def get_user(current_user, search_id): user = UserModel.get_user_by_id(current_user) if user['role'] != "admin": return jsonify( {"message": "You are not authorised to view this function"}), 401 user = UserModel.get_user_by_id(search_id) return jsonify({'User': user}), 200
def post(self): data = parser.parse_args() # lookup by username current_user = UserModel.find_by_username(data['username']) if not current_user: return { "message": "User {} doesn't exist".format(data['username']) } user_logging = UserLoggingModel(user_id=current_user.id) try: user_logging.save_to_db() except Exception: pass if UserModel.verify_hash(data['password'], current_user.password): access_token = create_access_token(identity=data['username']) refresh_token = create_refresh_token(identity=data['username']) return { "message": "Logged in as {}".format(current_user.username), 'access_token': access_token, 'refresh_token': refresh_token } else: return {"message": "Wrong password"}
def post(self): data = UserRegister.parser.parse_args() item = UserModel.find_by_username(data["username"]) if item: return {"message": "username already exists"}, 400 user = UserModel(**data) user.save() return {"message": "user created successfully"}
def get_users(current_user): user = UserModel.get_user_by_id(current_user) if user['role'] != "admin": return jsonify( {"message": "You are not authorised to view this function"}), 401 users_list = UserModel.get_users() return jsonify({ 'Users of ManagerStore': [make_public_user(user) for user in users_list] }), 200
def insert(): """ Validates and inserts user """ new_user = request.json user = UserModel(new_user) user.validate() unique_fields = [{"email"}] repository.insert_one_unique_fields(COLLECTION_NAME, user.to_dict(), unique_fields) return {"message": "success!"}, 201
def post(self): try: requested_data = request.get_json() if UserModel.get_user_by_username(requested_data["username"]): return {"msg": "Username already exists"}, 400 if UserModel.get_user_by_email(requested_data["email"]): return {"msg": "Email already exists"}, 400 user_schema = UserSchema() result: dict = user_schema.load(requested_data) UserModel.register_user(**result) return {"msg": "Registration successful"}, 201 except ValidationError as err: return jsonify(err.messages, 400)
def add_participant(workshop_id, data) -> (dict, int): workshop = WorkshopModel.find_by_id(workshop_id=workshop_id) # Check if given workshop_id exists in DB if workshop is None: raise EntityNotFoundError # Deserialize data schema = ParticipantSchema() data, err_msg, err_code = schema.loads_or_400(data) if err_msg: return err_msg, err_code # Check if there is already a participant with this email in DB user = UserModel.find_by_email(data.get("email")) if user is None: participant = UserModel( email=data.get("email"), firstName=data.get("firstName"), lastName=data.get("lastName"), role=[Roles.PARTICIPANT.value], workshopParticipations=[workshop_id], ) status = WorkshopParticipantStatus.CREATED.value else: # If user already exists, check if it's a participant if Roles.PARTICIPANT.value in user.role: # Raise error if participant already registred in workshop if user.userId in [p.user.id for p in workshop.participants]: raise InvalidDataError( msg="Participant already registered for this workshop" ) status = WorkshopParticipantStatus.EXISTING.value else: # add participant role otherwise user.add_participant_role() status = WorkshopParticipantStatus.CREATED.value participant = user participant.workshopParticipations.append(workshop_id) # Append participant to workshop workshop.participants.append( WorkshopParticipantModel(user=participant.userId, status=status) ) # Persist in DB participant.save() workshop.save() return schema.dump(participant), 200
def get(self, _id: str): user = UserModel.get_user_by_id(_id) if user: user_schema = UserSchema() result: dict = user_schema.dump(user) return result, 200 return {"msg": "User Not found"}, 404
def test_create_admin(cli_runner, db, request): first_name = "admin first name" last_name = "admin last name" email = "*****@*****.**" password = "******" input_stream = "" input_stream += first_name + "\n" # First name input_stream += last_name + "\n" # Last name input_stream += email + "\n" # Email input_stream += password + "\n" # Password input_stream += password + "\n" # Password confirmation cli_runner.invoke(create_admin, input=input_stream) user = UserModel.find_by_email("*****@*****.**") assert user is not None assert user.firstName == first_name assert user.lastName == last_name assert check_password_hash(pwhash=user.password, password=password) def teardown(): user.delete() request.addfinalizer(teardown)
def current_user_route(): """ look up user information in the database """ user = UserModel.find_user(g.current_user) return jsonify(user)
