def put(self, username):
req_data = request.get_json() or None
user = get_user_by_user_name(username)
if not isinstance(user, User):
return user
current_password = req_data.get("current_password")
new_password = req_data.get("new_password")
confirm_password = req_data.pop("confirm_password")
if not checkpw(current_password.encode("utf-8"),
user["password"].encode("utf-8")):
return resp_data_invalid(
"Users", "Senha atual não confere com a senha cadastrada")
if not check_password_in_signup(new_password, confirm_password):
errors = {"password": MSG_CHECK_PASSWORD_FAILED}
return resp_data_invalid("Users", errors)
new_pass_hashed = hashpw(new_password.encode("utf-8"),
gensalt(12)).decode("utf-8")
user["password"] = new_pass_hashed
save_result = save_model(user, "Users", "Usuário")
if not isinstance(save_result, User):
return save_result
return resp_ok("User",
MSG_PASSWORD_CHANGED,
data={"user_name": username})
def post(self, *args, **kwargs):
"""
Rota para login na API
"""
req_data = request.get_json() or None
user = None
login_schema = LoginSchema()
user_schema = UserSchema(exclude=["address"])
if req_data is None:
return resp_data_invalid("Users", [], msg=MSG_NO_DATA)
try:
data = login_schema.load(req_data)
except MarshmallowValidationError as e:
return resp_data_invalid("Users", desc=e.__str__())
user = get_user_by_user_name(data["user_name"])
if not isinstance(user, User):
return user
if checkpw(
data.get("password").encode("utf-8"),
user.password.encode("utf-8")):
extras = {
"token": create_access_token(identity=user.user_name),
"refresh": create_refresh_token(identity=user.user_name)
}
result = user_schema.dump(user)
return resp_ok("Auth", MSG_TOKEN_CREATED, data=result, **extras)
return resp_notallowed_user("Auth")
def delete(username):
schema = UserSchema()
user = get_user_by_user_name(username)
if not isinstance(user, User):
return user
user.delete()
return resp_ok_no_content()
def __call__(self, *args, **kwargs):
user = get_user_by_user_name(get_jwt_identity())
if not isinstance(user, User):
return user
if user.is_admin():
return self.f(*args, **kwargs)
else:
return resp_notallowed_user("Users")
def get(username):
schema = UserSchema()
user = get_user_by_user_name(username)
if not isinstance(user, User):
return user
result = schema.dump(user)
return resp_ok("Users",
MSG_RESOURCE_FETCHED.format("Usuário",
username), result)
def put(self, username):
schema = UserSchema()
up_schema = UserUpdateSchema()
req_data = request.get_json() or None
user = get_user_by_user_name(username)
if not isinstance(user, User):
return user
try:
user_up = up_schema.load(req_data, unknown=EXCLUDE)
except MarshmallowValidationError as e:
return resp_data_invalid("Users", e.messages)
if user_up.get("user_name") and user_up.get("user_name") != username:
return resp_data_invalid("Users",
{"user_name": user_up.get("user_name")},
"Nao pode alterar o nome de usuário")
try:
for k, v in user_up.items():
if k == "address":
for k_addr, v_addr in v.items():
user["address"][k_addr] = v_addr
else:
user[k] = v
except Exception as e:
return resp_exception("Users-Aqui", description=e.__str__())
save_result = save_model(user, "Users", "Usuário")
if not isinstance(save_result, User):
return save_result
result = schema.dump(save_result)
return resp_ok("Users",
MSG_RESOURCE_UPDATED.format("Usuário", username),
data=result)