def get_email_from_reset_token(reset_token):
email = check_reset_token(reset_token)
try:
user = User.get(email=email)
except DoesNotExist:
raise UserNotFound
return jsonify(email=user.email)
def get_email_from_activation_token(activation_token):
email = check_activation_token(activation_token)
try:
user = User.get(email=email)
except DoesNotExist:
raise UserNotFound
if user.account_activated:
raise InvalidLink
return jsonify(email=email)
def authorize():
code = request.args.get('code')
params = {
'client_id': facebook_config['app_id'],
'redirect_uri': config['oauth']['facebook']['callback'],
'client_secret': facebook_config['client_secret'],
'code': code
}
credentials = requests.get(facebook_config['token_uri'],
params=params).json()
token_inspection = requests.get(
TOKEN_URL.format(credentials['access_token'],
facebook_config['app_token'])).json()
credentials.update(token_inspection['data'])
profile = requests.get(ME_URL.format(credentials['access_token']))
user_info = profile.json()
email = user_info.get('email')
user, created = User.get_or_create(email=email,
defaults={
'first_name':
user_info.get('first_name'),
'last_name':
user_info.get('last_name'),
'picture':
PICTURE_URL.format(
credentials['user_id']),
'last_login':
datetime.now(),
'created_at':
datetime.now(),
'first_login':
True,
'account_activated':
True
})
if not created:
if not user.account_activated:
raise EmailNotConfirmed
if not user.picture:
user.picture = user_info.get('picture')
user.last_login = datetime.now()
user.first_login = False
user.save()
user.add_facebook_credentials(credentials_to_dict(credentials))
access_token = create_access_token(identity=user.get_identity())
return jsonify(access_token=access_token), 200
def sign_up():
email = request.json.get('email')
password = request.json.get('password')
first_name = request.json.get('first_name')
last_name = request.json.get('last_name')
try:
User.get(email=email)
raise EmailAddressAlreadyTaken
except DoesNotExist:
if password is None:
raise PasswordRequired
if len(password) < 8:
raise PasswordTooShort
if email is None:
raise EmailRequired
if first_name is None:
raise FirstNameRequired
if last_name is None:
raise LastNameRequired
password = hashlib.sha3_256('{}-{}'.format(
config['email_auth']['hash_key'], password).encode())
user = User.create(email=email,
password=password.hexdigest(),
last_login=datetime.now(),
first_login=True,
created_at=datetime.now(),
first_name=first_name,
last_name=last_name)
activation_token = generate_activation_token(email)
queue.enqueue(send_activation_email, user.email, activation_token)
access_token = create_access_token(identity=user.get_identity())
return jsonify(access_token=access_token), 200
def resend_email():
email = get_jwt_identity()['email']
try:
user = User.get(email=email)
except DoesNotExist:
raise UserNotFound
if user.account_activated:
raise AccountAlreadyActivated
activation_token = generate_activation_token(email)
queue.enqueue(send_activation_email, email, activation_token)
return 'A new email has been sent to {}'.format(email), 200
def confirm_email(activation_token):
email = check_activation_token(activation_token)
original_email = get_jwt_identity()['email']
if original_email != email:
raise InvalidLink
try:
user = User.get(email=email)
except DoesNotExist:
raise UserNotFound
if user.account_activated:
raise InvalidLink
else:
user.account_activated = True
user.save()
return 'Your account has been activated successfully!', 200
def login():
email = request.json.get('email')
password = request.json.get('password')
try:
user = User.get(email=email)
except DoesNotExist:
raise UserNotFound
if password is None:
raise PasswordRequired
password = hashlib.sha3_256('{}-{}'.format(
config['email_auth']['hash_key'], password).encode())
if user.password != password.hexdigest():
raise EmailPasswordMismatch
user.last_login = datetime.now()
user.first_login = False
user.save()
access_token = create_access_token(identity=user.get_identity())
return jsonify(access_token=access_token), 200
def authorize():
code = request.args.get('code')
state = request.args.get('state')
flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file(config['oauth']['google']['google_config'],
scopes=SCOPES,
state=state)
flow.redirect_uri = config['oauth']['google']['callback']
flow.fetch_token(code=code)
credentials = flow.credentials
user_info_service = googleapiclient.discovery.build("oauth2", "v2", credentials=credentials,
cache_discovery=False)
user_info = user_info_service.userinfo().get().execute()
email = user_info.get('email')
user, created = User.get_or_create(email=email, defaults={
'first_name': user_info.get('given_name'),
'last_name': user_info.get('family_name'),
'picture': user_info.get('picture'),
'last_login': datetime.now(),
'created_at': datetime.now(),
'first_login': True,
'account_activated': True
})
if not created:
if not user.account_activated:
raise EmailNotConfirmed
if not user.picture:
user.picture = user_info.get('picture')
user.last_login = datetime.now()
user.first_login = False
user.save()
user.add_google_credentials(credentials_to_dict(credentials))
access_token = create_access_token(identity=user.get_identity())
return jsonify(access_token=access_token), 200
def reset_password(reset_token):
email = check_reset_token(reset_token)
password = request.json.get('password')
if password is None:
raise PasswordRequired
if len(password) < 8:
raise PasswordTooShort
try:
user = User.get(email=email)
except DoesNotExist:
raise UserNotFound
password = hashlib.sha3_256('{}-{}'.format(
config['email_auth']['hash_key'], password).encode())
if user.password == password.hexdigest():
raise SamePasswords
else:
user.password = password.hexdigest()
user.save()
return 'Your password has been reset successfully, log in with your new password', 200