def create_user(db: Session, user: UserCreate):
user.password = get_password_hash(user.password)
db_user = models.User(**user.dict())
db.add(db_user)
db.commit()
db.refresh(db_user)
return db_user
def post(self):
'''do the login :)'''
email = self.request.data.get('email')
password = self.request.data.get('password')
user = yield from db.users.find_one({
'email': email
})
if user:
password_hash = yield from utils.get_password_hash(
user['salt'],
password.encode()
)
if user['password'] == password_hash:
user['last_login'] = datetime.datetime.now()
yield from db.users.save(user)
user['token'] = yield from utils.generate_token(user)
yield from serializers.user(user)
self.response.set_content(user)
else:
self.invalid_response()
else:
self.invalid_response()
yield from self.response.close()
def change_user_password(username: str, password: str) -> UserDto:
c = connection.cursor()
password = get_password_hash(password)
c.execute("UPDATE users SET password=%s WHERE username=%s;",
(password, username))
connection.commit()
return UsersService.get_user_by_username(username)
def create_user(username: str, password: str) -> UserDto:
now = datetime.now()
c = connection.cursor()
password = get_password_hash(password)
c.execute(
"INSERT INTO users (username, password, created_at, updated_at) VALUES (%s, %s, %s, %s) RETURNING id;",
(username, password, now, now),
)
(user_id, ) = c.fetchone()
connection.commit()
return UsersService.get_user_by_id(user_id)
def register_customer(firstname, surname, password, email):
"""Registers a new customer."""
password_hash = get_password_hash(password)
session = generate_session_id(firstname)
query = (
"INSERT INTO customers (firstname, surname, password, email, session_id) VALUES (%s, %s, %s, %s, %s)"
)
query_info = (firstname, surname, password_hash, email, session)
execute_query(query, query_info)
print("Added new customer user to DB")
return session
def register_staff(name, password, email, _type):
"""Registers a staff member with all relevant details."""
password_hash = get_password_hash(password)
session = generate_session_id(name)
query = (
"INSERT INTO staff (name, password, email, type, session_id) VALUES (%s, %s, %s, %s, %s)"
)
query_info = (name, password_hash, email, _type, session)
execute_query(query, query_info)
print("Added new staff user to DB")
return session
def login():
if request.method == "GET":
return render_template("login.html")
elif request.method == "POST":
username = request.form.get("username")
password = request.form.get("password")
if not user_credentials_schema.validate(request.form):
abort(400)
password = get_password_hash(password)
user = UsersService.get_user_by_username(username)
if user.password != password:
abort(400)
SessionsService.attach_user(request.session_token, user.id)
return redirect(url_for("index_page"))
def post(self):
''' This method is called on HTTP POST'''
user = self.request.data
is_valid = yield from self.validate_user(user)
if is_valid:
user['salt'] = yield from utils.generate_salt()
user['last_login'] = user['created'] = datetime.datetime.now()
user['modified'] = None
user['password'] = yield from utils.get_password_hash(
user['salt'], user['password'].encode())
db.users.insert(user)
yield from serializers.user(user)
# Generate the token
user['token'] = yield from utils.generate_token(user)
self.response.status_code = 201
self.response.set_content(user)
yield from self.response.close()
def post(self):
''' This method is called on HTTP POST'''
user = self.request.data
is_valid = yield from self.validate_user(user)
if is_valid:
user['salt'] = yield from utils.generate_salt()
user['last_login'] = user['created'] = datetime.datetime.now()
user['modified'] = None
user['password'] = yield from utils.get_password_hash(
user['salt'], user['password'].encode()
)
db.users.insert(user)
yield from serializers.user(user)
# Generate the token
user['token'] = yield from utils.generate_token(user)
self.response.status_code = 201
self.response.set_content(user)
yield from self.response.close()
def post(self):
'''do the login :)'''
email = self.request.data.get('email')
password = self.request.data.get('password')
user = yield from db.users.find_one({'email': email})
if user:
password_hash = yield from utils.get_password_hash(
user['salt'], password.encode())
if user['password'] == password_hash:
user['last_login'] = datetime.datetime.now()
yield from db.users.save(user)
user['token'] = yield from utils.generate_token(user)
yield from serializers.user(user)
self.response.set_content(user)
else:
self.invalid_response()
else:
self.invalid_response()
yield from self.response.close()
