class UpdateUserSchema(ma.Schema, PublisherChecks): name = fields.Str(validate=validate.Length(min=1, max=100), missing=None) email = fields.Str(validate=validate.Email(), missing=None) role = fields.Str(validate=validate.OneOf([r[0] for r in ROLES]), missing=None) publisher_id = fields.Integer(missing=None) @validates_schema def check_all(self, data, **_): # noqa if not any([v for v in data.values()]): raise ValidationError('All fields are empty')
class RegisterAPI(MethodView): @use_kwargs({'email': fields.Str(required=True, validate=validate.Email(error='邮件格式错误'))}, locations=('form',)) @use_kwargs(account_args, locations=('form',)) def post(self, email, username, password): user = User.query.filter_by(email=email).first() if user is not None: return response(code=1, message=f'邮箱 {user.email} 已存在') user = User.query.filter_by(username=username).first() if user is not None: return response(code=1, message=f'用户名 {user.username} 已存在') user = User(username=username, email=email) user.set_password(password) db.session.add(user) db.session.commit() return response(message='注册成功')
class RoleUserListResource(TokenRequiredResource): get_args = { "name": fields.String(allow_none=True, validate=lambda x: 0 <= len(x) <= 255), "email": fields.Email(allow_none=True, validate=validate.Email()), "location": fields.String(allow_none=True, validate=lambda x: 0 <= len(x) <= 255), "confirmed": fields.Boolean(), "created_at": fields.DateTime(allow_none=True, format="iso8601"), } @admin_required @use_args(get_args) def get(self, query_args, id): filters = [User.role_id == id] if "name" in query_args: filters.append( User.name.like("%{filter}%".format(filter=query_args["name"]))) if "email" in query_args: filters.append( User.email.like( "%{filter}%".format(filter=query_args["email"]))) if "location" in query_args: filters.append( User.location.like( "%{filter}%".format(filter=query_args["location"]))) if "confirmed" in query_args: filters.append(User.confirmed == query_args["confirmed"]) if "created_at" in query_args: filters.append(User.created_at == query_args["created_at"]) pagination_helper = PaginationHelper( request, query=User.query.filter(*filters), resource_for_url="api.role_users", key_name="results", schema=user_schema, url_parameters={"id": id}, ) result = pagination_helper.paginate_query() return result
def post(self): input_args = { "email": fields.Str(required=True, validate=validate.Email()), "title": fields.Str(required=True) } args = parser.parse(input_args, request) user = User.query.filter_by(email=args["email"]).first_or_404() book = Book.query.filter_by(title=args["title"]).first_or_404() request_exists = db.session.query( db.session.query(BookRequest).filter( BookRequest.book == book and BookRequest.deleted_at is None ).exists()).scalar() if not request_exists: # Book is available new_request = BookRequest( book=book, user=user ) db.session.add(new_request) db.session.commit() return jsonify( { "id": book.id, "available": True, "title": book.title, "timestamp": new_request.created_at.strftime('%Y-%m-%dT%H:%M:%S.%f'), } ), 201 else: # Book is not available return jsonify( { "id": book.id, "available": False, "title": book.title, "timestamp": datetime.now().strftime('%Y-%m-%dT%H:%M:%S.%f'), } ), 400
from webargs import fields, validate robot_put_args = { "robot_id": fields.Str(required=True, location="view_args"), "name": fields.Str(required=True, ), "description": fields.Str(required=True, ), "type": fields.Int(required=True, ) } robot_post_args = { "name": fields.Str(required=True, ), "description": fields.Str(required=True, ), "type": fields.Int(required=True, ) } register_args = { "name": fields.Str(required=True, validate=validate.Length(min=4)), "email": fields.Str(required=True, validate=validate.Email()), "password": fields.Str(required=True, validate=lambda p: len(p) >= 6), "college": fields.Int(required=True) } login_args = { "email": fields.Str(required=True, validate=validate.Length(min=4)), "password": fields.Str(required=True, validate=lambda p: len(p) >= 6), } forget_args = { "email": fields.Str(required=True, validate=validate.Email()), } data_args = { "robot_id": fields.Str(required=True), "position_x": fields.Str(required=True),
from server.token import generate_confirmation_token, confirm_token from flask_jwt_extended import ( create_access_token, get_jti, get_jwt_identity, jwt_required, get_raw_jwt, ) from server.helpers.blacklist_tokens import BlacklistTokens bp = Blueprint("auth", __name__, url_prefix="/api") @bp.route("/session/auth", methods=["POST"]) @use_kwargs({ "email": fields.Str(required=True, validate=validate.Email()), "password": fields.Str(required=True), }) def login(**payload): db_user = User.auth(email=payload["email"], password=payload["password"]) if not db_user or not db_user.confirmed: return ( jsonify({ "message": "Invalid credentials", "authenticated": False, "confirmed": False, }), 401, )
