def join(args): result = {"error": None, "data": {}} if UserService.get_by_username(args["username"]): return abort("account", "username-exist") if UserService.get_by_email(args["email"]): return abort("account", "email-exist") account = UserService.create( args["username"], auth.hashpwd(args["password"]), args["email"] ) email = mail.Email() activation_token = Token.create("activation", account.username) email.account_confirmation(account, activation_token) result["data"] = { "login": int(datetime.timestamp(account.login)), "username": account.username } # Display activation code only in debug mode if config.debug: result["data"]["code"] = activation_token # ToDo: Add permissions here return result
def post(self): result = {"error": None, "data": {}} parser = reqparse.RequestParser() parser.add_argument("password", type=str, required=True) parser.add_argument("email", type=str, required=True) args = parser.parse_args() account = UserService.get_by_email(args["email"]) if account is None: return abort("account", "not-found") login = UserService.login(args["password"], account.password) if not login: return abort("account", "login-failed") UserService.update(account, login=datetime.now) token = Token.create("login", account.username) data = Token.validate(token) result["data"] = { "token": token, "expire": data["payload"]["expire"], "username": data["payload"]["meta"] } return result
def post(self): result = {"error": None, "data": {}} parser = reqparse.RequestParser() parser.add_argument("username", type=str, required=True) parser.add_argument("password", type=str, required=True) parser.add_argument("email", type=str, required=True) args = parser.parse_args() account = UserService.get_by_username(args["username"]) if account is not None: return abort("account", "username-exist") account_check = UserService.get_by_email(args["email"]) if account_check is not None: return abort("account", "email-exist") admin = len(UserService.list()) == 0 account = UserService.signup(args["username"], args["email"], args["password"]) # Make first registered user admin if admin: PermissionService.add(account, "global", "activated") PermissionService.add(account, "global", "admin") result["data"] = {"username": account.username} activation_token = Token.create("activation", account.username) # Display activation code only in debug mode if config.debug: result["data"]["code"] = activation_token mail = Email() mail.account_confirmation(account.email, activation_token) return result
@use_args(login_args, location="json") @orm.db_session def login(args): result = {"error": None, "data": {}} if not (account := UserService.get_by_email(args["email"])): return abort("account", "not-found") if not auth.checkpwd(args["password"], account.password): return abort("account", "login-failed") if not account.activated: return abort("account", "not-activated") account.login = datetime.utcnow() login_token = Token.create("login", account.username) data = Token.payload(login_token) result["data"] = { "token": login_token, "expire": data["expire"], "username": data["meta"] } return result @blueprint.route("/activate", methods=["POST"]) @use_args(activate_args, location="json") @orm.db_session def activate(args): result = {"error": None, "data": {}}