Ejemplo n.º 1
0
def register_user():
    # get post data
    post_data = request.get_json()
    response_object = {"status": "fail", "message": "Invalid payload."}
    if not post_data:
        return jsonify(response_object), 400
    username = post_data.get("username")
    email = post_data.get("email")
    password = post_data.get("password")
    try:
        # check for existing user
        user = User.query.filter(
            or_(User.username == username, User.email == email)
        ).first()
        if not user:
            # add new user to db
            user = User(username=username, email=email, password=password)
            db.session.add(user)
            db.session.commit()
            # generate auth token
            auth_token = user.encode_auth_token(user.id)
            response_object["status"] = "success"
            response_object["message"] = "Successfully registered."
            response_object["auth_token"] = auth_token.decode()
            return jsonify(response_object), 201
        else:
            response_object["message"] = "Sorry. That user already exists."
            return jsonify(response_object), 400
    # handler errors
    except (exc.IntegrityError, ValueError):
        db.session.rollback()
        return jsonify(response_object), 400
Ejemplo n.º 2
0
def seed_db():
    db.session.add(
        User(username="******", email="*****@*****.**", password="******"))
    db.session.add(
        User(username="******",
             email="*****@*****.**",
             password="******"))
    db.session.add(Location(lat="30.99999", lng="-120.93999"))
    db.session.commit()
Ejemplo n.º 3
0
def seed_db():
    db.session.add(
        User(username="******",
             email="*****@*****.**",
             password="******"))
    db.session.add(
        User(username="******",
             email="*****@*****.**",
             password="******"))
    db.session.commit()
Ejemplo n.º 4
0
def seed_db():
    db.session.add(
        User(username='******',
             email="*****@*****.**",
             password="******"))
    db.session.add(
        User(username='******',
             email="*****@*****.**",
             password="******"))
    db.session.commit()
Ejemplo n.º 5
0
def seed_db():
    db.session.add(
        User(username="******",
             email="*****@*****.**",
             password="******"))
    db.session.add(
        User(username="******",
             email="*****@*****.**",
             password="******"))
    db.session.commit()
Ejemplo n.º 6
0
def seed_db():
    """Seeds the database."""
    db.session.add(
        User(username='******',
             email='*****@*****.**',
             password='******'))
    db.session.add(
        User(username='******',
             email='*****@*****.**',
             password='******'))
    db.session.commit()
Ejemplo n.º 7
0
def seed_db():
    """Seeds the database."""
    db.session.add(
        User(
            username="******",
            email="*****@*****.**",
            password="******",
        ))
    db.session.add(
        User(username="******", email="*****@*****.**",
             password="******"))
    db.session.commit()
Ejemplo n.º 8
0
def seed_db():
    """Seeds the database."""
    db.session.add(
        User(username="******",
             email="*****@*****.**",
             password="******"))
    db.session.add(
        User(
            username="******",
            email="*****@*****.**",
            password="******",
        ))
    db.session.commit()
Ejemplo n.º 9
0
def seed_users():
    db.session.add(
        User(username="******",
             email="*****@*****.**",
             password="******",
             role="sponsor",
             sponsor_logo="https://logodix.com/logo/441272.png",
             sponsor_headline="We Deliver",
             sponsor_slug="The original LTL Experts"))
    db.session.add(
        User(
            username="******",
            email="*****@*****.**",
            password="******",
            role="sponsor",
            sponsor_logo=
            "https://www.jing.fm/clipimg/detail/9-98595_driving-clipart-semi-truck-semi-trucks.png",
            sponsor_headline="The Biggest Freight Company",
            sponsor_slug="We are very big."))
    db.session.add(
        User(username="******",
             email="*****@*****.**",
             password="******",
             role="admin"))
    db.session.add(
        User(username="******",
             email="*****@*****.**",
             password="******",
             role="sponsor_mgr"))
    db.session.add(
        User(username="******",
             email="*****@*****.**",
             password="******",
             role="sponsor_mgr"))
    db.session.add(
        User(username="******",
             email="*****@*****.**",
             password="******",
             role="driver"))
    db.session.add(
        User(username="******",
             email="*****@*****.**",
             password="******",
             role="driver"))
    db.session.add(
        User(username="******",
             email="*****@*****.**",
             password="******",
             role="driver"))
    db.session.add(
        User(username="******",
             email="*****@*****.**",
             password="******",
             role="driver"))
    # db.session.add(User(username="", email="", password="", role="", sponsor_name=""))
    db.session.commit()
Ejemplo n.º 10
0
def add_user(username, email, password):
    user = User(username=username, email=email, password=password)

