def put(self, id):
parser = reqparse.RequestParser()
parser.add_argument('username', type=str, location='json')
parser.add_argument('password', type=str, location='json')
parser.add_argument('email', type=str, location='json')
parser.add_argument('first_name', type=str, location='json')
parser.add_argument('last_name', type=str, location='json')
parser.add_argument('is_admin', type=bool, location='json')
parser.add_argument('is_active', type=bool, location='json')
args = parser.parse_args()
user_dao = UserDao(self.db_session())
user = user_dao.retrieve(id=id)
if user is None:
return self.error_response('User {} not found'.format(id), http.NOT_FOUND_404)
user.username = args['username']
if args['password'] != '':
user.password = args['password']
user.email = args['email']
user.first_name = args['first_name']
user.last_name = args['last_name']
user.is_admin = args['is_admin']
user.is_active = args['is_active']
user = user_dao.save(user)
return self.response(user.to_dict())
def get(self, id):
user_dao = UserDao(self.db_session())
user = user_dao.retrieve(id=id)
if user is None:
return self.error_response('User {} not found'.format(id), http.NOT_FOUND_404)
return self.response(user.to_dict())
def delete(self, id):
user_dao = UserDao(self.db_session())
user = user_dao.retrieve(id=id)
if user is None:
return self.error_response('User {} not found'.format(id), http.NOT_FOUND_404)
user_dao.delete(user)
return self.response({}, http.NO_CONTENT_204)
def check_login(username, password):
user_dao = UserDao(g.db_session)
user = user_dao.retrieve(username=username)
if user is None:
return None, 'User {} not found'.format(username)
if not user.is_active:
return None, 'User {} no longer active'.format(username)
if user.password != password:
return None, 'Invalid password'
return user, None
def init_tables():
user_dao = UserDao(db.session)
for item in app.config['USERS']:
user = user_dao.retrieve(username=item['username'])
if user is None:
user_dao.create(username=item['username'],
password=item['password'],
email=item['email'],
first_name=item['first_name'],
last_name=item['last_name'],
is_superuser=item['is_superuser'],
is_admin=item['is_admin'],
is_active=item['is_active'],
is_visible=item['is_visible'])
def delete(self, id, user_id):
user_group_dao = UserGroupDao(self.db_session())
user_group = user_group_dao.retrieve(id=id)
if user_group is None:
return self.error_response('User group {} not found'.format(id), http.NOT_FOUND_404)
user_dao = UserDao(self.db_session())
user = user_dao.retrieve(id=user_id)
if user is None:
return self.error_response('User {} not found'.format(id), http.NOT_FOUND_404)
if user in user_group.users:
user_group.users.remove(user)
user_group = user_group_dao.save(user_group)
return self.response(user_group.to_dict())
def check_token(token):
if 'SECRET_KEY' not in g.config.keys():
return None, 'Could not retrieve secret key'
secret = g.config['SECRET_KEY']
if secret is None:
return None, 'Secret key is empty'
try:
data = jwt.decode(token, secret, algorithms=['HS256'])
except JWTError as e:
return None, 'Could not decode token ({})'.format(e.message)
user_dao = UserDao(g.db_session)
user = user_dao.retrieve(id=data['id'])
if user is None:
return None, 'User {} not found'.format(data['id'])
if not user.is_active:
return None, 'User {} no longer active'.format(user.username)
return user, None
