def post(self): raw_dict = request.get_json(force=True) try: schema.validate(raw_dict) request_dict = raw_dict['data']['attributes'] payload = parse_token(request) logged_user = Users.query.get(payload['sub']) createdby = logged_user.name updatedby = logged_user.name password = generate_password_hash(request_dict['password']) user = Users( request_dict['email'], password, request_dict['name'], createdby, updatedby, ) user.add(user) # Should not return password hash query = Users.query.get(user.id) results = schema.dump(query).data return results, 201 except ValidationError as err: resp = jsonify({"error": err.messages}) resp.status_code = 403 return resp except SQLAlchemyError as e: db.session.rollback() resp = jsonify({"error": str(e)}) resp.status_code = 403 return resp
def login_from_acs(acs): if acs.get('errors'): return jsonify({'errors': acs.get('errors')}) elif not acs.get('logged_in'): return jsonify({"error": "login failed"}) else: attributes = list(acs.get("attributes")) username = attributes[0][1][0] firstname = attributes[1][1][0] lastname = attributes[2][1][0] email = attributes[3][1][0] user = Users.query.filter_by(id = username).first() if user is None: user = Users(id = username) user.first_name = firstname user.last_name = lastname user.email = email db.session.add(user) db.session.commit() login_user(user) return redirect('/')
def addmessage(id=None,subj=None): form = MessageForm() if id: recp = Users.objects(id=id).get() form.recipients.data = recp.username if form.validate_on_submit(): if g.user.username in form.recipients.data: flash('Expeditorul nu poate fi si destinatar!',category='alert-danger') return redirect(request.referrer) else: recs = [] for i in form.recipients.data.split(','): try: temp_user = Users.objects(username=i).get() recs.append(temp_user) except: flash('Utilizatorul '+i+' nu exista!') return redirect(request.referrer) msg = Messages(sender=g.user, recipients=recs, title=form.title.data, content=form.content.data, ownerid=g.user, folder='trimise',read=True, msgid=generate_msgid()) msg.save() for i in recs: print i.username temp = Messages(sender=g.user, recipients=recs, title=form.title.data, content=form.content.data, ownerid=i, folder='inbox', msgid=msg.msgid, date=msg.date) temp.save() flash('Mesaj trimis!',category='alert-success') return redirect(url_for('messages.list')) return render_template('messages/add.html',form=form)
def my_profile(): """ User profile :return: flask.render_template / flask.redirect """ form_u = MyProfileForm() form_pw = PasswordForm() if request.method == 'POST': if form_u.username.data == current_user.username: form_u.username.raw_data = None if form_u.email.data == current_user.email: form_u.email.raw_data = None else: form_u.username.data = current_user.username form_u.email.data = current_user.email if form_u.validate_on_submit(): Users.update_user( user_id=current_user.id, username=form_u.username.data, email=form_u.email.data ) flash('You successfully updated your profile.', 'success') return redirect(url_for('users.my_profile')) data = { 'active_page': 'profile', 'form_u': form_u, 'form_pw': form_pw } return render_template('users/my_profile.html', **data)
def change_password(): """ User profile :return: flask.render_template / flask.redirect """ form_u = MyProfileForm() form_pw = PasswordForm() form_u.username.data = current_user.username form_u.email.data = current_user.email if form_pw.validate_on_submit(): old_pw = form_pw.old_password.data if Users.check_old_password(current_user, old_pw): Users.update_user( user_id=current_user.id, password=form_pw.password.data ) flash('You successfully updated your password.', 'success') return redirect(url_for('users.my_profile')) else: form_pw.old_password.errors = ['Old password mismatch.'] data = { 'active_page': 'profile', 'form_u': form_u, 'form_pw': form_pw } return render_template('users/my_profile.html', **data) data = { 'active_page': 'profile', 'form_u': form_u, 'form_pw': form_pw } return render_template('users/my_profile.html', **data)
def post(self): raw_dict = request.get_json(force=True) try: schema.validate(raw_dict) user_dict = raw_dict['data']['attributes'] user = Users( user_dict['email'], generate_password_hash(user_dict['password']), user_dict['name'], user_dict['is_active']) user.add(user) query = Users.query.get(user.id) results = schema.dump(query).data return results, 201 except ValidationError as err: resp = jsonify({"error": err.messages}) resp.status_code = 403 return resp except SQLAlchemyError as e: db.session.rollback() resp = jsonify({"error": str(e)}) resp.status_code = 403 return resp
def post(self): raw_dict = request.get_json(force=True) try: schema.validate(raw_dict) request_dict = raw_dict['data']['attributes'] role = None active = 0 user = Users(request_dict['email'], generate_password_hash(request_dict['password']), request_dict['name'], active, role) user.add(user) # Should not return password hash query = Users.query.get(user.id) results = schema.dump(query).data return results, 201 except ValidationError as err: resp = jsonify({"error": err.messages}) resp.status_code = 403 return resp except SQLAlchemyError as e: db.session.rollback() resp = jsonify({"error": str(e)}) resp.status_code = 403 return resp
def setup_method(self, method): db.drop_all() db.create_all() # Create normal user for tests. self.user = Users(id="testuser") self.user.first_name = "Test1" self.user.last_name = "User" self.user.email = "*****@*****.**" self.user.is_admin = False db.session.add(self.user) db.session.commit() self.user_token = self.user.generate_auth() self.user_token = self.user_token.decode('ascii') # Create admin user for tests. self.admin_user = Users(id="adminuser") self.admin_user.first_name = "Admin" self.admin_user.last_name = "User" self.admin_user.email = "*****@*****.**" self.admin_user.is_admin = True db.session.add(self.admin_user) db.session.commit() self.admin_user_token = self.admin_user.generate_auth() self.admin_user_token = self.admin_user_token.decode('ascii')
def fetch_and_create_user(twitter_id): user = Users.query.filter_by(twitter_id=twitter_id).first() if user: return user else: print('Fetching user from twitter with twitter_id:', twitter_id) user_data = twitter_api.get_user(twitter_id) user = Users(user_data) user.add(user) user = Users.query.get(user.id) return user
def post(self): raw_dict = request.get_json(force=True) try: schema.validate(raw_dict) request_dict = raw_dict['data']['attributes'] role = None active = 0 classified = 0 in_queue = 0 #Check for existing entry userCheck = Users.query.filter_by( email=request_dict['email']).first() if userCheck is None: user = Users(request_dict['email'], generate_password_hash(request_dict['password']), request_dict['name'], active, role, classified, in_queue) user.add(user) query = Users.query.get(user.id) # Should not return password hash query.password = "******" results = schema.dump(query).data fp = os.getcwd() fp = fp.rsplit('/', 1)[0] # go back one dir direct = fp + "/GT_USERS/USER_" + str(query.id) if not os.path.exists(direct): os.makedirs(direct) os.makedirs(direct + "/cropped") os.makedirs(direct + "/images") os.makedirs(direct + "/json") os.makedirs(direct + "/labelled") os.makedirs(direct + "/packaged") os.makedirs(direct + "/segmented") return results, 201 else: resp = jsonify({"error": "Email already taken"}) resp.status_code = 403 return resp except ValidationError as err: resp = jsonify({"error": err.messages}) resp.status_code = 403 return resp except SQLAlchemyError as e: db.session.rollback() resp = jsonify({"error": str(e)}) resp.status_code = 403 return resp
def api_create_user(): data = request.args.to_dict(flat=True) hashed_password = generate_password_hash(data['password'], method='sha256') try: new_user = Users(public_id=str(uuid.uuid4()), name=data['name'], password=hashed_password,) new_user.id_role = 3 session.add(new_user) session.commit() return jsonify({'message': None, 'data': None, 'status': 'success'}), 201 except Exception as e: session.rollback() return jsonify({'message': 'Unexpected error', 'data': None, 'status': 'error'}), 400
def register(): """Users list :return: flask.render_template """ form = RegisterForm() if form.validate_on_submit(): Users.create_user( username=form.username.data, email=form.email.data, password=form.password.data ) message = '{} has been created.'.format(form.username.data) return render_template('modal_success.html', message=message) return render_template('users/register.html', form=form)
def setup(self): db.create_all() db.session.add( Users(id=1, username="******", password="******", email="*****@*****.**")) db.session.add(Role(id=1, name="admin")) db.session.add(UserRoles(id=1, user_id=1, role_id=1)) db.session.add(Profile(id=1, avatar="jeff.jpg", user_id=1)) db.session.add( Users(id=2, username="******", password="******", email="*****@*****.**")) db.session.add(Role(id=2, name="player")) db.session.add(UserRoles(id=2, user_id=2, role_id=2)) db.session.add(Profile(id=2, avatar="finn.jpg", user_id=2)) db.session.commit() db.session.add( AwayTeamBet(id=1, game_key=123, bet_key=123, away_team="BUF", vs="BUF vs @NE", away_ps=1, amount=20, user_id=1)) db.session.add( HomeTeamBet(id=1, game_key=123, bet_key=123, home_team="NE", vs="BUF vs @NE", home_ps=-1, amount=20, user_id=2)) db.session.add( OverUnder(id=1, game_key=123, bet_key=123, over_under="o", total=40, amount=20, vs="BUF vs @NE", user_id=1)) db.session.commit()