    db.session.add(user)
    db.session.commit()

    return user
Ejemplo n.º 11
0
    def post(self):
        """Refresh an existing token."""
        post_data = request.get_json()
        refresh_token = post_data.get("refresh_token")
        response_object = {}

        try:
            resp = User.decode_token(refresh_token)
            user = get_user_by_id(resp)
            if not user:
                auth_namespace.abort(401, "Invalid token")
            access_token = user.encode_token(user.id, "access")
            refresh_token = user.encode_token(user.id, "refresh")

            response_object = {
                "access_token": access_token.decode(),
                "refresh_token": refresh_token.decode(),
            }
            return response_object, 200
        except jwt.ExpiredSignatureError:
            auth_namespace.abort(401,
                                 "Signature expired. Please log in again.")
            return "Signature expired. Please log in again."
        except jwt.InvalidTokenError:
            auth_namespace.abort(401, "Invalid token. Please log in again.")
Ejemplo n.º 12
0
def seed_db():
    """Seeds the database."""
    db.session.add(
        User(username='******',
             email='*****@*****.**',
             password='******'))
    db.session.commit()
Ejemplo n.º 13
0
    def post(self):
        post_data = request.get_json()

        res = {"status": "fail", "message": "invalid payload"}

        if not post_data:
            return res, 400

        username = post_data.get("username")
        email = post_data.get("email")
        password = post_data.get("password")

        try:
            user = User.query.filter_by(email=email).first()
            if not user:
                db.session.add(User(username=username, email=email, password=password))
                db.session.commit()

                res = {"status": "success", "message": f"{email} was added!"}

                return res, 201
            else:
                res["message"] = "Sorry. That email already exists."
                return res, 400
        except exc.IntegrityError:
            db.session.rollback()
            return res, 400
        except (exc.IntegrityError, ValueError):
            db.session.rollback()
            return res, 400
Ejemplo n.º 14
0
    def post(self):
        """Validates credentials and returns access and refresh tokens on success."""

        payload = request.get_json()
        email = payload.get("email")
        password = payload.get("password")

        user = get_user_by_email(email)
        if not user or not user.check_password(password):
            namespace.abort(
                401,
                f"User with given email {email} or password does not exists")

        access_token = User.encode_token(user.id, "access").decode()
        refresh_token = User.encode_token(user.id, "refresh").decode()

        return {
            "access_token": access_token,
            "refresh_token": refresh_token
        }, 200
Ejemplo n.º 15
0
def register_user():
    post_data = request.get_json()

    res = {"status": "fail", "message": "Invalid payload."}

    if not post_data:
        return jsonify(res), 400

    username = post_data.get("username")
    email = post_data.get("email")
    password = post_data.get("password")

    if not username or not email or not password:
        return jsonify(res), 400

    try:
        user = User.query.filter(
            or_(User.username == username, User.email == email)
        ).first()

        if user:
            res["message"] = "Sorry, that user already exists."
            return jsonify(res), 400
        else:
            new_user = User(username=username, email=email, password=password)
            db.session.add(new_user)
            db.session.commit()
            auth_token = new_user.encode_auth_token(new_user.id)
            current_app.logger.debug(f"Auth Token: {auth_token}, {type(auth_token)}")
            current_app.logger.debug(f"Auth Token Decode: {auth_token.decode()}")
            res["status"] = "success"
            res["message"] = "Successfully registered."
            res["auth_token"] = auth_token.decode()
            return jsonify(res), 201

    except (exc.IntegrityError, ValueError):
        db.session.rollback()
        return jsonify(res), 400
Ejemplo n.º 16
0
    def post(self):
        """Creates new Access and Refresh tokens."""
        payload = request.get_json()
        refresh_token = payload.get("refresh_token")