fields.Int(required=True, validate=[validate.Range(min=1000, max=9999)]), "leading_digits": fields.Int(required=False, validate=[validate.Range(min=1000, max=9999)]), "card_type": fields.Str(required=False), "end_date": fields.DateTime(required=False, format='%m.%Y'), "start_date": fields.DateTime(required=False, format='%m.%Y') } put_args = { "first_name": fields.Str(required=True), "email": fields.Email(required=True, validate=validate.Email()), "trailing_digits": fields.Int(required=True, validate=[validate.Range(min=1000, max=9999)]), "leading_digits": fields.Int(required=False, validate=[validate.Range(min=1000, max=9999)]), "card_type": fields.Str(required=False), "end_date": fields.DateTime(required=False, format='%m.%Y'), "start_date": fields.DateTime(required=False, format='%m.%Y') } class Customer(Resource): @use_kwargs(get_args)
from webargs import fields, validate from flask import make_response, jsonify from functools import wraps from .models import User blogs_args = { #required arguments and their validations 'title': fields.Str(required=True, validate=validate.Length(3)), 'blog': fields.Str(required=True, validate=validate.Length(3)) } blogs_id_arg = {'id': fields.Int()} user_args = { 'username': fields.Str(required=True, validate=validate.Length(5)), 'email': fields.Str(required=True, validate=validate.Email()), 'password': fields.Str(required=True, validate=validate.Length(7)) } login_args = { 'email': fields.Str(required=True, validate=validate.Email()), 'password': fields.Str(required=True, validate=validate.Length(7)) } email_args = { 'email': fields.Str(required=True, validate=validate.Email()), } reset_password = { 'username': fields.Str(required=True, validate=validate.Length(5)), 'email': fields.Str(required=True, validate=validate.Email()), 'password': fields.Str(required=True, validate=validate.Length(7)), 'retyped_password': fields.Str(required=True, validate=validate.Length(7)) }
:param password: Input password """ # Validation rules xp = re.compile(r'^(?=.*?\d)(?=.*?[A-Z])(?=.*?[a-z])[\S]{6,}$') # Match password if not xp.match(password): raise ValidationError('Enter a combination of at least 6 numbers,' '(upper and lowercase) letters.') # Reusable args user_email_arg = fields.String(validate=[ validate.Email(), validate.Length(max=255), validate_user_email_exist ], required=True) user_password_arg = fields.String( validate=[validate.Length(max=255), validate_strong_password], required=True) user_secret_code_arg = fields.String(validate=[validate.Length(min=6)], required=True) user_name_arg = fields.String(validate=[validate.Length(max=55)], required=True) # User create args
class LoginUserSchema(ma.Schema): email = fields.Str(validate=validate.Email(), required=True) password = fields.Str(validate=validate.Length(max=100), required=True)
class AddUserSchema(ma.Schema, PublisherChecks): name = fields.Str(validate=validate.Length(min=1, max=100), required=True) email = fields.Str(validate=validate.Email(), required=True) password = fields.Str(validate=validate.Length(min=6, max=100), required=True) role = fields.Str(validate=validate.OneOf([r[0] for r in ROLES]), missing=ROLE_USER) publisher_id = fields.Integer(missing=None)
class UserListResource(TokenRequiredResource): get_args = { "search": fields.String(allow_none=True, validate=lambda x: 0 <= len(x) <= 255), "sort": fields.String(allow_none=True, validate=lambda x: 0 <= len(x) <= 255), "name": fields.String(allow_none=True, validate=lambda x: 0 <= len(x) <= 255), "email": fields.Email(allow_none=True, validate=validate.Email()), "location": fields.String(allow_none=True, validate=lambda x: 0 <= len(x) <= 255), "confirmed": fields.Boolean(allow_none=True), "role_id": fields.Integer(allow_none=True, validate=lambda x: x > 0), "created_at": fields.DateTime(allow_none=True, format="iso8601"), } @staff_required @use_args(get_args) def get(self, query_args): query = User.query # Apply filters filters = [] if "search" in query_args and query_args["search"]: filters.append( or_( User.name.like("%{filter}%".format(filter=query_args["search"])), User.email.like("%{filter}%".format(filter=query_args["search"])), ) ) if "name" in query_args and query_args["name"]: filters.append(User.name.like("%{filter}%".format(filter=query_args["name"]))) if "email" in query_args and query_args["email"]: filters.append(User.email.like("%{filter}%".format(filter=query_args["email"]))) if "location" in query_args and query_args["location"]: filters.append(User.location.like("%{filter}%".format(filter=query_args["location"]))) if "confirmed" in query_args: filters.append(User.confirmed == query_args["confirmed"]) if "role_id" in query_args and query_args["role_id"]: filters.append(User.role_id == query_args["role_id"]) if "created_at" in query_args and query_args["created_at"]: filters.append(User.created_at == query_args["created_at"]) if filters: query = query.filter(*filters) # Apply sorting order_by = User.id if "sort" in query_args and query_args["sort"]: column, direction = PaginationHelper.decode_sort(query_args["sort"]) if column == "role.name": query = query.join(Role, User.role) order_by = Role.name elif column in set(User.