def post(cls, user_id: int):
"""Resend confirmation email."""
user = UserModel.find_by_id(user_id)
if not user:
return {'message': getext("user_not_found")}, 404
try:
confirmation = user.most_recent_confirmation
if confirmation:
if confirmation.confirmed:
return {
'message': getext("confirmation_already_confirmed")
}, 400
confirmation.force_to_expire()
new_confirmation = ConfirmationModel(user_id)
new_confirmation.save_to_db()
user.send_confirmation_email()
return {'message': getext("confirmation_resend_successful")}
except MailgunException as e:
return {'message': str(e)}, 500
except:
traceback.print_exc()
return {'message': getext("confirmation_resend_fail")}, 500
def post(cls):
user_json = request.get_json()
user = user_schema.load(user_json)
if UserModel.find_by_username(user.username):
return {"message": getext("user_username_exists")}, 400
if UserModel.find_by_email(user.email):
return {"message": getext("user_email_exists")}, 400
try:
user.save_to_db()
confirmation = ConfirmationModel(user.id)
confirmation.save_to_db()
user.send_confirmation_email()
return {"message": getext("user_registered")}, 201
except MailgunException as e:
user.delete_from_db()
return {'message': str(e)}, 500
except:
traceback.print_exc()
user.delete_from_db()
return {'message': getext("user_error_creating")}, 500
def put(cls):
"""All Avatars are named after user's ID.
Something like this: user_{id}.{ext}
"""
data = image_schema.load(request.files)
filename = f"user_{get_jwt_identity()}"
folder = 'avatars'
avatar_path = image_helper.find_image_any_format(filename, folder)
if avatar_path:
try:
os.remove(avatar_path)
except:
return {'message': getext('avatar_delete_failed')}, 500
try:
ext = image_helper.get_extension(data['image'].filename)
avatar = filename + ext
avatar_path = image_helper.save_image(data['image'],
folder=folder,
name=avatar)
basename = image_helper.get_basename(avatar_path)
return {'message': getext('avatar_uploaded').format(basename)}, 200
except UploadNotAllowed:
extension = image_helper.get_extension(data['image'])
return {
'message': getext('image_illegal_extension').format(extension)
}, 400
def delete(cls, user_id: int):
user = UserModel.find_by_id(user_id)
if not user:
return {"message": getext("user_not_found")}, 404
user.delete_from_db()
return {"message": getext("user_deleted")}, 200
def delete(cls, name: str):
store = StoreModel.find_by_name(name)
if not store:
return {"message": getext("store_not_found")}, 404
store.delete_from_db()
return {"message": getext("store_deleted")}
def post(cls, name: str):
if StoreModel.find_by_name(name):
return (
{"message": getext("store_name_exists".format(name))},
400,
)
store = StoreModel(name=name)
try:
store.save_to_db()
except:
return {"message": getext("store_error_inserting")}, 500
return store_schema.dump(store), 201
def post(cls):
data = image_schema.load(request.files) # {'image': FileStorage}
user_id = get_jwt_identity()
folder = f"user_{user_id}"
try:
image_path = image_helper.save_image(data['image'], folder=folder)
basename = image_helper.get_basename(image_path)
return {'message': getext('image_uploaded').format(basename)}, 201
except UploadNotAllowed:
extension = image_helper.get_extension(data['image'])
return {
'message': getext('image_illegal_extension').format(extension)
}, 400
def get(cls, filename: str):
"""
Returns the requested image if exists. Looks up into logged in user folder.
