def put(self, username): req_data = request.get_json() or None user = get_user_by_user_name(username) if not isinstance(user, User): return user current_password = req_data.get("current_password") new_password = req_data.get("new_password") confirm_password = req_data.pop("confirm_password") if not checkpw(current_password.encode("utf-8"), user["password"].encode("utf-8")): return resp_data_invalid( "Users", "Senha atual não confere com a senha cadastrada") if not check_password_in_signup(new_password, confirm_password): errors = {"password": MSG_CHECK_PASSWORD_FAILED} return resp_data_invalid("Users", errors) new_pass_hashed = hashpw(new_password.encode("utf-8"), gensalt(12)).decode("utf-8") user["password"] = new_pass_hashed save_result = save_model(user, "Users", "Usuário") if not isinstance(save_result, User): return save_result return resp_ok("User", MSG_PASSWORD_CHANGED, data={"user_name": username})
def post(self, *args, **kwargs): """ Rota para login na API """ req_data = request.get_json() or None user = None login_schema = LoginSchema() user_schema = UserSchema(exclude=["address"]) if req_data is None: return resp_data_invalid("Users", [], msg=MSG_NO_DATA) try: data = login_schema.load(req_data) except MarshmallowValidationError as e: return resp_data_invalid("Users", desc=e.__str__()) user = get_user_by_user_name(data["user_name"]) if not isinstance(user, User): return user if checkpw( data.get("password").encode("utf-8"), user.password.encode("utf-8")): extras = { "token": create_access_token(identity=user.user_name), "refresh": create_refresh_token(identity=user.user_name) } result = user_schema.dump(user) return resp_ok("Auth", MSG_TOKEN_CREATED, data=result, **extras) return resp_notallowed_user("Auth")
def delete(username): schema = UserSchema() user = get_user_by_user_name(username) if not isinstance(user, User): return user user.delete() return resp_ok_no_content()
def __call__(self, *args, **kwargs): user = get_user_by_user_name(get_jwt_identity()) if not isinstance(user, User): return user if user.is_admin(): return self.f(*args, **kwargs) else: return resp_notallowed_user("Users")
def get(username): schema = UserSchema() user = get_user_by_user_name(username) if not isinstance(user, User): return user result = schema.dump(user) return resp_ok("Users", MSG_RESOURCE_FETCHED.format("Usuário", username), result)
def put(self, username): schema = UserSchema() up_schema = UserUpdateSchema() req_data = request.get_json() or None user = get_user_by_user_name(username) if not isinstance(user, User): return user try: user_up = up_schema.load(req_data, unknown=EXCLUDE) except MarshmallowValidationError as e: return resp_data_invalid("Users", e.messages) if user_up.get("user_name") and user_up.get("user_name") != username: return resp_data_invalid("Users", {"user_name": user_up.get("user_name")}, "Nao pode alterar o nome de usuário") try: for k, v in user_up.items(): if k == "address": for k_addr, v_addr in v.items(): user["address"][k_addr] = v_addr else: user[k] = v except Exception as e: return resp_exception("Users-Aqui", description=e.__str__()) save_result = save_model(user, "Users", "Usuário") if not isinstance(save_result, User): return save_result result = schema.dump(save_result) return resp_ok("Users", MSG_RESOURCE_UPDATED.format("Usuário", username), data=result)