def post(self): parser = reqparse.RequestParser() parser.add_argument('resetPasswordHash', help='This field cannot be blank', required=True, type=str) parser.add_argument('newPassword', help='This field cannot be blank', required=True, type=str) data = parser.parse_args() user = UserModel.find_by_reset_password_hash(data['resetPasswordHash']) if not user: abort(401, message=RESET_PASSWORD_HASH_INVALID) now = datetime.now() hash_age = now - user.reset_password_hash_created # Hash must be younger then 24 hours if divmod(hash_age.total_seconds(), 60 * 60 * 24)[0] > 0.0: abort(401, message=RESET_PASSWORD_HASH_INVALID) if len(data['newPassword']) < 8: abort(400, message=PASSWORD_TOO_SHORT) user.password = UserModel.generate_hash(data['newPassword']) user.reset_password_hash = None user.reset_password_hash_created = None user.persist() access_token = create_access_token(identity=user.username) refresh_token = create_refresh_token(identity=user.username) return AuthResponse(PASSWORD_RESET, user, access_token=access_token, refresh_token=refresh_token), 202
class TokenRefresh(Resource): @jwt_refresh_token_required @marshal_with(AuthResponse.get_marshaller()) def post(self): current_user = UserModel.find_by_username(get_jwt_identity()) access_token = create_access_token(identity=current_user.username) return AuthResponse(LOGIN_SUCCESS, current_user, access_token=access_token), 200
class UserRegistration(Resource): @marshal_with(AuthResponse.get_marshaller()) def post(self): parser = reqparse.RequestParser() parser.add_argument('username', help='This field cannot be blank', required=True, type=str) parser.add_argument('password', help='This field cannot be blank', required=True, type=str) parser.add_argument('email', help='This field cannot be blank', required=True, type=str) data = parser.parse_args() if UserModel.find_by_username(data['username']): abort(409, message=USER_ALREADY_EXISTS) if len(data['username']) < 3: abort(400, message=USERNAME_TOO_SHORT) if not re.match(username_regex, data['username']): abort(400, message=USERNAME_INVALID) if not re.match(email_regex, data['email']): abort(400, message=EMAIL_INVALID) if len(data['password']) < 8: abort(400, message=PASSWORD_TOO_SHORT) new_user = UserModel( username=data['username'], password=UserModel.generate_hash(data['password']), email=data['email'] ) new_account_settings = AccountSettingsModel() try: new_user.persist() new_account_settings.user_id = new_user.id new_account_settings.persist() access_token = create_access_token(identity=data['username']) refresh_token = create_refresh_token(identity=data['username']) return AuthResponse( USER_CREATION_SUCCESS, new_user, access_token=access_token, refresh_token=refresh_token), 201 except: abort(500, message=INTERNAL_SERVER_ERROR)
def post(self): parser = reqparse.RequestParser() parser.add_argument('username', help='This field cannot be blank', required=True, type=str) parser.add_argument('password', help='This field cannot be blank', required=True, type=str) data = parser.parse_args() current_user = UserModel.find_by_username(data['username']) if not current_user: abort(400, message=USER_DOESNT_EXIST) if UserModel.verify_hash(data['password'], current_user.password): access_token = create_access_token(identity=data['username']) refresh_token = create_refresh_token(identity=data['username']) return AuthResponse(LOGIN_SUCCESS, current_user, access_token=access_token, refresh_token=refresh_token), 202 else: abort(400, message=WRONG_CREDENTIALS)
def post(self): current_user = UserModel.find_by_username(get_jwt_identity()) access_token = create_access_token(identity=current_user.username) return AuthResponse(LOGIN_SUCCESS, current_user, access_token=access_token), 200