def signup_facebook():
"""
:return:
"""
request_json = request.get_json()
if not request_json:
return responses.missing_params()
user_token = request_json.get('user_token')
user_type = request_json.get('user_type') or app.config.get('DEFAULT_USER_TYPE')
if not all([user_token, user_type]):
return responses.missing_params()
# Get the access token again?
access_token = fb.get_access_token(
app_id=app.config.get('FACEBOOK_APP_ID'),
app_secret=app.config.get('FACEBOOK_APP_SECRET')
)
token_info = fb.debug_user_token(user_token, access_token)
if token_info.get('is_valid'):
return responses.invalid_fb_token()
fb_user_id = token_info.get('user_id')
fb_user_info = fb.get_user_info(fb_user_id, user_token)
# check that the user does not exist already in the database
user_exists = db.session.query(
db.exists().where(User.email == fb_user_info.get('email'))).scalar()
if user_exists:
return responses.user_already_exists()
user = User(
first_name=fb_user_info.get('first_name'),
last_name=fb_user_info.get('last_name'),
email=fb_user_info.get('email'),
facebook_user_id=fb_user_id
)
db.session.add(user)
db.session.commit()
if not app.config.get('TESTING'):
confirm_email(user)
jwt_token = create_access_token(identity=user.id)
refresh_token = create_refresh_token(identity=user.id)
return responses.user_created(jwt_token, refresh_token)
def login_facebook():
"""
Logs in user using Facebook OAuth
Is user type agnostic
:return:
"""
request_json = request.get_json()
if not request_json:
return responses.missing_params()
user_token = request_json.get('user_token')
if not user_token:
return responses.missing_params()
# Get the access token again?
access_token = fb.get_access_token(
app_id=app.config.get('FACEBOOK_APP_ID'),
app_secret=app.config.get('FACEBOOK_APP_SECRET')
)
token_info = fb.debug_user_token(user_token, access_token)
if not token_info.get('is_valid'):
return responses.invalid_fb_token()
long_lived_token = fb.get_long_lived_token(
app_id=app.config.get('FACEBOOK_APP_ID'),
app_secret=app.config.get('FACEBOOK_APP_SECRET'),
short_lived_token=user_token
).get('access_token')
# get user id to look up in database?
facebook_user_id = token_info.get('user_id')
user = User.query.filter_by(facebook_user_id=facebook_user_id)
if user is None:
return responses.user_not_found()
# check if current user token is the same if not change it
if user.facebook_access_token != long_lived_token:
user.facebook_access_token = long_lived_token
db.session.commit()
# Return app_name user access token for access to app_name api
jwt_token = create_access_token(identity=user.id)
refresh_token = create_refresh_token(identity=user.id)
return responses.user_logged_in(jwt_token, refresh_token)
def update_resource_a(resource_a_id):
"""
Updates resource A details
:return:
"""
resource_a = ResourceA.query.get(resource_a_id)
if not resource_a:
return responses.resource_not_found(ResourceA.__name__)
user_id = get_jwt_identity()
if user_id != resource_a.owner_id:
return responses.unauthorized()
valid_attrs = {'name'}
update_attrs = request.get_json()
if not update_attrs:
return responses.missing_params()
if not all(attr in valid_attrs for attr in update_attrs):
return responses.invalid_request_keys(set(update_attrs) - valid_attrs)
for attr, value in update_attrs.items():
setattr(resource_a, attr, value)
db.session.commit()
return responses.resource_updated(ResourceA.__name__)
def login():
"""
Logs in user and returns access token
:return:
"""
request_json = request.get_json()
email = request_json.get('email')
password = request_json.get('password')
if not all([email, password]):
return responses.missing_params()
user = User.query.filter_by(email=email).first()
if user is None:
return responses.user_not_found()
if not verify_password(password, user.password):
return responses.invalid_password()
jwt_token = create_access_token(identity=user.id)
refresh_token = create_refresh_token(identity=user.id)
return responses.user_logged_in(jwt_token, refresh_token, user.id)
def login_google():
"""
Updates google_access_token for user
:return: Response (object), status_code (int)
"""
incoming = request.get_json() or {}
required_attrs = ('code', )
if not incoming or not all(attr in incoming for attr in required_attrs):
return responses.missing_params()
request_origin = request.environ.get('HTTP_ORIGIN')
token_data, access_token_info = get_google_access_token(
auth_code=incoming.get('code'), redirect_uri=request_origin)
if not token_data or not access_token_info:
return jsonify({'error':
'Google Auth failed...'}), status.UNPROCESSABLE_ENTITY