def validate_email(self, field): try: user = Users.objects(email=field.data).get() if user: raise ValidationError('Email este deja folosit!') except: pass
def create_object(self, user_data: dict): try: user = Users(**user_data) self.db.session.add(user) except (IntegrityError, FlushError): raise Exception(f'User {user.email} already exists') self.db.session.commit()
def validate_username(self, field): try: user = Users.objects(username=field.data).get() if user: raise ValidationError('Utilizatorul exista!') except: pass
def setUp(self): db.create_all() db.session.add( Users(username="******", email="*****@*****.**", password='******')) db.session.commit()
def validate_username(self,field): try: user = Users.objects(username=field.data).get() if user: raise ValidationError('Utilizatorul exista!') except: pass
def edituser(): """ Build the view used to edit existing accounts """ user = Users.objects(id=unicode(g.user.id)).get() form = UserForm() if form.validate_on_submit(): user.username = form.username.data if form.avatar.data: image_data = request.FILES[form.avatar.name].read() user.avatar = image_data user.email = form.email.data user.specialties = form.specialties.data.split(',') user.interests = form.interests.data.split(',') user.save() flash('Cont modificat!', category='alert-success') return redirect(request.referrer) form.username.data = user.username form.email.data = user.email form.avatar.data = '' form.specialties.data = ','.join(user.specialties) form.interests.data = ','.join(user.interests) return render_template('users/add.html', pagetitle='Editeaza utilizator', form=form)
def validate_email(self,field): try: user = Users.objects(email=field.data).get() if user: raise ValidationError('Email este deja folosit!') except: pass
def create_note(user_data): user = Users.verify_auth(user_data.get("token", "")) committe_id = user_data.get('committee', '') committee = Committees.query.filter_by(id=committe_id).first() if committee is not None: if(user is not None and (user.is_admin or committee.head == user.id)): committee_note = CommitteeNotes() committee_note.committee = committee.id committee_note.description = user_data.get('description',"") committee_note.author = user.id committee_note.hidden = False db.session.add(committee_note) try: db.session.commit() emit('create_committee_note', Response.AddSuccess) get_notes(action.id, broadcast = True) except Exception as e: db.session.rollback() db.session.flush() emit("create_committee_note", Response.AddError) else: emit("create_committee_note", Response.UsrNotAuth) else: emit("create_committee_note", Response.CommitteeDoesntExist)
def test_add(): crud = CRUD() try: users = Users('test', 'test', 'test') result = crud.add(users, USERS_SCHEMA) except Exception as err: print(err) assert True
def adduser(): """ Build the view used to add new accounts """ form = RegisterForm() if form.validate_on_submit(): try: user = Users(username=form.username.data,email=form.email.data,specialties=form.specialties.data.split(','),interests=form.interests.data.split(',')) user.password = form.password.data user.save() token = user.generate_confirmation_token() send_email(user.email,'Confirmare email','users/email/confirm',user=user,token=token) flash('Contul a fost adaugat!', category='alert-success') except Exception as err: flash('Utilizatorul are deja cont!', category='alert-warning') return redirect(url_for('users.list')) return render_template('users/add.html',pagetitle='Adauga utilizator',form=form)
def registeruser(): """ Build the view used to add new accounts """ form = RegisterForm() if form.validate_on_submit(): try: user = Users(username=form.username.data,email=form.email.data,specialties=form.specialties.data.split(','),interests=form.interests.data.split(',')) user.password = form.password.data user.save() token = user.generate_confirmation_token() send_email(user.email,'Confirmare email','users/email/confirm',user=user,token=token) flash('Contul a fost adaugat! Va rugam confirmati adresa de email!', category='alert-success') except Exception as err: flash('Contul nu poate fi creat!', category='alert-warning') return redirect(url_for('users.login')) return render_template('users/login.html',pagetitle='Inregistrare',form=form,login=False)
