def accept_invitation(token): if 'password' not in request.json: bottle.abort(422, "A password is required for the new user") session = None try: session = db.Session() invitation = session.query(Invitation).filter_by(token=token).first() if not invitation: bottle.abort(404) invitation.accepted = True user = User( **{ 'email': invitation.email, 'organization_id': invitation.organization_id, 'password': request.json['password'], 'last_accessed': datetime.now(), 'access_token': create_unique_token(), 'access_token_expiration': datetime.now() + timedelta(weeks=2) }) session.add(user) session.commit() user_json = user.json() finally: if session: session.close() return user_json
def post_user(): """ Create a new user. """ # TODO: send an email to verify user account # create a copy of the request data with only the columns data = { col: request.json[col] for col in request.json.keys() if col in user_mutable } session = db.Session() try: user = User(**data) user.access_token, user.access_token_expiration = auth.create_access_token( ) session.add(user) session.commit() response.status = 201 return user.json() except sa_exc.IntegrityError as exc: print( 'exc.orig.diag.column_name,: ', exc.orig.diag.column_name, ) bottle.abort(409, exc) finally: session.close()