def test_login_success(app, db): """ Given I provide valid email and password When I make a call to the `login` API Then I get HTTP 200 OK response And the response body match the schema And the response contains user's data """ data = { "email": "*****@*****.**", "password": "******" } User( email=data["email"], password=User.create_hash(plain_password=data["password"]) ).save() client = app.test_client() response = client.post("/api/users/login/", data=json.dumps(data)) assert response.status_code == 200 response_data = json.loads(response.data.decode("utf-8")) validate_dict_with_schema( response_data, "user/register/response" ) assert response_data["data"]["user"]["email"] == data["email"]
def login(): form = RegisterForm(request.form) if request.method == 'POST' and form.validate(): username = form.username.data password = form.password.data repassword = form.repassword.data if repassword: if password != repassword: form.errors['re-password'] = ['Password does not match'] return render_template('login.html', form=form) try: User.create(username, password) flash('Account created', 'success') login_user(username, password) return redirect(url_for('.index')) except ExistsError: form.errors['username'] = ['Username already exists'] if login_user(username, password): return redirect(url_for('.index')) form.errors['authentication'] = ['wrong username or password'] return render_template('login.html', form=form)
def create_user(): form = RegistrationForm(request.form) if form.validate(): new_user = User(username=form.username.data) new_user.generate_password_digest(form.password.data) if new_user.save(): session = Session(session_token=Session.generate_session_token(), username=new_user.username) if session.save(): response = jsonify( user=user_response_obj(new_user), message="New user created! Welcome {0}!".format( new_user.username)) response.set_cookie('pomodoro-to-do', session.session_token) return response else: return jsonify( error="New user created, but failed to login"), 401 else: return jsonify(error="Could not create user."), 401 else: return jsonify(errors=form.errors.items()), 400
def current_user(cookie): if not session: return None else: for token in session: if cookie == token and User.find_by_session_token(token): return User.find_by_session_token(token)[0] return None
def validate_user_credentials(form, field): if User.find_by_username(form.username.data).count() > 0: user = User.find_by_username(form.username.data)[0] else: return if not User.validate_user_credentials(user, form.password.data): message = "Invalid credentials" raise ValidationError(message)
def __destroy_user(username): password = request.form['password'] user = User.find_by_username(username)[0] if user and User.validate_user_credentials(user, password): if User.destroy(user): return jsonify(message="User {0} successfully deleted!".format(user.username)) else: return jsonify(error="Credentials are valid but could not delete user.") else: return jsonify(error="Could not validate user credentials.")
def save(user_data): """ Save User Collection record :param user_data: dict, Ie {'user_id': 10, 'pin': 20, ....} :returns Object, Ie {'user_id': 10, 'pin': 20 ....} """ user = User(user_id=user_data['user_id'], pin=user_data['pin'], user_name=user_data['user_name'], password=user_data['password']) user.save() return user
def logout_user(): headers_token = User.get_token_from_authorization_header( request.headers.get('Authorization')) response = User.decode_auth_token(headers_token) if isinstance(response, str): response_object = {'status': 'error', 'message': response} return jsonify(response_object), 401 else: response_object = { 'status': 'success', 'message': 'Successfully logged out.' } return jsonify(response_object), 200
def user_status(): headers_token = User.get_token_from_authorization_header( request.headers.get('Authorization')) response = User.decode_auth_token(headers_token) if isinstance(response, str): response_object = {'status': 'error', 'message': response} return jsonify(response_object), 401 else: response_object = { 'status': 'success', 'data': User.get_by_id(response) } return jsonify(response_object), 200
