def register_account(uow: UnitOfWork, email: str, password: str,
username: str) -> Account:
whitelisted_emails = getenv('WHITELISTED_EMAILS')
if whitelisted_emails is not None and email not in whitelisted_emails.split(
','):
raise AccountRegistrationError('Email not whitelisted')
with uow:
if uow.account.get(Account, email=email) is not None:
raise AccountRegistrationError(
f"Account with the email '{email}' already exists")
if uow.user.get(User, username=username):
raise AccountRegistrationError(
f"Account with the username '{username}' already exists")
password_hash = Authentication().generate_password_hash(password)
user = User(username)
account = Account(email, password_hash, user)
account_record = uow.account.add(account)
uow.commit()
account_record = uow.account.get(Account, email=email)
verification_token = account.generate_verification_token
account.send_registration_email(verification_token)
return account_record
def login_endpoint() -> Tuple[Response, int]:
try:
if not request.json:
raise APIError('Missing request body', 400)
uow = UnitOfWork()
email = request.json['email']
password = request.json['password']
access_token = get_access_token(uow, email, password)
token_store = TokenStore()
user = Authentication().get_jwt_identity(access_token)
user_id = int(user['user_id'])
username = user['username']
refresh_token = set_refresh_token(token_store, user_id, username)
res = jsonify({'access_token': access_token})
res.set_cookie('refresh_token',
refresh_token,
httponly=True,
domain='.talel.io',
secure=not current_app.config['DEBUG'])
return res, 200
except KeyError as error:
raise APIError(f'Expected {error} key', 400) from error
except AccountError as error:
raise APIError(str(error), 401) from error
def create_article(uow: UnitOfWork, user_id: int, title: str,
body: str) -> Article:
with uow:
user_record = uow.user.get(User, id=user_id)
if user_record is None:
raise UserError('User does not exist')
new_article = Article(title, body)
new_article.convert_body_to_html
user_record.articles.append(new_article)
uow.commit()
article_record = uow.articles.get(Article)
return article_record
def create_project(uow: UnitOfWork, user_id: int, title: str,
body: str) -> Project:
with uow:
user_record = uow.user.get(User, id=user_id)
if user_record is None:
raise UserError('User does not exist')
new_project = Project(title, body)
new_project.convert_body_to_html
user_record.projects.append(new_project)
uow.commit()
project_record = uow.projects.get(Project)
return project_record
def get_user_projects_endpoint(username: str) -> Tuple[Response, int]:
try:
uow = UnitOfWork()
user_projects = get_user_projects(uow, username)
res_body = ProjectSchema(many=True).dump(user_projects)
return jsonify(res_body), 200
except UserError as error:
raise APIError(str(error), 400) from error
def verify_account(uow: UnitOfWork, token: str) -> Account:
registration_details = Account.validate_verification_token(token)
email = registration_details['email']
with uow:
account_record = uow.account.get(Account, email=email)
if account_record is None:
raise AccountError(
f"No registered account with the email '{email}'")
if account_record.verified:
raise AccountVerificationError('Account already verified')
setattr(account_record, 'verified', True)
uow.commit()
account_record = uow.account.get(Account, email=email)
return account_record
def verify_account_endpoint(token: str) -> Tuple[Response, int]:
try:
uow = UnitOfWork()
verified_account = verify_account(uow, token)
res_body = AccountSchema().dump(verified_account)
return res_body, 200
except InvalidSignatureError as error:
raise APIError(str(error), 400) from error
except AccountError as error:
raise APIError(str(error), 400) from error
except AccountVerificationError as error:
raise APIError(str(error), 400) from error
def register_account_endpoint() -> Tuple[Response, int]:
try:
if not request.json:
raise APIError('Missing request body', 400)
uow = UnitOfWork()
email = request.json['email']
password = request.json['password']
username = request.json['username']
registered_account = register_account(uow, email, password, username)
res_body = AccountSchema().dump(registered_account)
return res_body, 201
except KeyError as error:
raise APIError(f'Expected {error} key', 400) from error
except AccountRegistrationError as error:
raise APIError(str(error), 400) from error
def protected_create_article_endpoint() -> Tuple[Response, int]:
try:
if not request.json:
raise APIError('Missing request body', 400)
access_token = extract_access_token_from_authorization_header(
cast(str, authorization_header))
uow = UnitOfWork()
user = Authentication().get_jwt_identity(access_token)
user_id = int(user['user_id'])
title = request.json['title']
body = request.json['body']
created_article = create_article(uow, user_id, title, body)
res_body = ArticleSchema().dump(created_article)
return res_body, 201
except KeyError as error:
raise APIError(f'Expected {error} key', 400) from error