def authenticate_user():
try:
data = request.get_json()
if data.get('email'):
current_user = User.find_by_email(data.get('email'))
elif data.get('username'):
current_user = User.find_by_username(data.get('username'))
if not current_user:
return response_with(resp.SERVER_ERROR_404)
if current_user and not current_user.is_verified:
return response_with(resp.BAD_REQUEST_400)
if User.verify_hash(data.get('password'), current_user.password):
access_token = create_access_token(identity=data.get('username'))
user_schema = UserSchema()
user = user_schema.dump(current_user)
return response_with(resp.SUCCESS_200,
value={
'message':
'Logged in as {}'.format(
current_user.username),
'access_token':
access_token,
'user':
user
})
else:
return response_with(resp.UNAUTHORIZED_401,
value={'message': 'Password is wrong'})
except Exception as e:
print(e)
return response_with(resp.INVALID_INPUT_422)
def create_user():
try:
data = request.get_json()
if User.find_by_email(
data['email']) is not None or User.find_by_username(
data['username']) is not None:
return response_with(resp.INVALID_INPUT_422)
data['password'] = User.generate_hash(data['password'])
user_schema = UserSchema()
user = user_schema.load(data)
token = generate_verification_token(data['email'])
verification_email = url_for('user_routes.verify_email',
token=token,
_external=True)
html = render_template_string(
"<p>Welcome! Thanks for signing up. Please follow this link to activate your "
"account:</p> <p><a href='{{ verification_email }}'>{{ verification_email "
"}}</a></p> <br> <p>Thanks!</p>",
verification_email=verification_email)
subject = "Please Verify your email"
send_email(user.email, subject, html)
result = user_schema.dump(user.create())
return response_with(resp.SUCCESS_201, value={'author': result})
except Exception as e:
print(e)
return response_with(resp.INVALID_INPUT_422)
def create_user():
try:
data = request.get_json()
if User.find_by_username(data['username']) is not None:
return response_with(resp.INVALID_INPUT_422)
data['password'] = User.generate_hash(data['password'])
user_schmea = UserSchema()
user = user_schmea.load(data)
if user.role not in ACCESS.keys(): #check if it's a valid role
return jsonify(
msg="{} is not a valid role!".format(user.role)), 403
current_user = User.query.get(get_jwt_identity())
if user.role == 'root' and current_user.role != 'root':
return jsonify(msg="{You are not allowed to make a root!"), 403
# Comment from this line if you don't want use email.
# token = generate_verification_token(data['email'])
# verification_email = url_for('user_routes.verify_email', token=token, _external=True)
# html = render_template_string("<p>Welcome! Thanks for signing up. Please follow this link \
# to activate your account:</p> <p><a href='{{ verification_email }}'\
# >{{ verification_email }}</a></p> <br> <p>Thanks!</p>",\
# verification_email=verification_email)
# subject = "Please Verify your email"
# send_email(user.email, subject, html)
# Comment to this line if you don't want use email.
user.create()
return response_with(resp.SUCCESS_201)
except Exception as e:
print(e)
return response_with(resp.INVALID_INPUT_422)
def create_user():
try:
data = request.get_json()
data['password'] = User.generate_hash(data['password'])
user_schema = UserSchema()
user = user_schema.load(data)
result = user_schema.dump(user.create())
return response_with(resp.SUCCESS_201)
except Exception as e:
return response_with(resp.INVALID_INPUT_422)
def update_user_details(user_id):
data = request.get_json()
get_user = User.query.get_or_404(user_id)
get_user.name = data['name']
get_user.email = data['email']
#db.session.add(get_user)
db.session.commit()
user_schema = UserSchema()
user = user_schema.dump(get_user)
return response_with(resp.SUCCESS_200, value={"user": user})
def create_root():
if User.find_by_id(1):
return jsonify(msg="there is already a root!"), 403
data = request.get_json()
data['password'] = User.generate_hash(data['password'])
user_schmea = UserSchema()
user = user_schmea.load(data)
user.role = 'root'
user.isVerified = True
user.create()
return response_with(resp.SUCCESS_201)
def update_user_detail(id):
data = request.get_json()
get_user = User.query.get_or_404(id)
if data.get('username'):
get_user.username = data.get('username')
if data.get('email'):
get_user.email = data.get('email')
db.session.add(get_user)
db.session.commit()
user_schema = UserSchema()
user = user_schema.dump(get_user)
return response_with(resp.SUCCESS_200, value={'user': user})
def create_user():
try:
data = request.get_json()
if (User.find_by_email(data['email']) is not None
or User.find_by_username(data['username']) is not None):
return response_with(resp.INVALID_INPUT_422)
data['password'] = User.generate_hash(data['password'])
user_schmea = UserSchema()
user = user_schmea.load(data)
sendEmailToken(data['email'])
result = user_schmea.dump(user.create())
return response_with(resp.SUCCESS_201)
except Exception as e:
print(e)
return response_with(resp.INVALID_INPUT_422)
def upsert_user_avatar(user_id):
try:
file = request.files['avatar']
filename = ''
get_user = User.query.get_or_404(user_id)
file_schema = File()
if file and file_schema.allowed_file(file.content_type):
filename = file_schema.get_filename(file=file)
get_user.avatar = url_for('uploaded_file',
filename=filename,
_external=True)
db.session.add(get_user)
db.session.commit()
user_schema = UserSchema()
user = user_schema.dump(get_user)
return response_with(resp.SUCCESS_201, value={'user': user})
except Exception as e:
print(e)
return response_with(resp.INVALID_INPUT_422)
def update_user(user_id):
try:
data = request.get_json()
get_user = User.query.get_or_404(user_id)
current_user = User.query.get(get_jwt_identity())
if ('root' in data) and current_user.role != 'root':
return jsonify(msg="You cannot make a root!"), 403
for field in data: #modify only the attributes asked
setattr(get_user, field, data[field])
if "password" in data: #use the right password
get_user.password = User.generate_hash(data['password'])
if get_user.role not in ACCESS.keys():