def register_user(): """This Endpoint handles registration of new users.""" data = request.get_json() username = data['username'].strip() email = data['email'].strip() password = data['password'].strip() if not username or not email or not password: return jsonify({ 'message': 'Please fill in all the credentials', 'status': 'Failed' }), 400 if not username.isalpha(): return make_response( jsonify({ 'message': 'Username should contain letters only', 'status': 'Failed' })), 400 if not re.match(r"([\w\.-]+)@([\w\.-]+)(\.[\w\.]+$)", email): return make_response( jsonify({ 'message': 'Invalid Email input', 'status': 'Failed' })), 400 if len(password) < 4: return make_response( jsonify({ 'message': 'Password is too short', 'status': 'Failed' })), 400 # Query to see if the user already exists user = User.query.filter_by(email=data['email']).first() if user is not None: response = { 'message': 'User already exists. Please login', 'status': 'Failed' } return make_response(jsonify(response)), 409 # If there is no user with such email address, register the new user user = User(username=username, email=email, password=password) user.save() response = { 'message': 'Registration successful. Please login', 'status': 'Success' } return make_response(jsonify(response)), 201
def treatment(): res = requests.get("https://www.emedexpert.com/lists/conditions.shtml") #scrapping given url to extract the table of diasease and symptom soup = BeautifulSoup(res.content,'lxml') table = soup.find_all('table')[0] df = pd.read_html(str(table)) #for i in df: # print(i[0],i[1]) df[0].to_csv("web_scrapped.csv", index=False, quoting=csv.QUOTE_NONE,escapechar=' ') #storing the extracted data in csv file #------storing data in sqlite3 database-------# with open('web_scrapped.csv','r') as person_table: dr = csv.DictReader(person_table, delimiter=',') to_db = [[i["1"],i["0"]] for i in dr] for i in to_db: record=User(**{ 'disease': i[1], 'medicine': i[0] }) db.session.add(record) db.session.commit() dis=request.args.get('text') #print(dis) treat=User.query.filter_by(disease=dis).first() #print(treat.medicine) return render_template("treatment.html",treat=(treat.medicine))
def test_add_duplicate_email(self): add_user('test', '*****@*****.**', 'test') duplicate_user = User(username='******', email='*****@*****.**', password='******') db.session.add(duplicate_user) self.assertRaises(IntegrityError, db.session.commit)
def login(): """ Log in the user """ errors = None try: request_data = json.loads(request.data) validate_dict_with_schema(request_data, "user/register/request") user = User.check_user( email=request_data["email"], password=request_data["password"] ) if user: session["user_id"] = user.id return json_response( status=200, response_data={ "success": True, "data": {"user": user.serialize()} } ) except (TypeError, ValueError): errors = ["Invalid JSON"] except ValidationError as e: errors = e.message if errors: return json_response( status=400, response_data={"success": False, "errors": errors} ) return json_response( status=401, response_data={"success": False, "errors": ["Invalid email/password"]} )
def add_user(): data = request.get_json() if not data: response_data = {'status': 'fail', 'message': 'Invalid payload.'} return jsonify(response_data), 400 username = data.get('username') email = data.get('email') try: user = User.query.filter_by(username=username).first() if not user: user = User(username=username, email=email) db.session.add(user) db.session.commit() response_data = { 'status': 'success', 'message': '{} was added'.format(username) } return response_data, 201 response_data = { 'status': 'fail', 'message': 'Sorry. user {} already exists.'.format(username) } return response_data, 400 except exc.IntegrityError: db.session.rollback() response_data = {'status': 'fail', 'message': 'Invalid payload.'} return jsonify(response_data), 400
def post(self): auth_header = request.headers.get('Authorization') if not auth_header: return {'message': 'Provide valid auth token'}, 401 auth_token = auth_header.split(" ")[1] supplier_id = User.decode_auth_token(auth_token) tracking_code = randomword(8) status = 1 response_object = {} post_data = request.get_json() if not post_data: response_object['message'] = 'Input payload validation failed' return response_object, 400 name = post_data.get('name') description = post_data.get('description') weight = post_data.get('weight') recipient_id = post_data.get('recipient_id') package = Package(name, description, supplier_id, weight, recipient_id, status, tracking_code) db.session.add(package) db.session.commit() response_object = { 'message': f'{name} has been added', 'package': package.json() } return response_object, 201
def post(self): post_data = request.get_json() refresh_token = post_data.get("refresh_token") response_object = {} try: resp = User.decode_token(refresh_token) user = get_user_by_id(resp) if not user: auth_namespace.abort(401, "Invalid token") access_token = user.encode_token(user.id, "access") refresh_token = user.encode_token(user.id, "refresh") response_object = { "access_token": access_token, "refresh_token": refresh_token, } return (response_object, ) except jwt.ExpiredSignatureError: auth_namespace.abort(401, "Signature expired. Please log in again.") return "Signature expired. Please log in again." except jwt.InvalidTokenError: auth_namespace.abort(401, "Invalid token. Please log in again.")
