def reset_password(): user = User.by_email(request_data().get('email')) if user is None: message = {'email': 'This email address is not linked to a user.'} return jsonify({'status': 400, 'errors': message}, status=400) send_reset_link(user) return jsonify({'status': 200})
def validate_account(id): user = User.by_id(id) if user is not None and user.validation_token == request.args.get('token'): user.validated = True db.session.commit() login_user(user, remember=True) return redirect('/')
def login(): data = request_data() user = User.by_email(data.get('email')) if user is not None and user.verify(data.get('password')): login_user(user, remember=True) return jsonify({'status': 200, 'user': user}) message = {'password': '******'} return jsonify({'status': 400, 'errors': message}, status=400)
def register(): user = User.create(request_data()) db.session.commit() send_activation_link(user) return jsonify(user)
def update(id): user = obj_or_404(User.by_id(id)) authz.require(user.id == current_user.id or authz.system_manage()) user.update(request_data()) db.session.commit() return jsonify(user)
def view(id): authz.require(authz.system_read()) user = obj_or_404(User.by_id(id)) data = user.to_dict() return jsonify(data)
def index(): authz.require(authz.system_manage()) users = list(User.all()) return jsonify({'results': users, 'total': len(users)})