def post(self):
claims = get_jwt_claims()
if 'admin' not in claims['roles']:
return {
'message': 'You dont have persmision to perform this operation'
}, 401
data = parser.parse_args()
if not data['username'] or not data['password']:
return {
'message':
'Imposible to perform operation... missing parameters'
}, 400
user = UserModel.find_by_username(data['username'])
if not user:
return {
'message': 'User {} doesn\'t exists'.format(data['username'])
}, 401
user.password = UserModel.generate_hash(data['password'])
try:
user.save_to_db()
return {
'message':
'Password for user {} successfully changed'.format(
user.username)
}
except:
return {'message': 'Something went wrong'}, 500
def delete(self, username):
current_username = get_jwt_identity()
if username == current_username:
return {
'message': 'Request user cant ask for deleting himself'
}, 403
claims = get_jwt_claims()
if 'admin' not in claims['roles']:
return {
'message': 'You dont have persmision to perform this operation'
}, 401
user_to_delete = UserModel.find_by_username(username)
if not user_to_delete:
return {'message': 'User {} doesn\'t exists'.format(username)}, 401
try:
user_to_delete.delete_me()
return {'messages': 'User {} deleted'.format(username)}
except:
return {
'message': 'Something went wrong width delete process'
}, 500
def get(self):
current_username = get_jwt_identity()
user = UserModel.find_by_username(current_username)
ret_user = {
'username': user.username,
'firstName': user.firstName,
'lastName': user.lastName,
'roles': [role.role_name for role in user.roles]
}
return ret_user
def put(self):
current_username = get_jwt_identity()
claims = get_jwt_claims()
data = parser.parse_args()
if not data['username']:
return {'message': 'Missing parameters'}, 403
if data['username'] != current_username and 'admin' not in claims[
'roles']:
return {
'message': 'You dont have persmision to perform this operation'
}, 401
user_to_edit = UserModel.find_by_username(data['username'])
if not user_to_edit:
return {
'message': 'User {} doesn\'t exists'.format(data['username'])
}, 401
if 'admin' in claims['roles'] and data['username'] != current_username:
user_to_edit.roles = []
try:
user_to_edit.save_to_db
except:
return {
'message': 'Something went wrong trying to save roles'
}, 500
for role in data['roles']:
user_to_edit_role = RoleModel.find_by_role_name(role)
if user_to_edit_role:
user_to_edit.roles.append(user_to_edit_role)
user_to_edit.firstName = data['firstName']
user_to_edit.lastName = data['lastName']
try:
user_to_edit.save_to_db()
return {
'message': 'User {} was edited'.format(user_to_edit.username)
}
except:
return {'message': 'Something went wrong'}, 500
def post(self):
data = parser.parse_args()
current_user = UserModel.find_by_username(data['username'])
if not current_user:
return {
'message': 'User {} doesn\'t exists'.format(data['username'])
}, 401
if UserModel.verify_hash(data['password'], current_user.password):
access_token = create_access_token(identity=current_user)
refresh_token = create_refresh_token(identity=current_user)
return {
'message': 'Logged in as {}'.format(current_user.username),
'access_token': access_token,
'refresh_token': refresh_token
}
else:
return {'message': 'Wrong credentials'}, 401
def post(self):
data = parser.parse_args()
if not data['username'] or not data['password'] or not data[
'old_password']:
return {
'message':
'Imposible to perform operation... missing parameters'
}, 400
current_username = get_jwt_identity()
if current_username != data['username']:
return {'message': 'Not matching username'}, 400
user = UserModel.find_by_username(current_username)
if not user:
return {
'message': 'User {} doesn\'t exists'.format(current_username)
}, 401
if not UserModel.verify_hash(data['old_password'], user.password):
return {'message': 'Current password doesn\'t match'}, 403
user.password = UserModel.generate_hash(data['password'])
try:
user.save_to_db()
return {
'message':
'Password for user {} successfully changed'.format(
user.username)
}
except:
return {'message': 'Something went wrong'}, 500
def post(self):
claims = get_jwt_claims()
if 'admin' not in claims['roles']:
return {
'message': 'You dont have persmision to perform this operation'
}, 401
data = parser.parse_args()
if UserModel.find_by_username(data['username']):
return {
'message': 'User {} already exists'.format(data['username'])
}
new_user = UserModel(username=data['username'],
password=UserModel.generate_hash(
data['password']),
firstName=data['firstName'],
lastName=data['lastName'])
for role in data['roles']:
new_user_role = RoleModel.find_by_role_name(role)
if new_user_role:
new_user.roles.append(new_user_role)
try:
new_user.save_to_db()
# access_token = create_access_token(identity=new_user)
# refresh_token = create_refresh_token(identity=new_user)
return {
'message': 'User {} was created'.format(new_user.username)
# 'access_token': access_token,
# 'refresh_token': refresh_token
}
except:
return {'message': 'Something went wrong'}, 500
def post(self):
username = get_jwt_identity()
user = UserModel.find_by_username(username)
access_token = create_access_token(identity=user)
return {'access_token': access_token}