def user(db): name = "bob" password = "******" new_user = User(name=name, password=password) new_user.save() return new_user
def verify_email(token): decoded_token = decode_token(token) user = User.find_by_email(decoded_token[EMAIL_KEY]) if user is None: return user.email_verified = True user.commit() return user
def test_create_user(db): # given name = "bob" password = "******" user = User(name=name, password=password) # execute user.save() # expect user_result = User.find(name=name) assert user_result assert name == user_result.name assert password == user_result.password
def registration(): data = parser.parse_args() new_user = User(username=data['username'], password=User.generate_hash(data['password'])) try: new_user.save_to_db() access_token = create_access_token(identity=data['username']) refresh_token = create_refresh_token(identity=data['username']) return json.dumps( '{{' 'message: User {} was created.'.format(data['username']), 'access_token: {}'.format(access_token), 'refresh_token: {}'.format(refresh_token), '}}') except Exception as error: print(error.args[0]) return json.dumps('{message:Something went wrong}'), 500
def create_user(email, password): user = User.find_user_by(email) if user: return {'message': F'user already exist with email {email}'}, 409 user = User() user.password = hash_password(password) user.email = email db.session.add(user) db.session.commit() return { "email": user.email, "id": user.id }
def login(user): base_error = BaseError(message='Invalid username/password', code=400, status='BAD_CREDENTIAL') db_user = User.find_by_email(user.email) if not db_user: raise base_error if not compare_password(db_user.password, user.password): raise base_error return db_user
def post(self): try: json_data = request.get_json() except Exception as e: raise MyBadRequestException check_user = False try: check_user = User.get_by_username(json_data["username"]) except Exception as e: raise MyInternalServerErrorException if check_user: raise MyBadRequestException data, errors = user_schema.load(data=json_data) user = User(**data) if json_data["is_admin"] == 1: user.is_admin = True else: user.is_admin = False try: user.save() except Exception as e: raise MyInternalServerErrorException return user_schema.dump(user).data, HTTPStatus.CREATED
def test_find_user_id(user): # given # execute user_result = User.find(id_=user.id) # expect assert user_result assert user.id == user_result.id assert user.name == user_result.name assert user.password == user_result.password
def record_author(): header = request.headers.get('Authorization') _, token = header.split() try: data = JWTToken.decode(token) author = data["identity"] except Exception as e: raise MyInternalServerErrorException user = User.get_by_username(author) return user
def main(argv: List[str]) -> None: parser = argparse.ArgumentParser(description='Create and populate User DB') parser.add_argument('-c', '--cfg-path', required=True, help="Path to the user configuration data to load.") parser.add_argument('-d', '--db-path', required=True, help='Path to database file.') cfg = vars(parser.parse_args(argv)) # Load the user configuration data. with open(cfg["cfg_path"], 'rt') as fp: users_cfg = json.load(fp=fp) # Delete the database file if it exists. if os.path.exists(cfg["db_path"]): os.remove(cfg["db_path"]) # Create the Flask application as the container for the User object and database access. app = Flask(__name__) app.config["SQLALCHEMY_DATABASE_URI"] = f"sqlite:///{cfg['db_path']}" app.config["SQLALCHEMY_TRACK_MODIFICATIONS"] = False # Initialize the database auth_db.init_app(app) app.app_context().push() auth_db.create_all() # Create the users in the DB for user_data in users_cfg["users"]: user = User(**user_data) user.save()
def login(email, password): user = User.find_user_by(email) if user is None: return {'message': 'invalid username/password'}, 401 if user.email == email and match_password(password, user.password): access_token, refresh_token = generate_token(user.email) return { 'id': user.id, 'email': user.email, 'access_token': access_token, 'refresh_token': refresh_token } return {'message': 'invalid username/password'}, 401
def post(cls): data = cls.parser.parse_args() user = User.find(name=data["username"]) if user and safe_str_cmp(data["password"], user.password): access_token = create_access_token(identity=user.id, fresh=True) refresh_token = create_refresh_token(user.id) return { "access_token": access_token, "refresh_token": refresh_token }, 200 return {"message": "Invalid credentials"}, 401
def create_user(user): db_user = User.find_by_email(user.email) if db_user: raise BaseError(message='User has already associated with this email', code=409, status='NON_UNIQUE_EMAIL') user.password = hash_password(user.password) user.save() # token = generate_token({EMAIL_KEY: user.email}) # html = render_template(EMAIL_VERIFICATION_HTML, url=F'http://localhost.com/email-verification?token={token}') # send_email(recipients=[user.email], # subject=EMAIL_VERIFICATION, # body='Reset your password', # html=html) return user
def login(): data = parser.parse_args() current_user = User.query.filter_by(username=data['username']).first() if not current_user: return json.dumps('{{message: User {} does not exist.}}'.format( data['username'])) if User.verify_hash(data['password'], current_user.password): access_token = create_access_token(identity=data['username']) refresh_token = create_refresh_token(identity=data['username']) return json.dumps( '{{message: Logged in as {}., access_token: {}, refresh_token: {}}}' .format(data['username'], access_token, refresh_token)) return json.dumps('{message: Wrong credentials.}')
def post(self): try: data = request.get_json() username = data.get('username') password = data.get('password') except Exception as e: raise MyBadRequestException try: user = User.get_by_username(username=username) except Exception as e: raise MyInternalServerErrorException if user is None or not user or not check_password( password, user.password): raise MyBadRequestException try: token, exp = JWTToken.encode(user.username) result = {'access_token': token, 'expire_date': exp} return {'result': result}, HTTPStatus.CREATED except Exception as e: raise MyInternalServerErrorException
async def _get_current_user(security_scopes: SecurityScopes, token: str = Depends(OAUTH2_SCHEMA)): if security_scopes.scopes: authenticate_value = f'Bearer scope="{security_scopes.scope_str}"' else: authenticate_value = f"Bearer" credentials_exception = HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Could not validate credentials", headers={"WWW-Authenticate": authenticate_value}, ) try: payload = jwt.decode(token, SECRET_KEY, algorithms=AUTH_SETTINGS['ALGORITHM']) username: str = payload.get("sub") if username is None: raise credentials_exception token_scopes = payload.get("scopes", []) token_data = TokenData(scopes=token_scopes, username=username) except (JWTError, ValidationError): raise credentials_exception user = User.filter(username=token_data.username) if user is None: raise credentials_exception if 'me' in token_data.scopes: return user for scope in security_scopes.scopes: if scope not in token_data.scopes: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Not enough permissions", headers={"WWW-Authenticate": authenticate_value}, ) return user
def add_user_profile(user_id, data): user = User.find_user_by_id(user_id) profile = Profile(data['name'], data['phone'], data['address']) user.profile = profile db.session.commit() return user.to_dict()
def authenticate(user_name, password): user = User.find(name=user_name) if user and safe_str_cmp(user.password, password): return user
def identity(payload): id = payload['identity'] return User.find(id_=id)