def post(self, args):
username = args.get('username')
user = user_repo.find_by_username_or_email(username)
if user:
if flask_bcrypt.check_password_hash(user.password,
args['password']):
if user.emailVerified:
access_token = create_access_token(identity=str(user.id))
user = user_repo.change_last_login(user)
data = user._data
del data['password']
data['access_token'] = access_token
token_args = {
'userId': str(user.id),
'accessToken': access_token
}
user_access_token = user_access_token_repo.create(
token_args)
if user_access_token:
return {
'item': to_json(data),
'message': 'Login successfully'
}, 200
raise BadRequest(code=400,
message='Access token is not created')
raise BadRequest(code=400, message="Email is not verified")
raise BadRequest(code=400, message='Invalid username or password')
raise NotFound(code=404, message="User not found")
def put(self, current_user, args, user_id, api_id):
if current_user.roleType == 'User':
raise BadRequest(message='RoleType is not valid')
user_api = user_api_repo.get_by_id(api_id)
if user_api is None:
raise NotFound(message='UserAPI is not found')
if str(user_api.userId) != user_id:
raise BadRequest(message='api_id is not valid')
user_api = user_api_repo.update(user_api, current_user, args)
return {'item': to_json(user_api._data)}, 204
def post(self, current_user, args):
url = args.get('url')
domain = domain_repo.find_domain_by_url(url)
if domain is not None:
raise BadRequest(message='Domain is existed')
domain = user_repo.add_domain_to_user(current_user.id, url)
if domain is None:
raise BadRequest(message='Could not create domain')
return {'item': domain.to_model(), 'message': 'create domain is successfully'}, 201
def post(self, args, token):
user, message = user_repo.get_user_from_token_reset_password(
token=token)
if message:
raise BadRequest(message=message)
user = user_repo.update_user(user, None, args)
if user is None:
raise BadRequest(message='Reset password failed')
return {
'item': to_json(user._data),
'message': 'Reset password is successfully'
}, 200
def post(self, current_user, args):
username = args.get('username')
if adv_repo.find_by_username(username) is not None:
raise BadRequest(message='Adv is existed')
if adv_repo.find_by_email(args.get('email')) is not None:
raise BadRequest(message='Adv email is registered')
adv = adv_repo.create(args)
if adv is None:
raise BadRequest(message='Could not created adv')
return {
'item': adv.to_model(),
'message': 'Create adv successfully'
}, 201
def post(self, current_user, args):
offer = offer_repo.create(args)
if offer is None:
raise BadRequest(message='Could not create offer')
return {
'item': offer.to_model(),
'message': 'Create offer successfully'
}, 201
def post(self, args):
username = args.get('username')
if username is None or username == '':
raise BadRequest(message='Username is required')
user = user_repo.find_by_username(username)
if user is None:
raise NotFound(message='User is not found')
password = args.get('password')
if not user.check_password(password):
raise BadRequest(message='Wrong username or password')
access_token = create_access_token(user.id)
return {
'item': {
'accessToken': access_token
},
'message': 'Login successully'
}, 200
def get(self, current_user, args, user_id):
if current_user.roleType == 'User' and (str(current_user.id) != user_id
or not current_user.isActive):
raise BadRequest(message=f'UserId {user_id} is not valid')
args['user_id'] = user_id
items, page_items, count_items = tran_repo.get_list(args)
res = [to_json(item) for item in items]
return {'items': res, 'page': page_items, 'count': count_items}, 200
def get(self, current_user, user_id):
if current_user.roleType == 'User' and (str(current_user.id) != user_id
or not current_user.isActive):
raise BadRequest(message=f'UserId {user_id} is not valid')
user = user_repo.get_by_id(user_id)
if user is None:
raise NotFound(message='User is not found')
data = {k: user._data[k] for k in user._data if k != 'password'}
return {'item': to_json(data)}, 200
def post(self, args):
user = user_repo.get_by_email(args.get('email'))
if not user:
raise BadRequest(message='Email is not exist')
if not user.emailVerified:
raise BadRequest(message='Email is not verified')
token = user_repo.generate_reset_password_token(user)
url = "{path}?token={token}".format(
path=current_app.config.get('RESET_PASSWORD_URL'), token=token)
send_email(subject='[TheVault] Reset Password',
sender=current_app.config['MAIL_USERNAME'],
recipients=[user.email],
html_body=render_template('email/reset_password.html',
user=user,
url=url))
return {
'message':
'Reset password is sending to your email. Please check your inbox'
}, 201
def post(self, args):
username = args.get('username')
email = args.get('email')
if user_repo.find_by_username(username) is not None:
raise BadRequest(message='User is existed')
if user_repo.find_by_email(email) is not None:
raise BadRequest(message='Email is registered')
if 'referrer' in args:
refer = user_repo.find_by_username(args.get('referrer'))
if refer is None:
raise BadRequest(message='Referrer is not found')
args['refer_id'] = refer.id
del args['referrer']
user = user_repo.create_user(args)
if user is None:
raise BadRequest(message='Could not create user')
return {
'item': user.to_model(),
'message': 'create User is successfully'
}, 200
def put(self, current_user, args, user_id):
if current_user.roleType == 'User' and (str(current_user.id != user_id)
or not current_user.isActive):
raise BadRequest(message=f'UserId {user_id} is not valid')
if current_user.roleType == 'User':
del args['isActive']
del args['roleType']
user = user_repo.get_by_id(user_id)
if user is None:
raise NotFound(message='User is not found')
