def store(req):
data = req.get_json()
error = []
new_user = None
try:
new_user = User(username=data['username'], email=data['email'],
password=generate_password_hash(data['password']))
new_user.created_at = datetime.datetime.utcnow()
new_user.tokens = []
new_user.save()
new_user.tokens.append(encode_auth_token(str(new_user.id)).decode('ascii'))
new_user.save()
del new_user.password
except ValidationError as e:
error.append(str(e))
except KeyError as e:
error.append("Missing key in request body : {}".format(e))
except (DuplicateKeyError, NotUniqueError) as e:
email_exists = User.objects(email=data['email']).count()
if email_exists > 0:
error.append("Email already exists")
username_exists = User.objects(username=data['username']).count()
if username_exists > 0:
error.append("Username already exists")
if error.__len__() > 0:
return Response(json.dumps({"error": "Sent data is invalid", "message": error}), status=400,
headers={"content-type": "application/json"})
user_response = UserDTO(new_user).__dict__
user_response['tokens'] = new_user.tokens
return Response(json.dumps(user_response), status=201, headers={"content-type": "application/json"})
def decorator(req):
token = req.headers.get("Authorization")
if token is not None:
token = re.sub(r"[Bb]earer ", "", token, count=1)
connected_user = User.objects(tokens=token).first()
if connected_user is not None:
del connected_user.password
connected_user.tokens = [req.headers.get("Authorization")]
return method(req, request_user=connected_user)
return Response("Unauthenticated",
headers={"WWW-Authenticate": "Bearer"},
status=401)
def logon(req):
data = req.get_json()
try:
queried_user = User.objects(Q(username=data['login']) | Q(email=data['login'])).first()
if queried_user is not None:
if check_password_hash(queried_user.password, data['password']):
token = encode_auth_token(str(queried_user.id)).decode('ascii')
queried_user.tokens.append(token)
queried_user.save()
return Response(json.dumps({"token": token}), status=200,
headers={"content-type": "application/json"})
else:
return Response(json.dumps({"error": "Login or password is incorrect"}), status=403,
headers={"content-type": "application/json"})
else:
return Response(json.dumps({"error": "Login or password is incorrect"}), status=403,
headers={"content-type": "application/json"})
except KeyError as e:
return Response(json.dumps({"error": "{} field is required".format(e)}), status=400,
headers={"content-type": "application/json"})
def logout(req, **kwargs):
current_user = kwargs['request_user']
User.objects(id=current_user.id).update_one(pull__tokens=current_user.tokens[0])
return Response("", status=204)
