def reset_password():
user = User.by_email(request_data().get('email'))
if user is None:
message = {'email': 'This email address is not linked to a user.'}
return jsonify({'status': 400, 'errors': message}, status=400)
send_reset_link(user)
return jsonify({'status': 200})
def validate_account(id):
user = User.by_id(id)
if user is not None and user.validation_token == request.args.get('token'):
user.validated = True
db.session.commit()
login_user(user, remember=True)
return redirect('/')
def login():
data = request_data()
user = User.by_email(data.get('email'))
if user is not None and user.verify(data.get('password')):
login_user(user, remember=True)
return jsonify({'status': 200, 'user': user})
message = {'password': '******'}
return jsonify({'status': 400, 'errors': message}, status=400)
def register():
user = User.create(request_data())
db.session.commit()
send_activation_link(user)
return jsonify(user)
def update(id):
user = obj_or_404(User.by_id(id))
authz.require(user.id == current_user.id or authz.system_manage())
user.update(request_data())
db.session.commit()
return jsonify(user)
def view(id):
authz.require(authz.system_read())
user = obj_or_404(User.by_id(id))
data = user.to_dict()
return jsonify(data)
def index():
authz.require(authz.system_manage())
users = list(User.all())
return jsonify({'results': users, 'total': len(users)})
