def create_user():
try:
data = get_request_data(
request,
required_params=["email", "password"],
)
except (ValueError, TypeError) as e:
return handle_error(
message="%s: %s" % (request.url, str(e)),
logger=logger,
status_code=422,
)
email = data["email"]
password = data["password"]
firstName = data.get("firstName", None)
lastName = data.get("lastName", None)
userType = data.get("userType", None)
db = DatabaseService()
try:
db.save_user(
email=email,
password=password,
firstName=firstName,
lastName=lastName,
userType=userType,
)
except SQLIntegrityError:
return make_response("User %s already exists" % data["email"], 409)
return make_response("OK", 200)
def reset_password():
try:
data = get_request_data(
request,
required_params=["token", "password", "passwordCheck"],
)
except (ValueError, TypeError) as e:
return handle_error(
message="%s: %s" % (request.url, str(e)),
logger=logger,
status_code=422,
)
token = data["token"]
password = data["password"]
password_check = data["passwordCheck"]
if password != password_check:
return make_response("Passwords do not match", 422)
db = DatabaseService()
user_email = db.validate_reset_token(token=token)
if not user_email:
return make_response("Invalid token", 422)
db.update_password(email=user_email, password=password)
return make_response("OK", 200)
def forgot_password():
try:
data = get_request_data(
request,
required_params=["email", "resetURL"],
)
except (ValueError, TypeError) as e:
return handle_error(
message="%s: %s" % (request.url, str(e)),
logger=logger,
status_code=422,
)
token = uuid.uuid4().hex
mailgun_response = send_reset_link(
email=data["email"],
token=token,
url=data["resetURL"],
)
if mailgun_response.status_code != 200:
return make_response(
'''There was an error sending your reset link,
please email [email protected] with this error: %s''' %
mailgun_response.text, mailgun_response.status_code)
db = DatabaseService()
db.save_reset_token(
email=data["email"],
token=token,
)
return make_response("OK", 200)
def login():
try:
data = get_request_data(request, ["email", "password"])
except (ValueError, TypeError) as e:
return handle_error(message="Invalid parameters: %s" % str(e),
logger=logger,
status_code=422)
db = DatabaseService()
userType = db.authenticate_user(
email=data["email"],
password=data["password"],
)
if not userType:
return make_response("Error: invalid credentials", 401)
token = jwt.encode(
{
"subject": data["email"],
"userType": userType
},
app.config["SECRET_KEY"],
algorithm="HS256",
)
return jsonify({"token": token})
def create_validation_token():
try:
data = get_request_data(
request,
required_params=["email"],
)
except (ValueError, TypeError) as e:
return handle_error(
message="%s: %s" % (request.url, str(e)),
logger=logger,
status_code=422,
)
token = DatabaseService().create_validation_token(email=data["email"])
if token is None:
return make_response("Could not generate unique token", 500)
return jsonify({"token": token})
def confirm_validation_token():
try:
data = get_request_data(
request,
required_params=["token"],
)
except (ValueError, TypeError) as e:
return handle_error(
message="%s: %s" % (request.url, str(e)),
logger=logger,
status_code=422,
)
try:
email = DatabaseService().confirm_validation_token(data["token"])
if email is not None:
return jsonify({"email": email})
except TypeError:
logger.error("Could not get email for token %s" % data["token"])
return make_response("Invalid token", 401)