return jsonify(
msg="{} is not a valid role!".format(get_user.role)), 403
# Comment from this line if you don't want use email.
# if "email" in data:
# get_user.isVerified = False
# token = generate_verification_token(data['email'])
# verification_email = url_for('user_routes.verify_email', token=token, _external=True)
# html = render_template_string("<p>Welcome! Thanks for signing up. Please follow this link \
# to activate your account:</p> <p><a href='{{ verification_email }}'\
# >{{ verification_email }}</a></p> <br> <p>Thanks!</p>",\
# verification_email=verification_email)
# subject = "Please Verify your email"
# send_email(get_user.email, subject, html)
# Comment to this line if you don't want use email.
db.session.add(get_user)
db.session.commit()
user_schema = UserSchema(only=['id', 'username', 'email', 'role'])
user = user_schema.dump(get_user)
return response_with(resp.SUCCESS_200, value={"user": user})
except Exception as e:
print(e)
return response_with(resp.INVALID_INPUT_422)
def get_users_list():
fetched = User.query.all()
user_schema = UserSchema(many=True, only=['id', 'username'])
users = user_schema.dump(fetched)
return response_with(resp.SUCCESS_200, value={'users': users})
def get_user_detail(id):
fetched = User.query.get_or_404(id)
user_schema = UserSchema(only=['id', 'username'])
user = user_schema.dump(fetched)
return response_with(resp.SUCCESS_200, value={'user': user})
def create_user():
"""
Create user endpoint
---
parameters:
- in: body
name: body
schema:
id: UserSignup
required:
- username
- password
- email
properties:
username:
type: string
description: Unique username of the user
default: "Johndoe"
password:
type: string
description: Password of the user
default: "somethingstrong"
email:
type: string
description: email of the user
default: "*****@*****.**"
responses:
201:
description: User successfully created
schema:
id: UserSignUpSchema
properties:
code:
type: string
422:
description: Invalid input arguments
schema:
id: invalidInput
properties:
code:
type: string
message:
type: string
"""
try:
data = request.get_json()
if (User.find_by_email(data["email"]) is not None
or User.find_by_username(data["username"]) is not None):
return response_with(resp.INVALID_FIELD_NAME_SENT_422)
data["password"] = User.generate_hash(data["password"])
user_schema = UserSchema()
user = user_schema.load(data)
token = generate_verification_token(data["email"])
verification_email = url_for("user_routes.verify_email",
token=token,
_external=True)
html = render_template_string(
"<p>Welcome! Thanks for signing up. Please follow this link to activate your account:</p> <p><a href='{{ verification_email }}'>{{ verification_email }}</a></p> <br> <p>Thanks!</p>",
verification_email=verification_email,
)
subject = "Please Verify your email"
# send_email(user.email, subject, html)
result = user_schema.dump(user.create())
return response_with(resp.SUCCESS_201)
except Exception as e:
print(e)
return response_with(resp.INVALID_FIELD_NAME_SENT_422)
def get_user(user_id):
get_user = User.query.get_or_404(user_id)
user_schema = UserSchema(
only=["id", 'username', 'email', 'role', 'isVerified'])
user = user_schema.dump(get_user)
return response_with(resp.SUCCESS_200, value={"user": user})
def get_user_list():
get_users = User.query.all()
user_schema = UserSchema(many=True,
only=['id', 'username', 'email', 'role'])
users = user_schema.dump(get_users)
return response_with(resp.SUCCESS_200, value={"users": users})
def get_user_details(user_id):
user_data = User.query.get_or_404(user_id)
user_schema = UserSchema()
user = user_schema.dump(user_data)
return response_with(resp.SUCCESS_200, value={"user": user})