def addmessage(id=None, subj=None): form = MessageForm() if id: recp = Users.objects(id=id).get() form.recipients.data = recp.username if form.validate_on_submit(): if g.user.username in form.recipients.data: flash('Expeditorul nu poate fi si destinatar!', category='alert-danger') return redirect(request.referrer) else: recs = [] for i in form.recipients.data.split(','): try: temp_user = Users.objects(username=i).get() recs.append(temp_user) except: flash('Utilizatorul ' + i + ' nu exista!') return redirect(request.referrer) msg = Messages(sender=g.user, recipients=recs, title=form.title.data, content=form.content.data, ownerid=g.user, folder='trimise', read=True, msgid=generate_msgid()) msg.save() for i in recs: print i.username temp = Messages(sender=g.user, recipients=recs, title=form.title.data, content=form.content.data, ownerid=i, folder='inbox', msgid=msg.msgid, date=msg.date) temp.save() flash('Mesaj trimis!', category='alert-success') return redirect(url_for('messages.list')) return render_template('messages/add.html', form=form)
def detailuser(id): user = Users.objects(id=id).get() results = [(Users.username.verbose_name, user.username), (Users.specialties.verbose_name, ','.join(user.specialties)), (Users.interests.verbose_name, ','.join(user.interests))] return render_template('users/details.html', pagetitle='Detalii utilizator', results=results)
def login(): if request.method == 'GET': return render_template('users/nonsms_login.html') elif request.method == 'POST': if request.form.get('username', '').find('@') > 0: user = Users.by_email(request.form.get('username', '')) else: user = Users.by_username(request.form.get('username', '')) if user: if pbkdf2_sha256.verify(request.form.get('password', ''), user.password): session['user_id'] = user.id session['phone'] = user.phone login_user(user) identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) return redirect(url_for('STUFF')) else: return redirect(url_for('handle_splash'))
class TestModels(unittest.TestCase): def setUp(self): self.my_book = Books() self.my_user = Users() #test that put_book adds book to all_books def test_put_book(self): result = self.my_book.put("serah chepkirui", "coding", "1st", 1139) self.assertIn("serah chepkirui", result['title']) #tests get_all retrieves all books in the dictionary''' def test_get_all_books(self): result = self.my_book.get_all() self.assertEqual(result, self.my_book.get_all()) #test that edit_book edits def test_edit_book(self): self.my_book.put("coding in Africa", "serah chepkirui", "13th", 2019) result = self.my_book.edit_book("coding in Africa", "serah chepkirui", "13th", 2019) self.assertIn("coding in Africa", result["title"]) #test that get_single_book returns all books def test_get_single_book(self): self.my_book.put("how to join Andela", "serah chepkirui", "18th", 2) result = self.my_book.get_single_book(2) self.assertEqual("serah chepkirui", result['author']) #test that get_single_book returns a book def test_delete_book(self): self.my_book.put("coding", "great developers", "6th", 1) result = self.my_book.delete(1) #test that put_user adds def test_put_user(self): result = self.my_user.put("great", "*****@*****.**", "blessings1") self.assertIn("great", result) #test verify password def test_verify_password(self): result = self.my_user.verify_password("great", "blessings1") self.assertEqual(result, "True")
def load_user(user_id): """Load user :param user_id: string :return : """ try: return Users.select().where(Users.id == int(user_id)).get() except Users.DoesNotExist: return None
def test_confirm_token_route_expired_token(self): # Ensure user cannot confirm account with expired token. user = Users(username="******", email='*****@*****.**', password='******', confirmed=False) db.session.add(user) db.session.commit() token = generate_confirmation_token('*****@*****.**') self.assertFalse(confirm_token(token, -1))
def signup(): if g.user is not None and g.user.is_authenticated: return redirect(url_for('index')) form = SignupForm() if form.validate_on_submit(): new_user = Users(form.username.data, form.name.data, form.email.data, form.password.data) db.session.add(new_user) db.session.commit() flash('Signup in successfully.', category='success') return redirect(url_for('users.login')) return render_template('signup.html', form=form)
def editpswduser(): """ Build the view used to edit a password for an existing account """ user = Users.objects(id=unicode(g.user.id)).get() form = PasswordForm() if form.validate_on_submit() and user.verify_password(form.oldpasswd.data): user.password = form.password.data user.save() flash('Parola modificata!', category='alert-success') return redirect(request.referrer) return render_template('users/add.html',pagetitle='Editeaza parola',form=form)
