def put(self, id):
'''Update User'''
my_user = User.fetch_by_id(id)
user = user_schema.dump(my_user)
if len(user) == 0:
abort(400, 'User does not exist')
authorised_user = get_jwt_identity()
if id != authorised_user['id']:
abort(
400,
'You cannot modify this user! Please log in as this user to modify.'
) # 403
data = api.payload
if not data:
abort(400, 'No input data detected')
email = data['email'].lower()
db_user = User.fetch_by_email(email)
user_to_check = user_schema.dump(db_user)
if len(user_to_check) > 0:
if email == user_to_check['email'] and id != user_to_check['id']:
abort(400, 'Falied... A user with this email already exists')
id_no = data['id_no']
db_user = User.fetch_by_id_no(id_no)
user_to_check = user_schema.dump(db_user)
if len(user_to_check) > 0:
if id_no == user_to_check['email'] and id != user_to_check['id']:
abort(400, 'Falied... A user with this email already exists')
full_name = data['full_name'].lower()
country_code = data['country_code']
phone = data['phone']
User.update_user(id=id,
email=email,
id_no=id_no,
full_name=full_name,
country_code=country_code,
phone=phone)
this_user = User.fetch_by_id_no(id_no)
current_user = user_schema.dump(this_user)
return {'message': 'User updated', 'user': current_user}, 200
def post(self):
'''Register User'''
data = api.payload
if not data:
abort(400, 'No input data detected')
email = data['email'].lower()
user = User.fetch_by_email(email)
if user:
abort(400, 'Falied... A user with this email already exists')
id_no = data['id_no']
user = User.fetch_by_id_no(id_no)
if user:
abort(400, 'Falied... A user with this ID number already exists')
full_name = data['full_name'].lower()
hashed_password = generate_password_hash(data['password'],
method='sha256')
new_user = User(email=email,
id_no=id_no,
full_name=full_name,
country_code=data['country_code'],
phone=data['phone'],
password=hashed_password)
new_user.insert_record()
user = user_schema.dump(data)
this_user = User.fetch_by_email(email)
UserPrivilege.generate_user_role(user_id=this_user.id)
user_id = UserPrivilege.user_id
role = UserPrivilege.role
new_user_role = UserRole(user_id=user_id, role=role)
new_user_role.insert_record()
privileges = UserPrivilege.privileges
expiry_time = timedelta(minutes=30)
my_identity = {'id': this_user.id, 'privileges': privileges}
access_token = create_access_token(identity=my_identity,
expires_delta=expiry_time)
refresh_token = create_refresh_token(my_identity)
return {
'message': 'Success',
'access token': access_token,
"refresh_token": refresh_token,
'user': user
}, 201
def post(self):
'''Log in user'''
data = api.payload
if not data:
abort(400, 'No input data detected')
id_no = data['id_no']
this_user = User.fetch_by_id_no(id_no)
if this_user:
if check_password_hash(this_user.password, data['password']):
current_user = user_schema.dump(this_user)
user_id = this_user.id
user_role = UserRole.fetch_by_user_id(user_id)
UserPrivilege.get_privileges(user_id = user_id, role= user_role.role)
privileges = UserPrivilege.privileges
expiry_time = timedelta(minutes=30)
my_identity = {'id':this_user.id, 'privileges':privileges}
access_token = create_access_token(identity=my_identity, expires_delta=expiry_time)
refresh_token = create_refresh_token(my_identity)
return {'message': 'User logged in', 'user': current_user, 'access_token': access_token, "refresh_token": refresh_token}, 200
if not this_user or not check_password_hash(this_user.password, data['password']):
return {'message': 'Could not log in, please check your credentials'}, 400
