def post(self): post_data = request.get_json() schema = UserSchema() try: data = schema.load(post_data) except ValidationError as err: return {"errors": err.messages}, 422 email = data["email"] username = data["username"] email_exist = User.query.filter_by(email=email).first() user_exist = User.query.filter_by(username=username).first() if not user_exist and not email_exist: user = User(email=email, password=data["password"], username=username) db.session.add(user) db.session.commit() cart = UserCart(user_id=user.id) db.session.add(cart) db.session.commit() token = url_serializer.dumps( email, salt="192168876303253213878675934144992262075") msg = Message("Cybernetic Email Confirmation", sender="*****@*****.**", recipients=[email]) link = url_for('auth_register_confirm_email', token=token, _external=True) # link = f"http://{app.config['DOMAIN']}/auth/register/confirm-email/{token}" msg.body = 'Your link is {} \n The link will expire in 5 Minutes'.format( link) mail.send(msg) response_obj = { "success": True, "message": "Successfully registered, confirmation email sent.", } return make_response(jsonify(response_obj), 201) else: response_obj = { "success": False, "message": "User already exists. Please Log in.", } return make_response(jsonify(response_obj), 202)
def put(self): user_schema = UserSchema() post_data = request.get_json(force=True) user_identifier = get_jwt_identity() user = User.query.filter_by(id=user_identifier).first() try: data = user_schema.load(post_data, instance=user, partial=True) except ValidationError as err: return {"errors": err.messages}, 422 for key in post_data: if key.lower() == "password": password = post_data.get("password") user.password = bcrypt.generate_password_hash(password).decode("utf-8") revoke_tokens(user_identifier) else: setattr(user, key.lower(), post_data.get(key.lower())) if "email" in post_data: user.email_verified = False db.session.commit() email = post_data.get("email") token = url_serializer.dumps(email, salt="192168876303253213878675934144992262075") msg = Message("Cybernetic Email Confirmation", sender="*****@*****.**", recipients=[email]) link = url_for('auth_register_confirm_email', token=token, _external=True) msg.body = 'Your link is {} \n The link will expire in 5 Minutes'.format(link) mail.send(msg) response_obj = { "success": True, "message": "Please verify your email, the email confirmation link has sent to your email." } return response_obj else: db.session.commit() response_obj = { "success": True } return response_obj
def post(self): post_data = request.get_json(force=True) schema = UserSchema(exclude=("username", "password")) try: post_data = schema.load(post_data) except ValidationError as err: return {"errors": err.messages}, 422 email = post_data.get("email") user = User.query.filter_by(email=email).first() if user: token = url_serializer.dumps( email, salt="192168876303253213878675934144992262075") msg = Message("Cybernetic Forget Password", sender="*****@*****.**", recipients=[email]) link = url_for('auth_forget_password_request_new', token=token, _external=True) # link = f"http://{app.config['DOMAIN']}/auth/register/confirm-email/{token}" msg.body = 'Your link is {} \n The link will expire in 5 Minutes'.format( link) mail.send(msg) response_obj = { "success": True, "message": "A reset password link has been sent to your email, " "please check your inbox", } return response_obj else: response_obj = { "success": False, "message": "No user found with the email address provided", } return make_response(jsonify(response_obj), 404)
def post(self): post_data = request.get_json() schema = UserSchema(only=("email", "password")) try: post_data = schema.load(post_data) except ValidationError as err: return {"errors": err.messages}, 422 email = post_data.get("email") password = post_data.get("password") user = User.query.filter_by(email=email).first() if user and bcrypt.check_password_hash(user.password, password) and user.active: if user.email_verified and not user.enabled_2fa: auth_token = create_access_token( identity=user.id, expires_delta=datetime.timedelta(days=1, seconds=0)) add_token_to_database(auth_token, app.config['JWT_IDENTITY_CLAIM']) if auth_token: response_obj = { "success": True, "message": "Successfully logged in.", "auth_token": auth_token } return response_obj elif not user.email_verified: token = url_serializer.dumps( email, salt="192168876303253213878675934144992262075") msg = Message("Cybernetic Email Confirmation", sender="*****@*****.**", recipients=[email]) link = url_for('auth_register_confirm_email', token=token, _external=True) msg.body = 'Your link is {} \n The link will expire in 5 Minutes'.format( link) mail.send(msg) response_obj = { "success": False, "message": "Your email address hasn't been verified, A new link has been sent to your email, " "please check your inbox", } return response_obj, 403 elif user.enabled_2fa: msg = Message("Cybernetic 2FA PIN", sender="*****@*****.**", recipients=[email]) two_factor = User2FA(user.id) db.session.add(two_factor) db.session.commit() msg.body = f'Your 2FA PIN is {two_factor.pin} \n The PIN will expire in 5 minute' mail.send(msg) response_obj = { "success": True, "message": "2FA required, A 6 digit PIN has been sent to your registered email address", "2fa_required": True } return response_obj else: response_obj = { "success": False, "message": "Incorrect username or password", } return response_obj, 401