def index(): """Users list :return: flask.render_template / flask.redirect """ return render_template( 'users/index.html', form=RegisterForm(), users=Users.select(), active_page='users' )
def post(self): raw_dict = request.get_json(force=True) try: schema.validate(raw_dict) user_dict = raw_dict["data"]["attributes"] user = Users(user_dict["email"], user_dict["name"], user_dict["is_active"]) user.add(user) query = Users.query.get(user.id) results = schema.dump(query).data return results, 201 except ValidationError as err: resp = jsonify({"error": err.messages}) resp.status_code = 403 return resp except SQLAlchemyError as e: db.session.rollback() resp = jsonify({"error": str(e)}) resp.status_code = 403 return resp
def post(self): raw_dict = request.get_json(force=True) try: schema.validate(raw_dict) request_dict = raw_dict['data']['attributes'] createdby = "Self Signup" updatedby = "Self Signup" password = generate_password_hash (request_dict['password'] ) user = Users( request_dict['email'], password, request_dict['name'], createdby, updatedby , ) user.add(user) # Should not return password hash query = Users.query.get(user.id) results = schema.dump(query).data return results, 201 except ValidationError as err: print(err.messages) resp = jsonify({"error": err.messages}) resp.status_code = 403 return resp except SQLAlchemyError as e: db.session.rollback() resp = jsonify({"error": str(e.orig.args)}) print(str(e)) resp.status_code = 403 return resp
def adduser(): """ Build the view used to add new accounts """ form = RegisterForm() if form.validate_on_submit(): try: user = Users(username=form.username.data, email=form.email.data, specialties=form.specialties.data.split(','), interests=form.interests.data.split(',')) user.password = form.password.data user.save() token = user.generate_confirmation_token() send_email(user.email, 'Confirmare email', 'users/email/confirm', user=user, token=token) flash('Contul a fost adaugat!', category='alert-success') except Exception as err: flash('Utilizatorul are deja cont!', category='alert-warning') return redirect(url_for('users.list')) return render_template('users/add.html', pagetitle='Adauga utilizator', form=form)
def registeruser(): """ Build the view used to add new accounts """ form = RegisterForm() if form.validate_on_submit(): try: user = Users(username=form.username.data, email=form.email.data, specialties=form.specialties.data.split(','), interests=form.interests.data.split(',')) user.password = form.password.data user.save() token = user.generate_confirmation_token() send_email(user.email, 'Confirmare email', 'users/email/confirm', user=user, token=token) flash( 'Contul a fost adaugat! Va rugam confirmati adresa de email!', category='alert-success') except Exception as err: flash('Contul nu poate fi creat!', category='alert-warning') return redirect(url_for('users.login')) return render_template('users/login.html', pagetitle='Inregistrare', form=form, login=False)
def post(self): raw_dict = request.get_json(force=True) try: schema.validate(raw_dict) user_dict = raw_dict['data']['attributes'] user = Users(user_dict['firstname'], user_dict['lastname'], user_dict['dob'], user_dict['zipcode']) user.add(user) query = Users.query.get(user.id) results = schema.dump(query).data return results, 201 except ValidationError as err: resp = jsonify({"error": err.messages}) resp.status_code = 403 return resp except SQLAlchemyError as e: db.session.rollback() resp = jsonify({"error": str(e)}) resp.status_code = 403 return resp
def wrapped(*args, **kwargs): user = None if (args[0].get("token", "") != "" and args[0].get("token", "") != None): user = Users.verify_auth(args[0].get("token","")) elif current_user.is_authenticated: user = current_user if user: join_room(user.id) return f(user, *args, **kwargs)
def post(self): raw_dict = request.get_json(force=True) try: schema.validate(raw_dict) request_dict = raw_dict['data']['attributes'] createdby = "Self Signup" updatedby = "Self Signup" password = generate_password_hash(request_dict['password']) user = Users( request_dict['email'], password, request_dict['name'], createdby, updatedby, ) user.add(user) # Should not return password hash query = Users.query.get(user.id) results = schema.dump(query).data return results, 201 except ValidationError as err: print(err.messages) resp = jsonify({"error": err.messages}) resp.status_code = 403 return resp except SQLAlchemyError as e: db.session.rollback() resp = jsonify({"error": str(e.orig.args)}) print(str(e)) resp.status_code = 403 return resp
def unset_admin(): """Users list :return: flask.render_template """ form = ManageUserForm() if request.method == 'GET': try: user_id = int(request.args['user']) except ValueError: return abort(500) user = Users.get_user(user_id) if not user_id or not user: return abort(500) else: user = Users.get_user(form.user.data) if form.validate_on_submit(): if Users.unset_admin(form.user.data): message = '{} is not an Admin anymore.'.format(user.username) else: message = 'unable to remove Admin privileges for {}.'.format(user.username) return render_template('modal_success.html', message=message) return render_template('users/unset_admin.html', user=user)
def editpswduser(): """ Build the view used to edit a password for an existing account """ user = Users.objects(id=unicode(g.user.id)).get() form = PasswordForm() if form.validate_on_submit() and user.verify_password(form.oldpasswd.data): user.password = form.password.data user.save() flash('Parola modificata!', category='alert-success') return redirect(request.referrer) return render_template('users/add.html', pagetitle='Editeaza parola', form=form)
def delete(): """Delete user :return: flask.render_template """ form = ManageUserForm() if request.method == 'GET': try: user_id = int(request.args['user']) except ValueError: return abort(500) user = Users.get_user(user_id) if not user_id or not user: return abort(500) else: user = Users.get_user(form.user.data) if form.validate_on_submit(): if Users.delete_user(form.user.data): message = '{} has been deleted.'.format(user.username) else: message = 'unable to delete {}.'.format(user.username) return render_template('modal_success.html', message=message) return render_template('users/delete.html', user=user)
def login_ldap(credentials): ldap_server = "ldaps://ldap.rit.edu" if credentials.get("username", "") == "" or credentials.get( "password", "") == "": emit('auth', {'error': "Authentication error."}) return user_dn = "uid=" + credentials.get("username", "") + ",ou=People,dc=rit,dc=edu" search_filter = "uid=" + credentials.get("username", "") connect = ldap.initialize(ldap_server) try: connect.bind_s(user_dn, credentials.get("password", "")) result = connect.search_s(user_dn, ldap.SCOPE_SUBTREE, search_filter) connect.unbind_s() values = result[0][1] username = values["uid"][0].decode('utf-8') firstname = values["givenName"][0].decode('utf-8') lastname = values["sn"][0].decode('utf-8') email = values["mail"][0].decode('utf-8') # Check if a user exists. if Users.query.filter_by(id=username).first() is not None: user = Users.query.filter_by(id=username).first() token = user.generate_auth() admin = user.is_admin emit( 'auth', { 'token': token.decode('ascii'), 'admin': admin, 'super': user.is_super, 'username': username }) else: user = Users(id=username) user.first_name = firstname user.last_name = lastname user.email = email db.session.add(user) db.session.commit() token = user.generate_auth() emit('auth', {'token': token.decode('ascii')}) except ldap.LDAPError: connect.unbind_s() emit('auth', Response.AuthError) return
def init_db(): DATABASE.connect() DATABASE.create_tables([ Users, Servers, ArchiveServers, ServersSupervisor, EasyRsa, ArchiveEasyRsa, ServersProfiles, ArchiveServersProfiles, Clients, Logger ], safe=True) try: Users.create_user( username='******', email='*****@*****.**', password='******', admin=True ) except ValueError: pass DATABASE.close()
def login(): form = LoginForm() if form.validate_on_submit(): try: user = Users.objects(email=form.email.data).get() if user.verify_password(form.password.data): login_user(user,form.remember_me.data) return redirect(request.args.get('next') or url_for('wall.list')) else: raise Exception('Not authorised') except Exception as err: flash('Invalid username or password!', category='alert-danger') return render_template('users/login.html', pagetitle='Login',form=form,login=True)
def resetlink(): form = ResetPassForm() if form.validate_on_submit(): try: user = Users.objects(email=form.email.data).get() token = user.generate_reset_token() send_email(user.email,'Resetare parola','/users/email/passwdreset',user=user,token=token) flash('Parola a fost resetata! Va rugam urmati instructiunile primite pe email!',category='alert-success') return redirect(request.referrer) except Exception as err: flash('Adresa de email nu exista!',category='alert-danger') return redirect(request.referrer) return render_template('users/login.html',pagetitle='Resetare parola',form=form,login=False)
def user_add(): if request.method == 'POST': #Validate form values by de-serializing the request, http://marshmallow.readthedocs.org/en/latest/quickstart.html#validation form_errors = schema.validate(request.form.to_dict()) if not form_errors: name = request.form['name'] email = request.form['email'] user = Users(email, name) return add(user, success_url='users.user_index', fail_url='users.user_add') else: flash(form_errors) return render_template('/users/add.html')