user = user_repo.update_user(user, current_user, args)
return {'item': to_json(user._data)}, 204
def wrapper(*args, **kwargs):
req_args = request.args.to_dict()
if request.method in ('POST', 'PUT', 'PATCH', 'DELETE') \
and request.mimetype == 'application/json':
req_args.update(request.get_json())
req_args = {
k: v
for k, v in req_args.items()
if k in schema['properties'].keys()
}
if 'required' in schema:
for field in schema['required']:
if field not in req_args or not req_args[field]:
field_name = field
if field in schema['properties']:
if 'name' in schema['properties'][field]:
field_name = schema['properties'][field][
'name']
raise BadRequest(
message='{} is required'.format(field_name))
try:
validate(instance=req_args,
schema=schema,
format_checker=FormatChecker())
except ValidationError as exp:
exp_info = list(exp.schema_path)
error_type = ('type', 'format', 'pattern', 'maxLength',
'minLength')
if set(exp_info).intersection(set(error_type)):
field = exp_info[1]
field_name = field
if field_name in schema['properties']:
if 'name' in schema['properties'][field]:
field_name = schema['properties'][field]['name']
message = '{} is not valid'.format(field_name)
else:
message = exp.message # pragma: no cover
raise BadRequest(message=message)
new_args = args + (req_args, )
return func(*new_args, **kwargs)
def post(self, current_user, args):
''' register user endpoint '''
role_type = args.get('roleType', 'User')
if role_type not in ['Admin', 'User']:
raise BadRequest(message='Role type must be Admin or User')
billing_type = args.get('billingType', 'Monthly')
if billing_type not in ['Monthly', 'Metered']:
raise BadRequest(message='Billing type must be Monthly or Metered')
args['billingType'] = billing_type_repo.get_by_billing_type(
billing_type).id
args['roleType'] = role_type
created_by = args.get(
'username') if current_user is None else current_user.username
args['createdBy'] = args.get('createdBy', created_by)
if 'username' not in args and 'email' not in args:
raise BadRequest(code=400,
message='Username or email must be required')
args['password'] = flask_bcrypt.generate_password_hash(
args['password'])
user, message = user_repo.insert_one(args)
if user is None:
raise BadRequest(code=400, message=message)
token = user_repo.generate_registration_token(user)
url = "{path}/v1/admin/users/verify?token={token}".format(
path=current_app.config.get('API_URL'), token=token)
send_email(subject='[TheVault] Email Registration',
sender=current_app.config['MAIL_USERNAME'],
recipients=[user.email],
html_body=render_template('email/email_verification.html',
user=user,
url=url))
data = user._data
del data['password']
return {
'item': to_json(data),
'message': 'Signup user is successful'
}, 201
def get(self, current_user, args, user_id):
if args.get('active') == 'false':
active = False
elif args.get('active') == 'true':
active = True
else:
active = None
if current_user.roleType == 'User' and (str(current_user.id) != user_id
or not current_user.isActive):
raise BadRequest(message=f'UserId {user_id} is not valid')
args['user_id'] = user_id
items, page_items, count_items = user_api_repo.get_list(args, active)
res = [to_json(item) for item in items]
return {'items': res, 'page': page_items, 'count': count_items}, 200
def wrapper(*args, **kwargs):
verify_jwt_in_request()
headers = request.headers.get('Authorization')
if headers is None: # do not have authorization header, process as a signup user
new_args = args + (None, )
return func(*new_args, **kwargs)
authorization_type = headers.split(' ')[0]
if authorization_type != 'Bearer':
raise Unauthorized(code=401, message='Token Type is not valid')
current_user_id = get_jwt_identity()
user = user_repo.find_by_id(current_user_id)
if user is None:
raise NotFound(code=404, message='User is not found')
if not user.active:
raise BadRequest(code=400, message='User is not active')
new_args = args + (user, )
return func(*new_args, **kwargs)
def wrapper(*args, **kwargs):
headers = request.headers.get('Authorization')
if headers is None: # do not have authorization header, process as a signup user
new_args = args + (None, )
return func(*new_args, **kwargs)
authorization_type = headers.split(' ')[0]
if authorization_type != 'Bearer':
raise Unauthorized(code=401, message='Token Type is not valid')
access_token = headers.split(' ')[1]
current_user_id = get_jwt_identity()
user_access_token = user_access_token_repo.get_by_access_token(
user_id=current_user_id, access_token=access_token)
if user_access_token is None:
raise Unauthorized(code=401, message='Unauthorized Error')
user = user_repo.get_by_id(current_user_id)
if not user.isActive:
raise BadRequest(code=400, message='User is not active')
if not user.emailVerified:
raise Unauthorized(code=401, message='Email is not verified')
new_args = args + (user, )
return func(*new_args, **kwargs)
def post(self, current_user, args):
category = category_repo.create(args)
if category is None:
raise BadRequest(message='Could not created category')
return {'item': category.to_model(), 'message': 'Create category successfully'}, 201
def post(self, current_user, user_id):
if current_user.roleType == 'User' and (str(current_user.id) != user_id
or not current_user.isActive):
raise BadRequest(message=f'UserId {user_id} is not valid')
user_access_token_repo.remove_by_user_id(user_id=user_id)
return {'message': f"Logout {user_id} successfully"}, 204
def get(self, current_user, args):
if current_user.roleType == 'User':
raise BadRequest(message='Role admin is required')
items, page_items, count_items = user_repo.get_list(args)
res = [to_json(item) for item in items]
return {'items': res, 'page': page_items, 'count': count_items}, 200