        try:
            user_id = User.decode_token(refresh_token)

            user = get_user_by_id(user_id)
            if not user:
                namespace.abort(401, "Invalid token")

            access_token = User.encode_token(user.id, "access").decode()
            refresh_token = User.encode_token(user.id, "refresh").decode()

            return {
                "access_token": access_token,
                "refresh_token": refresh_token
            }, 200
        except jwt.ExpiredSignature:
            namespace.abort(401, "Token expired")
        except jwt.InvalidTokenError:
            namespace.abort(401, "Invalid token")
Ejemplo n.º 17
0
    def post(self):
        post_data = request.get_json()
        username = post_data.get('username')
        email = post_data.get('email')
        response_object = {}

        user = User.query.filter_by(email=email).first()
        if user:
            response_object['message'] = 'Sorry. That email already exists.'
            return response_object, 400
        db.session.add(User(username=username, email=email))
        db.session.commit()
        response_object['message'] = f'{email} was added!'
        return response_object, 201
Ejemplo n.º 18
0
def logout_user():
    # get auth token
    auth_header = request.headers.get("Authorization")
    response_object = {"status": "fail", "message": "Provide a valid auth token."}
    if auth_header:
        auth_token = auth_header.split(" ")[1]
        resp = User.decode_auth_token(auth_token)
        if not isinstance(resp, str):
            response_object["status"] = "success"
            response_object["message"] = "Successfully logged out."
            return jsonify(response_object), 200
        else:
            response_object["message"] = resp
            return jsonify(response_object), 401
    else:
        return jsonify(response_object), 403
Ejemplo n.º 19
0
def logout_user():
    auth_header = request.headers.get("Authorization")
    res = {"status": "fail", "message": "Token invalid."}

    if auth_header:
        auth_token = auth_header.split(" ")[1]
        response = User.decode_auth_token(auth_token)
        if not isinstance(response, str):
            res["status"] = "success"
            res["message"] = "Successfully logged out."
            return jsonify(res), 200
        else:
            res["message"] = response
            return jsonify(res), 401
    else:
        return jsonify(res), 403
Ejemplo n.º 20
0
def get_user_status():
    auth_header = request.headers.get("Authorization")
    res = {"status": "fail", "message": "Token invalid."}
    if auth_header:
        auth_token = auth_header.split(" ")[1]
        response = User.decode_auth_token(auth_token)
        if not isinstance(response, str):
            user = User.query.filter_by(id=response).first()
            res["status"] = "success"
            res["message"] = "Success."
            res["data"] = user.to_json()
            return jsonify(res), 200
        else:
            res["message"] = response
            return jsonify(res), 401
    else:
        return jsonify(res), 401
Ejemplo n.º 21
0
def get_user_status():
    # get auth token
    auth_header = request.headers.get("Authorization")
    response_object = {"status": "fail", "message": "Provide a valid auth token."}
    if auth_header:
        auth_token = auth_header.split(" ")[1]
        resp = User.decode_auth_token(auth_token)
        if not isinstance(resp, str):
            user = User.query.filter_by(id=resp).first()
            response_object["status"] = "success"
            response_object["message"] = "Success."
            response_object["data"] = user.to_json()
            return jsonify(response_object), 200
        response_object["message"] = resp
        return jsonify(response_object), 401
    else:
        return jsonify(response_object), 401
Ejemplo n.º 22
0
    def get(self):
        auth_header = request.headers.get("Authorization") or ""
        if auth_header:
            try:
                access_token = auth_header.split(" ")[1]
                user_id = User.decode_token(access_token)
                user = get_user_by_id(user_id)
                if not user:
                    namespace.abort(401, "Invalid token")

