def post(self): data = parserLogin.parse_args() current_user = UserModel.find_by_email(data['email']) if not current_user: return { 'message': 'User {} doesn\'t exist'.format(data['email']), 'login': False }, 400 elif not UserModel.verify_hash(data['password'], current_user.password): return { 'message': 'