def login():
try:
kwargs = request.body_params.dict()
exist_user = EmployeeModel.find_by_identity(kwargs["email"])
if exist_user is None:
return jsonify(error="wrong email or password"), 401
if not exist_user.authenticate(kwargs["password"]):
return jsonify(error="wrong email or password"), 401
if not has_access(exist_user.role, ["admin"]):
return jsonify(error="Access denied"), 403
# Create the tokens we will be sending back to the user
access_token = create_access_token(
identity=exist_user,
additional_claims={"role": exist_user.role.id})
refresh_token = create_refresh_token(
identity=exist_user,
additional_claims={"role": exist_user.role.id})
AdminRespUser.update_forward_refs()
admin_dto = AdminRespUser.from_orm(exist_user).dict()
resp = jsonify(user=admin_dto,
accessToken=access_token,
refreshToken=refresh_token), 200
return resp
except Exception as e:
print(e)
return jsonify(error="Admin login error"), 500
def customer(customer_id):
try:
user = CustomerModel.get_by_id(customer_id)
if user is None:
return jsonify(error="User not found"), 400
AdminRespUser.update_forward_refs()
user_dto = AdminRespUser.from_orm(user).dict()
resp = jsonify(user=user_dto), 200
return resp
except Exception as e:
print(e)
return jsonify(error="User error"), 500