Example #1
0
    def post(self):
        username = request.json.get('username', None)
        password = request.json.get('password', None)
        secret = request.json.get('secret', None)
        role = 'admin'
        if secret != 'iniSECret':
            return {'message': 'Permission denied'}, 500

        if User.find_by_username(username):
            return {'message': 'Admin already exists: {}'.format(username)}

        username = username
        password = User.generate_hash(password)

        try:
            new_user = User(username, password, role)
            db.session.add(new_user)
            db.session.commit()

            access_token = create_access_token(identity=username)
            refresh_token = create_refresh_token(identity=username)
            return {
                'message': 'Admin created: {}'.format(username),
                'access_token': access_token,
                'refresh_token': refresh_token
            }
        except Exception as e:
            return {'message': e}, 500
def user_add():
    if request.method == 'POST':
        try:
            username = request.form.get('username')
            password = User.generate_hash(request.form.get('password'))
            is_admin = request.form.get('is-admin')
            if is_admin:
                new_user = User(username, password, role='admin')
            else:
                new_user = User(username, password)

            db.session.add(new_user)
            db.session.commit()
            return redirect(url_for('admin.users'))

        except IntegrityError:
            db.session.rollback()
            flash('ERROR! username ({}) already exists.'.format(username),
                  'error')

    return render_template('user_add.html')
Example #3
0
    def post(self):
        username = request.json.get('username', None)
        password = request.json.get('password', None)

        if User.find_by_username(username):
            return {'message': 'User already exists: {}'.format(username)}

        username = username
        password = User.generate_hash(password)

        try:
            new_user = User(username, password)
            db.session.add(new_user)
            db.session.commit()

            access_token = create_access_token(identity=username)
            refresh_token = create_refresh_token(identity=username)
            return {
                'message': 'User created: {}'.format(username),
                'access_token': access_token,
                'refresh_token': refresh_token
            }
        except Exception as e:
            return {'message': e}, 500