Ejemplo n.º 1
0
 def put(self):
     user = current_user()
     args = user_parser_edit.parse_args()
     allowed_fields = user_fields.keys()
     for key in args.keys():
         if key in allowed_fields:
             if key == 'username' and args[key] and User.query.filter_by(
                     username=args.username).first():
                 return abort(400, message='Username already taken')
             elif key == 'username' and args[key] and not valid_username(
                     args.username):
                 return abort(400, message='Username is not valid.')
             if key == 'email' and args[key] and not valid_email(args[key]):
                 return abort(400, message='Wrong email supplied')
             if args[key] or args[key] is not None:
                 setattr(user, key, args[key])
         if (key == 'password' and args.password
                 and args.password_confirmation and args.current_password):
             if args.password_confirmation != args.password:
                 return abort(400, message='Passwords don\'t match.')
             elif not User.verify_hash(args.current_password,
                                       user.password):
                 return abort(400,
                              message='The current password is incorrect')
             user.password = User.generate_hash(args.password)
             tokens = TokenBlacklist.query.filter_by(
                 user_identity=str(user.id)).all()
             for token in tokens:
                 db.session.delete(token)
     db.session.commit()
     return marshal(user, user_fields)
Ejemplo n.º 2
0
def refresh():
    # Do the same thing that we did in the login endpoint here
    user = current_user()
    access_token = create_access_token(identity=user.id)
    add_token_to_database(access_token, app.config['JWT_IDENTITY_CLAIM'])
    return jsonify({
        'access_token': access_token,
        'refresh_token': request.headers.get('Authorization')[7:]
    }), 201
Ejemplo n.º 3
0
 def delete(self):
     args = delete_answer_parser.parse_args()
     answer = CovidAnswer.query.filter_by(user=current_user()).filter_by(
         id=args.answer).first()
     if answer:
         answer.deleted_at = datetime.datetime.now()
         db.session.commit()
         return jsonify({'success': 1})
     return jsonify({'success': 0})
Ejemplo n.º 4
0
 def delete(self):
     args = delete_question_parser.parse_args()
     question = CovidQuestion.query.filter_by(
         user=current_user()).filter_by(id=args.question).first()
     if question:
         question.deleted_at = datetime.datetime.now()
         db.session.commit()
         return jsonify({'success': 1})
     return jsonify({'success': 0})
Ejemplo n.º 5
0
 def post(self):
     args = rating_parser.parse_args()
     answer = CovidAnswer.query.filter_by(user=current_user()).filter_by(
         id=args.answer).first()
     rating = AnswerRating.query.filter_by(user=current_user()).filter_by(
         answer=answer).first() if answer else None
     if answer and not rating:
         db.session.add(
             AnswerRating(answer=answer,
                          rating=args.rating,
                          user=current_user()))
         db.session.commit()
         return jsonify({'success': 1, 'new_rating': answer.average_rating})
     elif answer and rating:
         rating.rating = args.rating
         db.session.commit()
         return jsonify({'success': 1, 'new_rating': answer.average_rating})
     return jsonify({'success': 0})
Ejemplo n.º 6
0
 def post(self):
     args = question_new_parser.parse_args()
     db.session.add(
         CovidQuestion(
             title=args.title,
             question=args.question,
             anon=args.anon,
             user=current_user() if not args.anon else None,
         ))
     db.session.commit()
     return jsonify({'success': 1})
Ejemplo n.º 7
0
def logout():
    user = current_user()
    args = logout_parser.parse_args()
    # TODO: Delete auth token
    decoded_token = decode_token(request.headers.get('Authorization')[7:])
    token = TokenBlacklist.query.filter_by(jti=decoded_token['jti']).first()
    revoke_token(token.id, user.id)

    if token:
        db.session.delete(push_token)
        db.session.commit()
    return {'success': 1}, 200
Ejemplo n.º 8
0
 def get(self):
     args = user_parser.parse_args()
     user = current_user()
     if not args.user:
         users = User.query.all()
         return [marshal(u, user_fields) for u in users]
     query = User.query.filter_by(username=args.user)
     try:
         int(args.user)
         query = User.query.filter_by(id=args.user)
     except ValueError:
         pass
     return marshal(user, user_fields)
Ejemplo n.º 9
0
 def post(self):
     args = answer_new_parser.parse_args()
     question = CovidQuestion.query.filter_by(id=args.question).filter_by(
         deleted_at=None).first()
     if not question:
         abort(400, message='Wrong question or it has been deleted')
     db.session.add(
         CovidAnswer(
             answer=args.answer,
             question=question,
             user=current_user(),
         ))
     db.session.commit()
     return jsonify({'success': 1})
Ejemplo n.º 10
0
def modify_token(token_id):
    # Get and verify the desired revoked status from the body
    json_data = request.get_json(silent=True)
    if not json_data:
        return jsonify({"msg": "Missing 'revoke' in body"}), 400
    revoke = json_data.get('revoke', None)
    if revoke is None:
        return jsonify({"msg": "Missing 'revoke' in body"}), 400
    if not isinstance(revoke, bool):
        return jsonify({"msg": "'revoke' must be a boolean"}), 400

    # Revoke or unrevoke the token based on what was passed to this function
    user = current_user()
    try:
        if revoke:
            revoke_token(token_id, user.id)
            return jsonify({'msg': 'Token revoked'}), 200
        else:
            unrevoke_token(token_id, user.id)
            return jsonify({'msg': 'Token unrevoked'}), 200
    except TokenNotFound:
        return jsonify({'msg': 'The specified token was not found'}), 404
Ejemplo n.º 11
0
 def get(self):
     user = current_user()
     return marshal(user, user_fields)
Ejemplo n.º 12
0
def get_tokens():
    user = current_user()
    all_tokens = get_user_tokens(str(user.id))
    ret = [token.to_dict() for token in all_tokens]
    return jsonify(ret), 200