__table__.columns.keys()): order_by = getattr(User, column) order_by = collate(order_by, "NOCASE") if direction == PaginationHelper.SORT_DESCENDING: order_by = desc(order_by) query = query.order_by(order_by) pagination_helper = PaginationHelper( request, query=query, resource_for_url="api.users", key_name="results", schema=user_schema, query_args=query_args, ) result = pagination_helper.paginate_query() return result @staff_required def post(self): request_dict = request.get_json() if not request_dict: resp = {"message": "No input data provided"} return resp, status.HTTP_400_BAD_REQUEST errors = user_schema.validate(request_dict) if errors: return errors, status.HTTP_400_BAD_REQUEST user_email = request_dict["email"] if not User.is_unique(id=0, email=user_email): response = {"message": "A user with the same e-mail address already exists"} return response, status.HTTP_409_CONFLICT try: user = User( name=request_dict["name"], email=request_dict["email"], password=request_dict["password"], confirmed=request_dict["confirmed"] if "confirmed" in request_dict else False, location=request_dict["location"] if "location" in request_dict else "", about_me=request_dict["about_me"] if "about_me" in request_dict else "", ) user.add(user) query = User.query.get(user.id) result = user_schema.dump(query).data return result, status.HTTP_201_CREATED except SQLAlchemyError as e: db.session.rollback() resp = {"message": str(e)} return resp, status.HTTP_400_BAD_REQUEST @staff_required def delete(self): """ Bulk delete """ request_dict = request.get_json() if not request_dict: response = {"message": "No input data provided"} return response, status.HTTP_400_BAD_REQUEST if "ids" in request_dict and (isinstance(request_dict["ids"], List) or isinstance(request_dict["ids"], Tuple)): ids = list(map(int, request_dict["ids"])) try: for id_ in ids: user = User.query.get(id_) if user: db.session.delete(user) db.session.commit() return {}, status.HTTP_204_NO_CONTENT except SQLAlchemyError as e: db.session.rollback() resp = {"message": str(e)} return resp, status.HTTP_400_BAD_REQUEST
class UserAPI(MethodView): # class constant for web field validation WEBARGS = { "username": fields.Str(required=True), "email": fields.Str(required=True, validate=validate.Email()) } # curl -i -X GET http://localhost:5000/api/v1/users/ # curl -i -X GET http://localhost:5000/api/v1/users/2 def get(self, user_id): if user_id is None: # return a list of users user_list = [user.to_dict() for user in User.query.all()] if user_list: return make_response(jsonify(user_list), 200) else: abort(404, description="No Users found") else: # return a single user user = User.query.get(user_id) if user: return make_response(jsonify(user.to_dict()), 200) else: abort(404, description="User not found, id: {}".format(user_id)) # curl -i -X POST -H 'Content-Type: application/json' -d '{"username": "******", "email": "*****@*****.**"}' http://localhost:5000/api/v1/users/ def post(self): args = parser.parse(UserAPI.WEBARGS, request) try: user = User.create(args["username"], args["email"]) return make_response(jsonify(user.to_dict()), 200) except exc.IntegrityError as e: errorInfo = e.orig.args error_message = errorInfo[0] raise exceptions.APIException( message='Unable to create user, duplicates found: {}'.format( error_message)) # curl -i -X DELETE http://localhost:5000/api/v1/users/6 def delete(self, user_id): user = User.query.get(user_id) if user: deleted = user.delete() if deleted: return make_response(jsonify({user.username: "******"}), 200) else: raise exceptions.APIException( message='Unable to delete user: {}'.format(user.username)) else: abort(404, description="User not found, id: {}".format(user_id)) # curl -i -X PUT -H 'Content-Type: application/json' -d '{"username": "******", "email": "*****@*****.**"}' http://localhost:5000/api/v1/users/3 def put(self, user_id): # update a single user user = User.query.get(user_id) if user: args = parser.parse(UserAPI.WEBARGS, request) try: updated_user = user.update(args["username"], args["email"]) if updated_user: return make_response(jsonify(user.to_dict()), 200) else: return make_response( jsonify({user.username: "******"}), 200) except exc.IntegrityError as e: errorInfo = e.orig.args error_message = errorInfo[0] raise exceptions.APIException( message='Unable to update user, duplicates found: {}'. format(error_message)) else: abort(404, description="User not found, id: {}".format(user_id))