                return user, 200
            except jwt.ExpiredSignatureError:
                namespace.abort(401, "Token expired")
            except jwt.InvalidTokenError:
                namespace.abort(401, "Invalid token")
            except IndexError:
                namespace.abort(401, "Invalid token")
        else:
            namespace.abort(403, "Access token required")
Ejemplo n.º 23
0
 def get(self):
     auth_header = request.headers.get("Authorization")
     if auth_header:
         try:
             access_token = auth_header.split(" ")[1]
             resp = User.decode_token(access_token)
             user = get_user_by_id(resp)
             if not user:
                 auth_namespace.abort(401, "Invalid token")
             return user, 200
         except jwt.ExpiredSignatureError:
             auth_namespace.abort(
                 401, "Signature expired. Please log in again.")
             return "Signature expired. Please log in again."
         except jwt.InvalidTokenError:
             auth_namespace.abort(401,
                                  "Invalid token. Please log in again.")
     else:
         auth_namespace.abort(403, "Token required")
Ejemplo n.º 24
0
    def decorator(*args, **kwargs):

        token = None

        if 'Authorization' in request.headers:
            auth_header = request.headers.get("Authorization")
            token = auth_header
            resp = User.decode_token(token)

        if not resp:
            users_namespace.abort(404, f"a valid token is missing")

        try:
            user = get_user_by_id(resp)
            if not user:
                users_namespace.abort(404, f"User does not exist")
        except Exception as e:
            users_namespace.abort(404, f"a valid token is missing")

        return f(*args, **kwargs)
Ejemplo n.º 25
0
 def post(self):
     post_data = request.get_json()
     response_object = {"status": "fail", "message": "Invalid payload."}
     if not post_data:
         return response_object, 400
     username = post_data.get("username")
     email = post_data.get("email")
     try:
         user = User.query.filter_by(email=email).first()
         if not user:
             db.session.add(User(username=username, email=email))
             db.session.commit()
             response_object["status"] = "success"
             response_object["message"] = f"{email} was added!"
             return response_object, 201
         else:
             response_object[
                 "message"] = "Sorry. That email already exists."
             return response_object, 400
     except exc.IntegrityError:
         db.session.rollback()
         return response_object, 400
Ejemplo n.º 26
0
def refresh():
    post_data = request.get_json()
    refresh_token = post_data['refresh_token']
    response_object = {}
    try:
        resp = User.decode_token(refresh_token)
        user = get_user_by_id(resp)
        if not user:
            response_object["message"] = "Invalid token"
            return response_object, 401   
        access_token = user.encode_token(user.id, "access")
        refresh_token = user.encode_token(user.id, "refresh")

        response_object = {
            "access_token": access_token.decode(),
            "refresh_token": refresh_token.decode(),
        }
        return response_object, 200
    except jwt.ExpiredSignatureError:
        auth_namespace.abort(401, "Signature expired. Please log in again.")
        return "Signature expired. Please log in again."
    except jwt.InvalidTokenError:
        auth_namespace.abort(401, "Invalid token. Please log in again.")
Ejemplo n.º 27
0
def get_status():
    auth_header = request.headers.get("Authorization")
    response_object = {}
    if auth_header:
        try:
            access_token = auth_header.split(" ")[1]
            resp = User.decode_token(access_token)
            user = get_user_by_id(resp)
            if not user:
                response_object['message'] = "Invalid token"
                return response_object, 401   
            response_object['username'] = user.username
            response_object['email'] = user.email
            return response_object, 200 
        except jwt.ExpiredSignatureError:
            response_object["message"] = "Signature expired. Please log in again."
            return response_object, 401            
        except jwt.InvalidTokenError:
            response_object["message"] = "Invalid token. Please log in again."
            return response_object, 401            
    else:
        auth_namespace.abort(403, "Token required")
        response_object["message"] = "Token required."
        return response_object, 403
Ejemplo n.º 28
0
def test_decode_token(test_app, test_database, add_user):
    user = add_user("justatest", "*****@*****.**", "test")
    token = user.encode_token(user.id, "refresh")
    assert isinstance(token, bytes)
    assert User.decode_token(token) == user.id
Ejemplo n.º 29
0
 def _add_user(username, email):
     user = User(username=username, email=email)
     db.session.add(user)
     db.session.commit()
     return user
Ejemplo n.º 30
0
def seed_db():
    db.session.add(User(username="******", email="*****@*****.**"))
    db.session.add(User(username="******", email="*****@*****.**"))
    db.session.commit()