args() logger.info(data) if UserModel.find_by_email(data["email"]): return { "message": "Email is already used." }, constant.CODE_BAD_REQUEST if UserModel.find_by_username(data["username"]): return { "message": "Username already exists." }, constant.CODE_BAD_REQUEST if data["password"] != data["password_confirmation"]: return { "message": "Password does not match with Password Confirmation." }, constant.CODE_BAD_REQUEST data.pop("password_confirmation") user = UserModel(**data) user.save_to_db() logger.info(user) return {"message": "Registration successful."}, constant.CODE_CREATED
def put(cls): user_parser = reqparse.RequestParser() user_parser.add_argument("id", type=int, required=True, help="This field cannot be blank.") user_parser.add_argument("first_name", type=str, required=True, help="This field cannot be blank.") user_parser.add_argument("last_name", type=str, required=True, help="This field cannot be blank.") user_parser.add_argument("email", type=str, required=True, help="This field cannot be blank.") user_parser.add_argument("username", type=str, required=True, help="This field cannot be blank.") data = user_parser.parse_args() logger.info(data) user = UserModel.find_by_id(get_jwt_identity()) logger.info(user) if not user: return {"message": "User not found."}, constant.CODE_NOT_FOUND if data["id"] != get_jwt_identity(): return {"message": "Not authorized."}, constant.CODE_UNAUTHORIZED if data["email"] != user.email and UserModel.find_by_email( data["email"]): return { "message": "Email is already used." }, constant.CODE_BAD_REQUEST if data["username"] != user.username and UserModel.find_by_username( data["username"]): return { "message": "Username already exists." }, constant.CODE_BAD_REQUEST data.pop("id") user.update_data_to_db(**data) return {"message": "User updated successfully."}, constant.CODE_OK
def put(cls): user_parser = reqparse.RequestParser() user_parser.add_argument("id", type=int, required=True, help="This field cannot be blank.") user_parser.add_argument("current_password", type=str, required=True, help="This field cannot be blank.") user_parser.add_argument("new_password", type=str, required=True, help="This field cannot be blank.") user_parser.add_argument("new_password_confirmation", type=str, required=True, help="This field cannot be blank.") data = user_parser.parse_args() logger.info(data) user = UserModel.find_by_id(get_jwt_identity()) logger.info(user) if not user: return {"message": "User not found."}, constant.CODE_NOT_FOUND if data["id"] != get_jwt_identity(): return {"message": "Not authorized."}, constant.CODE_UNAUTHORIZED if not user.check_password(password=data["current_password"]): return {"message": "Wrong password."}, constant.CODE_UNAUTHORIZED if user.check_password(password=data["new_password"]): return { "message": "New password cannot be same with current password." }, constant.CODE_BAD_REQUEST if data["new_password"] != data["new_password_confirmation"]: return { "message": "New Password does not match with New Password Confirmation." }, constant.CODE_BAD_REQUEST user.update_password_to_db(data["new_password"]) return {"message": "Password updated successfully."}, constant.CODE_OK
def get(cls): user = UserModel.find_by_id(get_jwt_identity()) logger.info(user) if not user: return {"message": "User not found."}, constant.CODE_NOT_FOUND return user.json(), constant.CODE_OK
def find_by_id(cls, _id): logger.info("START GET DATA FROM DB") user = cls.query.filter_by(id=_id, is_delete=False).first() logger.info("END GET DATA FROM DB") return user
def find_by_email(cls, email): logger.info("START GET DATA FROM DB") user = cls.query.filter_by(email=email, is_delete=False).first() logger.info("END GET DATA FROM DB") return user
def find_by_username(cls, username): logger.info("START GET DATA FROM DB") user = cls.query.filter_by(username=username, is_delete=False).first() logger.info("END GET DATA FROM DB") return user
def update_password_to_db(self, password): logger.info("START UPDATE TO DB") self.password = generate_password_hash(password) db.session.commit() logger.info("END UPDATE TO DB")
def delete_from_db(self): logger.info("START DELETE FROM DB") self.is_delete = True db.session.commit() logger.info("END DELETE FROM DB")
def save_to_db(self): logger.info("START SAVE TO DB") db.session.add(self) db.session.commit() logger.info("END SAVE TO DB")
def after_request(response): if 200 <= response.status_code <= 299: logger.info(response.data.strip()) else: logger.error(response.data.strip()) return response