"""
user_id = get_jwt_identity()
folder = f"user_{user_id}"
if not image_helper.is_filename_safe(filename):
return {
'message': getext('image_illegal_filename').format(filename)
}, 400
try:
return send_file(image_helper.get_path(filename, folder))
except FileNotFoundError:
return {'message': getext('image_not_found').format(filename)}, 404
def get(cls, user_id: int):
folder = 'avatars'
filename = f"user_{user_id}"
avatar = image_helper.find_image_any_format(filename, folder)
if avatar:
return send_file(avatar)
return {'message': getext('avatar_not_found')}, 404
def delete(cls, filename: str):
user_id = get_jwt_identity()
folder = f"user_{user_id}"
if not image_helper.is_filename_safe(filename):
return {
'message': getext('image_illegal_filename').format(filename)
}, 400
try:
os.remove(image_helper.get_path(filename, folder=folder))
return {'message': getext('image_deleted').format(filename)}, 200
except FileNotFoundError:
return {'message': getext('image_not_found').format(filename)}, 404
except:
traceback.print_exc()
return {'message': getext('image_delete_failed')}, 500
def post(cls, name: str):
if ItemModel.find_by_name(name):
return (
{
"message": getext("item_name_exists".format(name))
},
400,
)
item_json = request.get_json()
item_json['name'] = name
item = item_schema.load(item_json)
try:
item.save_to_db()
except:
return {"message": getext("item_error_inserting")}, 500
return item_schema.dump(item), 201
def post(cls):
user_json = request.get_json()
user_data = user_schema.load(user_json, partial=('email', ))
user = UserModel.find_by_username(user_data.username)
if user and safe_str_cmp(user.password, user_data.password):
confirmation = user.most_recent_confirmation
if confirmation and confirmation.confirmed:
access_token = create_access_token(identity=user.id,
fresh=True)
refresh_token = create_refresh_token(user.id)
return {
"access_token": access_token,
"refresh_token": refresh_token
}, 200
return {'message': getext("user_not_confirmed".format(user.email))}
return {"message": getext("user_invalid_credentials")}, 401
def get(cls, confirmation_id: str):
confirmation = ConfirmationModel.find_by_id(confirmation_id)
if not confirmation:
return {'message': getext("confirmation_not_found")}, 404
if confirmation.expired:
return {'message': getext("confirmation_link_expired")}, 400
if confirmation.confirmed:
return {'message': getext("confirmation_already_confirmed")}, 400
confirmation.confirmed = True
confirmation.save_to_db()
headers = {'Content-Type': 'text/html'}
return make_response(
render_template('confirmation_page.html',
email=confirmation.user.email), 200, headers)
def send_email(cls, email: List[str], subject: str, text: str,
html: str) -> Response:
if cls.MAILGUN_API_KEY is None:
raise MailgunException(getext("mailgun_failed_load_api_key"))
if cls.MAILGUN_DOMAIN is None:
raise MailgunException(getext("mailgun_failed_load_domain"))
response = post(
f"https://api.mailgun.net/v3/{cls.MAILGUN_DOMAIN}/messages",
auth=("api", cls.MAILGUN_API_KEY),
data={
'from': f"{cls.FROM_TITLE} <{cls.FROM_EMAIL}>",
'to': email,
'subject': subject,
'text': text,
'html': html,
},
)
if response.status_code != 200:
raise MailgunException(getext("mailgun_error_send_email"))
return response
def get(cls, user_id: int):
"""Returns confirmation for a given user. Use for testing."""
user = UserModel.find_by_id(user_id)
if not user:
return {'message': getext("user_not_found")}, 404
return (
{
'current_time':
int(time()),
'confirmation': [
confirmation_schema.dump(each) for each in
user.confirmation.order_by(ConfirmationModel.expire_at)
],
},
200,
)
def post(cls):
jti = get_raw_jwt()["jti"]
user_id = get_jwt_identity()
Blacklist.add(jti)
return {"message": getext("user_logged_out".format(user_id))}, 200
def get(cls, name: str):
item = ItemModel.find_by_name(name)
if item:
return item_schema.dump(item)
return {"message": getext("item_not_found")}, 404
def get(cls, user_id: int):
user = UserModel.find_by_id(user_id)
if not user:
return {"message": getext("user_not_found")}, 404
return user_schema.dump(user)
def delete(cls, name: str):
item = ItemModel.find_by_name(name)
if item:
item.delete_from_db()
return {"message": getext("item_deleted")}
return {"message": getext("item_not_found")}, 404
def get(cls, name: str):
store = StoreModel.find_by_name(name)
if store:
return store_schema.dump(store), 200
return {"message": getext("store_not_found")}, 404
