def post(self):
try:
parsed = parser.parse_args()
except:
return resp.error("username, password must be specified")
# username and password check
session = get_session("auth")
auth_user = session.query(AuthUser).filter_by(username=parsed.username).first()
if auth_user is None:
return resp.error("Invalid username in token: {}".format(parsed.username))
print (auth_user.password, encrypt_sha(parsed.password), parsed.password)
if auth_user.password != encrypt_sha(parsed.password):
return resp.error("Invalid password")
# update last_login
try:
session.query(AuthUser).update({"last_login": datetime.now()})
session.commit()
except Exception as e:
print (e)
session.rollback()
return resp.error("Error while update db", status=status.ERROR_SERVER)
token = encrypt_jwt(parsed.username)
return resp.success({
"access_token": token
})
def get(self, **kwargs):
auth_user = kwargs["auth_user"]
return resp.success({
"id": auth_user.id,
"username": auth_user.username,
"first_name": auth_user.first_name,
"last_name": auth_user.last_name,
"email": auth_user.email,
"date_joined": auth_user.date_joined,
"iat": kwargs["jwt_iat"],
"exp": kwargs["jwt_exp"],
})
def post(self):
try:
parsed = parser_create.parse_args()
except:
return resp.error("Invalid request arguments")
is_valid, err_msg = check_username(parsed.username)
if not is_valid:
return resp.error(err_msg)
is_valid, err_msg = check_password(parsed.password)
if not is_valid:
return resp.error(err_msg)
is_valid, err_msg = check_email(parsed.email)
if not is_valid:
return resp.error(err_msg)
session = get_session("auth")
if session.query(AuthUser).filter_by(username=parsed.username).count():
return resp.error("Already existed username")
try:
user = AuthUser(
username=parsed.username,
password=encrypt_sha(parsed.password),
last_login=datetime.now(),
is_superuser=False,
first_name=parsed.first_name,
last_name=parsed.last_name,
email=parsed.email,
is_staff=False,
is_active=True,
date_joined=datetime.now()
)
session.add(user)
except:
session.rollback()
return resp.error("Error while update user info.")
else:
session.commit()
auth_user = session.query(AuthUser).filter_by(username=parsed.username).first()
return resp.success({
"id": auth_user.id,
"username": auth_user.username,
"first_name": auth_user.first_name,
"last_name": auth_user.last_name,
"email": auth_user.email,
})
def get(self, **kwargs):
session = get_session("auth")
obj_list= session.query(AuthUser).all()
result = list()
for auth_user in obj_list:
result.append({
"id": auth_user.id,
"username": auth_user.username,
"first_name": auth_user.first_name,
"last_name": auth_user.last_name,
"email": auth_user.email,
})
return resp.success(result)
def put(self, username, **kwargs):
try:
parsed = parser_update.parse_args()
except:
return resp.error("Invalid request arguments")
session = get_session("auth")
auth_user = session.query(AuthUser).filter_by(username=username).first()
if auth_user.password != encrypt_sha(parsed.password):
return resp.error("Invalid password %s %s" % (auth_user.password, parsed.password))
update_dict = dict()
new_password = parsed.get("new_password")
if new_password is not None:
is_valid, err_msg = check_password(new_password)
if not is_valid:
return resp.error(err_msg)
for key in ["new_password", "first_name", "last_name", "email"]:
val = parsed.get(key)
if val is not None:
if key == "new_password":
update_dict["password"] = val
else:
update_dict[key] = val
try:
session.query(AuthUser).filter_by(username=username).update(update_dict)
except:
session.rollback()
return resp.error("Error while update user info.")
else:
session.commit()
auth_user = session.query(AuthUser).filter_by(username=username).first()
return resp.success({
"id": auth_user.id,
"username": auth_user.username,
"first_name": auth_user.first_name,
"last_name": auth_user.last_name,
"email": auth_user.email,
})
def delete(self, username, **kwargs):
session = get_session("auth")
auth_user = session.query(AuthUser).filter_by(username=username).first()
try:
session.query(AuthUser).filter_by(username=username).delete()
except:
session.rollback()
return resp.error("Error while update user info.")
else:
session.commit()
return resp.success({
"id": auth_user.id,
"username": auth_user.username,
"first_name": auth_user.first_name,
"last_name": auth_user.last_name,
"email": auth_user.email,
})
def get(self, username, **kwargs):
session = get_session("auth")
query = session.query(AuthUser).filter_by(username=username)
user_count = query.count()
if user_count == 0:
return resp.error(
"No entry for username: {}".format(username),
status=status.ERROR_UNAUTHORIZED
)
elif user_count == 1:
auth_user = query[0]
return resp.success({
"id": auth_user.id,
"username": auth_user.username,
"first_name": auth_user.first_name,
"last_name": auth_user.last_name,
"email": auth_user.email,
})
else:
return resp.error({
"Duplicated username exists"
})
def get(self, **kwargs):
return resp.success({
"access_token": encrypt_jwt(kwargs["jwt_username"])
})