def create_user(username, password):
"""Creates a user with hashed password in the database
:return: user object
"""
user = User(username=username)
user.hash_password(password)
db.session.add(user)
db.session.commit()
return user
def post(self):
if request.headers['content-type'] == 'application/json':
args = self.reqparse.parse_args()
username = args['username']
password = args['password']
if User.query.filter_by(username=username).first() is not None:
return Response(status=403) # existing user
user = User(username=username)
user.hash_password(password)
db.session.add(user)
db.session.commit()
return {'user': marshal(user, USER_FIELDS)}, 201
else:
return Response(status=400) # invalid request type
def test_created_user_is_not_admin(self):
user = User(username='******')
user.hash_password('password')
db.session.add(user)
db.session.commit()
self.assertFalse(user.admin)