Example #1
0
def me():
    """Current user
    ---
    tags:
      - users
    definitions:
      UserInfo:
        type: object
        properties:
          isAuthenticated:
            type: boolean
          userType:
            type: string
          supplierCode:
            type: integer
          csrfToken:
            type: string
    responses:
      200:
        description: User
        schema:
          $ref: '#/definitions/UserInfo'

    """
    return jsonify(user_info(current_user))
Example #2
0
def login():
    """Login user
    ---
    tags:
      - auth
    security:
      - basicAuth: []
    consumes:
      - application/json
    parameters:
      - name: body
        in: body
        required: true
        schema:
          id: LoginUser
          required:
            - emailAddress
            - password
          properties:
            emailAddress:
              type: string
            password:
              type: string
    responses:
      200:
        description: User
        schema:
          $ref: '#/definitions/UserInfo'
    """
    json_payload = request.get_json()
    email_address = json_payload.get('emailAddress', None)
    user = User.get_by_email_address(email_address.lower())

    if user is None or (user.supplier and user.supplier.status == 'deleted'):
        return jsonify(message='User does not exist'), 403
    elif encryption.authenticate_user(json_payload.get('password', None),
                                      user) and user.active:
        user.logged_in_at = datetime.utcnow()
        user.failed_login_count = 0
        db.session.add(user)
        db.session.commit()

        if '_csrf_token' in session:
            session.pop('_csrf_token')
        if 'csrf' in session:
            session.pop('csrf')

        if current_app.config['REDIS_SESSIONS']:
            session.regenerate()
        login_user(user)

        loaded_user = load_user(user.id)
        return jsonify(user_info(loaded_user))
    else:
        user.failed_login_count += 1
        db.session.add(user)
        db.session.commit()

        return jsonify(message="Could not authorize user"), 403
Example #3
0
def me_deprecated():
    return jsonify(user_info(current_user))
Example #4
0
def me():
    return jsonify(user_info(current_user))