def __show_user(username): user = User.find_by_username(username) if user: return jsonify(user=user_response_obj(user)) else: return jsonify(error="Could not find user."), 404
def handle_complete_pomodoro(username, id): user = User.find_by_username(username) if user: to_do = ToDo.objects.get(author=user, id=id) pomodoros = to_do.pomodoros num_complete = int(request.form['num_complete']) pomodoros[num_complete].complete = True message = "Pomodoro completed!" if ((num_complete + 1) % 4) == 0: message += " Long break time!" else: message += " Break time!" if num_complete + 1 == len(pomodoros): to_do.complete = True message = "To do is COMPLETE! Woo hoo!" if to_do.save(): return jsonify(to_do=to_do, message=message) else: return jsonify(error="Could not update to do item."), 401 else: return jsonify(error="Could not find user."), 404
def __show_user(username): user = User.find_by_username(username) if user: return jsonify(user = user_response_obj(user)) else: return jsonify(error="Could not find user."), 404
def test_user_registration_duplicate_email(self): User(**USER_BASIC).save() response = self.register(json.dumps(USER_DUPLICATE_EMAIL)) data = json.loads(response.data.decode()) self.assertTrue(data['status'] == 'error') self.assertTrue(data['message'] == 'User already exists.') self.assertEqual(response.status_code, 409)
def post(self): post_data = request.get_json() name = post_data.get('name') email = post_data.get('email') password = post_data.get('password') invite_code = post_data.get('invite_code') response_object = {} user = User.query.filter_by(email=email).first() if user: response_object['message'] = 'Sorry, That email already exists.' return response_object, 400 invited_user = Invited_user.query.filter_by( email=email, invite_code=invite_code).first() if invited_user: user = User(name, email, password, invited_user.role_id) db.session.add(user) db.session.commit() response_object['message'] = f'{email} was added!' return response_object, 201 else: print(invited_user.role_id) response_object['message'] = 'Not authorised' return response_object, 401
def logout(): session_key = session.get('s_key', None) if session_key: uid = Session.get(session_key)['user'] user = User.get(uid) logout_user(user) return redirect(url_for('.index'))
def handle_complete_pomodoro(username, id): user = User.find_by_username(username) if user: to_do = ToDo.objects.get(author=user, id=id) pomodoros = to_do.pomodoros num_complete = int(request.form['num_complete']) pomodoros[num_complete].complete = True message = "Pomodoro completed!" if ((num_complete + 1) % 4) == 0: message += " Long break time!" else: message += " Break time!" if num_complete + 1 == len(pomodoros): to_do.complete = True message = "To do is COMPLETE! Woo hoo!" if to_do.save(): return jsonify(to_do = to_do, message = message) else: return jsonify(error="Could not update to do item."), 401 else: return jsonify(error="Could not find user."), 404
def get(user_id): """ Select User DB records :param user_id: :returns Object, Ie {'user_id': 10, 'pin': 20 ....} """ return User.objects(user_id=user_id).first()
def test_user_login_no_password_user(self): User(**USER_BASIC).save() response = self.login(json.dumps(LOGIN_USER_BASIC_NO_PASSWORD)) data = json.loads(response.data.decode()) self.assertTrue(data['status'] == 'error') self.assertTrue(data['message'] == 'Invalid payload.') self.assertTrue(response.content_type == 'application/json') self.assertEqual(response.status_code, 400)
def index(): if request.method == 'POST': username = request.form['username'] email = request.form['email'] db.session.add(User(username=username, email=email)) db.session.commit() users = User.query.order_by(User.create_at.desc()).all() return render_template('index.html', users=users)
def get_auth_user(user_data): """ Get authenticated User DB record :param user_data: :returns Object, Ie {'user_id': 10, 'pin': 20 ....} """ return User.objects(user_name=user_data['user_name'], password=user_data['password']).first()
def validate_user_account(user_data): """ Validate User account by user_id and pin :param user_data: dict, Ie {'user_id': 10, 'pin': 20} :returns Object, Ie {'user_id': 10, 'pin': 20 ....} """ return User.objects(user_id=get(user_data, ['user_id']), pin=get(user_data, ['pin'])).first()
def add_user(): """Add a user to the database.""" if 'application/json' not in request.content_type: User( username=request.form['username'], email=request.form['email'], password=request.form['password'], ).save() return render_template('users.html', users=User.get_all_users()) try: user = User(**request.get_json()) user.save() response_object = { 'status': 'success', 'data': user.get_data() } return jsonify(response_object), 201 except exc.IntegrityError: response_object = { 'status': 'fail', 'message': 'User already exists.' } return jsonify(response_object), 409 except (ValueError, TypeError) as e: response_object = { 'status': 'fail', 'message': 'Invalid payload.' } return jsonify(response_object), 400
