def wrap(*args, **kwargs):
data = request.get_json()
if check_keys(data, 2) or not data['password']:
return jsonify({'warning': 'Provide strong password'}), 400
if not password_regex.match(data['password']):
return jsonify({
'warning': 'Provide strong password'
}), 400
return f(*args, **kwargs)
def wrap(*args, **kwargs):
data = request.get_json()
# check if all fields are provided
if check_keys(data, 4):
return jsonify({
'warning': 'All Fields Required'
}), 400
# check if username is taken
if db.session.query(
db.exists().where(User.username == data['username'])
).scalar():
return jsonify({'warning': 'Username has already been taken'}), 409
# check if email is taken
if db.session.query(
db.exists().where(User.email == data['email'])
).scalar():
return jsonify({'warning': 'Email has already been taken'}), 409
# validate username
if not username_regex.match(data['username'].lower()):
return jsonify({
'warning': 'Invalid username'
}), 409
# validate email
if not email_regex.match(data['email']):
return jsonify({
'warning': 'Invalid email'
}), 409
# validate password
if not password_regex.match(data['password']):
return jsonify({
'warning': 'Provide strong password'
}), 409
return f(*args, **kwargs)
def login():
"""Login registered user"""
auth = request.get_json()
# validate all fields are present
if check_keys(auth, 2):
return jsonify({'warning': 'Provide username & password'}), 400
user = User.query.filter_by(username=auth['username']).first()
if not user:
return jsonify({
'warning': '{} does not exist'.format(auth['username'])
}), 401
password = user.password
candidate_password = auth['password']
if sha256_crypt.verify(candidate_password, password):
# Sha256 decodes and compares passwords
# then creates a token that expires in 30 min
session['logged_in'] = True
session['username'] = auth['username']
exp_time = datetime.datetime.utcnow() + datetime.timedelta(minutes=30)
token = jwt.encode(
{
'id': user.id,
'username': user.username,
'exp': exp_time
}, os.getenv("SECRET")
)
AuthToken(token.decode('UTF-8')).save()
return jsonify({
'token': token.decode('UTF-8'),
'success': 'Login success'
}), 200
return jsonify({'warning': 'Cannot Login wrong password'}), 401