def post(self): raw_dict = request.get_json(force=True) try: schema.validate(raw_dict) request_dict = raw_dict['data']['attributes'] payload = parse_token(request) logged_user = Users.query.get(payload['sub']) createdby = logged_user.name updatedby = logged_user.name password = generate_password_hash (request_dict['password'] ) user = Users( request_dict['email'], password, request_dict['name'], createdby, updatedby , ) user.add(user) # Should not return password hash query = Users.query.get(user.id) results = schema.dump(query).data return results, 201 except ValidationError as err: resp = jsonify({"error": err.messages}) resp.status_code = 403 return resp except SQLAlchemyError as e: db.session.rollback() resp = jsonify({"error": str(e)}) resp.status_code = 403 return resp
def post(self): raw_dict = request.get_json(force=True) user_dict = raw_dict['data']['attributes'] try: schema.validate(user_dict) user = Users(user_dict['name'], user_dict['email'], user_dict['address'], user_dict['website'], user_dict['is_active'], user_dict['mobile'], user_dict['Birthday']) user.add(user) query = Users.query.get(user.id) results = schema.dump(query).data return results, 201 except ValidationError as err: resp = jsonify({"error": err.messages}) resp.status_code = 403 return resp except SQLAlchemyError as e: db.session.rollback() resp = jsonify({"error": str(e)}) resp.status_code = 403 return resp
def create_admins(admin): from app.users.models import Users try: user = Users.objects(email=admin['email']).get() except: user = Users(email=admin['email'],username=admin['username'],permissions='full',status=True) user.password = admin['password'] user.save()
def resetpassword(email,token): form = NewPassForm() if form.validate_on_submit(): try: user = Users.objects(email=email).get() if user.id == user.resetpass(token): user.password = form.password.data user.save() flash('Parola schimbata!',category='alert-success') return redirect(url_for('users.login')) else: raise Exception except: flash('Token invalid!',category='alert-danger') return redirect(url_for('users.resetlink')) return render_template('users/login.html',pagetitle='Resetare parola',form=form,login=False)
def login(): """Login view :return: """ form = LoginForm() if form.validate_on_submit(): print() user = Users.check_identifier(form.identifier.data) if not user: flash("Your email or password doesn't match!", "error") else: if check_password_hash(user.password, form.password.data): login_user(user) flash("You've been logged in!", "success") return redirect(url_for('index')) else: flash("Your identifier or password doesn't match!", "error") return render_template('users/login.html', form=form)
def ajaxedit(action,id): user = Users.objects(id=id).get() if action == 'delete' and id != unicode(g.user.id): user.delete() if action == 'mkadmin' and id != unicode(g.user.id): user.permissions = 'full' user.save() if action == 'mkuser' and id != unicode(g.user.id): user.permissions = 'user' user.save() if action == 'deactivate' and id != unicode(g.user.id): user.status = False user.save() if action == 'activate' and id != unicode(g.user.id): user.status = True user.save() return redirect(request.referrer)
def edituser(): """ Build the view used to edit existing accounts """ user = Users.objects(id=unicode(g.user.id)).get() form = UserForm() if form.validate_on_submit(): user.username = form.username.data if form.avatar.data: image_data = request.FILES[form.avatar.name].read() user.avatar = image_data user.email = form.email.data user.specialties = form.specialties.data.split(',') user.interests = form.interests.data.split(',') user.save() flash('Cont modificat!',category='alert-success') return redirect(request.referrer) form.username.data = user.username form.email.data = user.email form.avatar.data = '' form.specialties.data = ','.join(user.specialties) form.interests.data = ','.join(user.interests) return render_template('users/add.html',pagetitle='Editeaza utilizator',form=form)
def load_user(userid): return Users.by_id(userid)
def load_session_data(): if 'user_id' in session.keys(): g.user = Users.objects(id=session['user_id']).get() session.inbox = getnewmessages(g.user.id)
def detailuser(id): user = Users.objects(id=id).get() results = [(Users.username.verbose_name,user.username),(Users.specialties.verbose_name,','.join(user.specialties)),(Users.interests.verbose_name,','.join(user.interests))] return render_template('users/details.html',pagetitle='Detalii utilizator',results=results)