def test_user_login_registered_user(self): User(**USER_BASIC).save() response = self.login(json.dumps(LOGIN_USER_BASIC)) data = json.loads(response.data.decode()) self.assertTrue(data['status'] == 'success') self.assertTrue(data['message'] == 'Successfully logged in.') self.assertTrue(data['token']) self.assertTrue(response.content_type == 'application/json') self.assertEqual(response.status_code, 200)
def logged_in_users(): users = [] for token in session: user = User.find_by_session_token(token) if user: users.append(user[0].username) return users
def handle_to_do_search(username): user = User.find_by_username(username) title = request.args.get('title') if user: to_dos = ToDo.objects.filter(title__icontains=title, author=user) return jsonify(to_dos=to_dos) else: return jsonify(error="Could not find user."), 404
def get(self): auth_header = request.headers.get('Authorization') if not auth_header: return {'message': 'Provide valid auth token'}, 401 auth_token = auth_header.split(" ")[1] supplier_id = User.decode_auth_token(auth_token) packages = Package.query.filter_by(supplier_id=supplier_id).all() print(packages) return {'packages': [package.json() for package in packages]}, 200
def handle_to_do_request(username): user = User.find_by_username(username) if user: if request.method == "GET": return __fetch_to_do_items(user) elif request.method == "POST": return __create_to_do_item(user) else: return jsonify(error="Could not find user."), 404
def __update_user(username): password = request.form['password'] option = request.form['option'] user = User.find_by_username(username)[0] if user and User.validate_user_credentials(user, password): updated_user = __updated_user(user, option) user.username = new_username user.generate_password_digest(new_password) if updated_user.save(): message = __generate_update_msg(option) return jsonify(username=username, message=message) else: return jsonify(error="Credentials are valid but could not update user.") else: return jsonify(error="Could not validate user credentials.")
def handle_single_to_do_request(username, id): user = User.find_by_username(username) if user: if request.method == "GET": return __fetch_single_to_do_item(user, id) elif request.method == "PUT": return __update_to_do_item(user, id) elif request.method == "DELETE": return __delete_to_do_item(user, id) else: return jsonify(error="Could not find user."), 404
def create_user(): form = RegistrationForm(request.form) if form.validate(): new_user = User(username = form.username.data) new_user.generate_password_digest(form.password.data) if new_user.save(): session = Session(session_token=Session.generate_session_token(), username=new_user.username) if session.save(): response = jsonify(user = user_response_obj(new_user), message = "New user created! Welcome {0}!".format(new_user.username)) response.set_cookie('pomodoro-to-do', session.session_token) return response else: return jsonify(error="New user created, but failed to login"), 401 else: return jsonify(error="Could not create user."), 401 else: return jsonify(errors=form.errors.items()), 400
def __create_session(): form = LoginForm(request.form) if form.validate(): user = User.find_by_username(form.username.data) session = Session(session_token=Session.generate_session_token(), username=user.username) session.save() __maintain_max_session_limit(user) response = jsonify(user=user_response_obj(user), message = "Login successful! Welcome {0}!".format(user.username)) response.set_cookie('pomodoro-to-do', session.session_token) return response else: return jsonify(errors=form.errors.items()), 400
def create_user(): form = RegistrationForm(request.form) if form.validate(): new_user = User(username = form.username.data) new_user.generate_password_digest(form.password.data) new_user.reset_session_token() if new_user.save(): application_controller.login(new_user) user_response = build_user_response_object(new_user) return jsonify(user = user_response, message = "User creation successful! Welcome {0}!".format(new_user.username)) else: return jsonify(error="Could not create user."), 401 else: return jsonify(errors=form.errors.items()), 400
def check_if_username_exists(form, field): message = "Username not found" if User.find_by_username(form.username.data).count() == 0: raise ValidationError(message)
def check_if_username_taken(form, field): message = "Username already taken" if User.find_by_username(form.username.data).count() > 0: raise ValidationError(message)
def validate_user_credentials(form, field): user = User.find_by_username(form.username.data) if user and not User.validate_user_credentials(user, form.password.data): raise ValidationError("Invalid credentials")
def check_if_username_taken(form, field): if User.find_by_username(form.username.data): raise ValidationError("Username already taken")
def check_if_username_exists(form, field): if not User.find_by_username(form.username.data): raise ValidationError("Username not found")