id_token_info = get_google_token_info(token_data.get('id_token'),
'id_token')
oauth_email = id_token_info.get('email')
user = User.query.filter_by(email=oauth_email).first()
if not user:
return responses.user_not_found()
oauth_connection = OAuthConnection.query.filter_by(
type=OAuthConnectionType.GOOGLE, email_address=oauth_email).first()
has_google_connection = oauth_connection is not None
if not has_google_connection:
oauth_connection = OAuthConnection()
user.oauth_connections.append(oauth_connection)
db.session.add(oauth_connection)
oauth_connection.type = OAuthConnectionType.GOOGLE
oauth_connection.email_address = oauth_email
oauth_connection.ext_user_id = id_token_info.get('sub')
oauth_connection.ext_access_token = token_data.get('access_token')
oauth_connection.ext_refresh_token = token_data.get('refresh_token')
db.session.commit()
jwt_token = create_access_token(identity=user.id)
refresh_token = create_refresh_token(identity=user.id)
user_info = dict(auth_type='google', **user.to_dict())
return responses.user_logged_in(jwt_token,
refresh_token,
user.id,
user_info=user_info)
def signup_google():
"""
Allows user to sign up via Google -- requires invite nonce
:return: Response (object), status_code (int)
"""
incoming = request.get_json() or {}
required_attrs = ('code', 'invite_nonce')
if not incoming or not all(attr in incoming for attr in required_attrs):
return responses.missing_params()
request_origin = request.environ.get('HTTP_ORIGIN')
token_data, access_token_info = get_google_access_token(
auth_code=incoming.get('code'), redirect_uri=request_origin)
if not token_data or not access_token_info:
return jsonify({'error':
'Google Auth failed...'}), status.UNPROCESSABLE_ENTITY
id_token_info = get_google_token_info(token_data.get('id_token'),
'id_token')
oauth_email = id_token_info.get('email')
user = User(email=oauth_email, image_url=id_token_info.get('picture'))
oauth_connection = OAuthConnection(
type=OAuthConnectionType.GOOGLE,
email_address=oauth_email,
ext_user_id=id_token_info.get('sub'),
ext_access_token=token_data.get('access_token'),
ext_refresh_token=token_data.get('refresh_token'),
)
user.oauth_connections.append(oauth_connection)
db.session.add(oauth_connection)
db.session.commit()
jwt_token = create_access_token(identity=user.id)
refresh_token = create_refresh_token(identity=user.id)
user_info = dict(auth_type='google', **user.to_dict())
return responses.user_logged_in(jwt_token,
refresh_token,
user.id,
user_info=user_info)
def signup_email():
"""
Signs up new user
:return:
"""
request_json = request.get_json()
email = request_json.get('email')
password = request_json.get('password')
first_name = request_json.get('first_name')
last_name = request_json.get('last_name')
phone_number = request_json.get('phone_number')
if not all([email, password, first_name, last_name]):
return responses.missing_params()
# check that the user does not exist already in the database
user_exists = db.session.query(db.exists().where(User.email == email)).scalar()
if user_exists:
return responses.user_already_exists()
user = User(
first_name=first_name,
last_name=last_name,
email=email,
password=password,
phone_number=phone_number
)
db.session.add(user)
db.session.commit()
if not app.config.get('TESTING'):
confirm_email(user)
# Return app_name user access token for access to app_name api
# Identity can be any data that is json serializable
jwt_token = create_access_token(identity=user.id)
refresh_token = create_refresh_token(identity=user.id)
return responses.user_created(jwt_token, refresh_token)
def update_profile():
"""
Updates the user's profile based on attributes and values sent
Can also change password
:return:
"""
valid_attrs = {'first_name', 'last_name', 'email', 'phone_number', 'new_password',
'old_password'}
update_attrs = request.get_json()
if not update_attrs:
return responses.missing_params()
if not all(attr in valid_attrs for attr in update_attrs):
return responses.invalid_request_keys(set(update_attrs) - valid_attrs)
user_id = get_jwt_identity()
user = User.query.get(user_id)
if not user:
return responses.user_not_found()
changed = False
if 'new_password' in update_attrs and 'old_password' in update_attrs:
old_password = update_attrs.pop('old_password')
new_password = update_attrs.pop('new_password')
changed = user.change_password(old_password, new_password)
if not changed:
return responses.invalid_password()
for attr, value in update_attrs.items():
setattr(user, attr, value)
db.session.commit()
return responses.user_updated(password_changed=changed)