def signup(self): from werkzeug.security import generate_password_hash pprint("Auth.singup()") signupform = LoginForm() context = {"signupform": signupform} if signupform.validate_on_submit(): username = signupform.username.data password = signupform.password.data userdoc = FirestoreService().get_user(username) if userdoc.to_dict() is None: passwordhash = generate_password_hash(password) userdata = UserData(username, passwordhash) FirestoreService().user_put(userdata) user = UserModel(userdata) login_user(user) self.set_msg_succes("Bienvenido") return self.redirect("todo_list") else: self.set_msg_error("El usuario ya existe") return self.render("signup.html", **context)
def post(self): username = request.form.get('username', None) password = request.form.get('password', None) email = request.form.get('email', None) validation = Validation() validation.add_rule('User Name', username, 'required|min_length=2') validation.add_rule('Password', password, 'required|min_length=5') validation.add_rule('Email', email, 'required|is_email') if validation.check(): is_email = UserModel.query \ .filter(UserModel.email == email) \ .count() if not is_email: user = UserModel(username=username, password=generate_password_hash(password), email=email) db.session.add(user) db.session.commit() return None, status.HTTP_201_CREATED else: return 'Email already exists.', status.HTTP_400_BAD_REQUEST return validation.error, status.HTTP_400_BAD_REQUEST
def login(): if (not request.json or not 'email' in request.json or not 'password' in request.json): return jsonify({"message": "wrong params"}) data = request.get_json() or {} validate = ValidateInput.validate_login_input() if not validate(data): return make_response("\n Email*" "\n\t\t\t\t- Required" "\n\t\t\t\t- Must begin with any character" "\n\t\t\t\t- Must be a valid mail" "\n Password* " "\n\t\t\t\t- Required" "\n\t\t\t\t- Must be a string " "\n\t\t\t\t- Minlength : 5 characters" "\n\t\t\t\t- Must begin with a character"), 422 user = UserModel.check_if_is_valid_user(data['email']) if not user: return make_response('could not verify the user'), 401 if not check_password_hash(user[3], data['password']): return jsonify({"message": "Wrong password"}), 422 return jsonify({ 'id': user[0], 'name': user[1], 'email': user[2], 'password': user[3], 'message': "Login successful", "token": generate_token(user[0]), }), 200
def participant(db, request): participant = UserModel( email="*****@*****.**", firstName="participant_first_name_1", lastName="participant_last_name_1", role=[Roles.PARTICIPANT.value], ) participant.save() # Delete participant at the end def teardown(): participant.delete() request.addfinalizer(teardown) return participant
def find_all_users() -> list: users = UserModel.get_all_users() for user in users: user.pop("password") return users
def get(self, user_id: str): user = UserModel.get_user_by_id(user_id) if user: schema = OrderSchema(many=True) orders: List[OrderModel] = OrderModel.get_orders_by_user(user) result = schema.dump(orders) return result, 200 return {"msg": "No user found"}, 404
def get_coach(coach_id) -> (dict, int): coach = UserModel.find_coach_by_id(user_id=coach_id) # Check if given coach_id exists in DB if coach is None: raise EntityNotFoundError return CoachSchema().dump(coach), 200
def register(): session = current_app.db.session res = request.get_json() nickname = res.get("nickname") first_name = res.get("first_name") last_name = res.get("last_name") biography = res.get("biography") created_at = res.get("created_at") email = res.get("email") password = res.get("password") verify_user: UserModel = UserModel.query.filter_by(email=email).first() if verify_user: return {"error": f"{email} already exists"}, HTTPStatus.FORBIDDEN new_user = UserModel( nickname=nickname, email=email, first_name=first_name, last_name=last_name, biography=biography, created_at=created_at, ) new_user.password = password session.add(new_user) session.commit() access_token = create_access_token( identity=new_user.id, expires_delta=timedelta(days=7) ) return { "user": { "email": new_user.email, "nickname": new_user.nickname, "first_name": new_user.first_name, "last_name": new_user.last_name, "biography": new_user.biography, "created_at": new_user.created_at, "access_token": access_token, } }, HTTPStatus.CREATED
def post(self): requested_data = request.get_json() user = UserModel.get_user_by_username(requested_data["username"]) if user: if compare_digest(requested_data["password"], user.password): return {"msg": "Login successful"}, 200 else: return {"msg": "Bad username or password"}, 400 return {"msg": "Invalid username or password"}, 400
def coach(db, request): coach = UserModel( firstName="coach_first_name", lastName="coach_last_name", email="*****@*****.**", password=generate_password_hash("password"), role=[Roles.COACH.value], city=Cities.PARIS.value, ) coach.save() # Delete coach at the end def teardown(): coach.delete() request.addfinalizer(teardown) return coach
def get_coach_action_card_batches(coach_id: str) -> (dict, int): # Check if given coach_id exists in DB coach = UserModel.find_coach_by_id(user_id=coach_id) if coach is None: raise EntityNotFoundError # Retrieve data data = ActionCardBatchModel.find_action_card_batches_by_coach(coach_id) return ActionCardBatchSchema(many=True).dump(data), 200
def register_user(name: str, email: str, password: str, age: int) -> dict: user_id = UserModel.id_generator() new_user = { "id": user_id, "name": name, "email": email, "password": password, "age": age } if UserModel.check_user(email): return None UserModel.register_user(new_user) new_user.pop("password") return new_user
def post(self): headers = request.headers requested_data = request.get_json() user = UserModel.get_user_by_id(headers["User"]) if user: sketch = SketchModel.get_sketch_by_id(requested_data["sketch"]) if sketch: OrderModel.create_order(user, sketch) return {"msg": "Order created"}, 201 return {"msg": "Sketch not found"}, 404 return {"msg": "User not found"}, 404
def delete_coach(coach_id: str) -> (dict, int): coach = UserModel.find_coach_by_id(user_id=coach_id) # Check if given coach_id exists in DB if coach is None: raise EntityNotFoundError # Delete user in DB coach.delete() return {}, 204
def update_coach_action_card_batches(coach_id: str, data: bytes) -> (dict, int): # Check if given coach_id exists in DB coach = UserModel.find_coach_by_id(user_id=coach_id) if coach is None: raise EntityNotFoundError(msg="Coach does not exist") # Prevent another coach from updating another coach action card batches if coach_id != get_jwt_identity(): raise PermissionDeniedError( msg="You can't update the action card batches of another coach !") # Validate and serialize data schema = ActionCardBatchSchema(many=True) data, err_msg, err_code = schema.loads_or_400(data) if err_msg: return err_msg, err_code # Retrieve current action card batches current_action_card_batches = { o.actionCardBatchId: o for o in ActionCardBatchModel.find_action_card_batches_by_coach( coach_id) } # Process provided data output = [] for d in data: if ("actionCardBatchId" in d and d["actionCardBatchId"] in current_action_card_batches): # Update action card batch if already existing action_card_batch = current_action_card_batches[ d["actionCardBatchId"]] for k, v in d.items(): setattr(action_card_batch, k, v) action_card_batch.updatedAt = datetime.utcnow() else: # Create new object otherwise action_card_batch = ActionCardBatchModel( **{k: v for k, v in d.items() if k != "actionCardId"}) action_card_batch.coachId = coach_id action_card_batch.save() output.append(action_card_batch) new_ids = {o.id: None for o in output} # Delete current action card batches that are not in provided data for o_id, action_card_batch in current_action_card_batches.items(): if o_id not in new_ids: action_card_batch.delete() return ActionCardBatchSchema(many=True).dump(output), 200
async def post_user_service(user_data: UserModel): new_user = await save_user_repository(user_data.dict()) if new_user: return UserResponse( data=[new_user], message="User added successfully.", ) return UserErrorResponse( error="An error occurred", message="Repeated ID.", )
def login_user(email: str, password: str) -> dict: users = UserModel.get_all_users() for user in users: print(user) print(email, user["email"], email == user["email"]) print(password, user["password"], password == user["password"]) if user["email"] == email and user["password"] == password: user.pop("password") return user return None
def test_reset_password(client, coach): data = {"password": "******"} token = coach.send_reset_password_mail() response = client.post( "/api/v1/reset_password", data=json.dumps(data), query_string={"access_token": token}, ) coach = UserModel.find_by_id(user_id=coach.id) assert response.status_code == 204 assert check_password_hash(pwhash=coach.password, password="******")
def create_user(): session = current_app.db.session body = request.get_json() username = body.get("username") email = body.get("email") password = body.get("password") user_existence = UserModel.query.filter_by(email=email).first() if user_existence != None: return {"msg": "User already exists!"}, HTTPStatus.UNPROCESSABLE_ENTITY new_user = UserModel(username=username, email=email) new_user.password = password user_schema = UserSchema() session.add(new_user) session.commit() return user_schema.dump(new_user), HTTPStatus.CREATED
def admin(db, request): """ Create an admin for the scope of a function Remove it at the end """ admin = UserModel( firstName="admin_first_name", lastName="admin_last_name", email="*****@*****.**", password=generate_password_hash("password"), role=[Roles.ADMIN.value, Roles.COACH.value], city=Cities.PARIS.value, ) admin.save() # Delete admin at the end def teardown(): admin.delete() request.addfinalizer(teardown) return admin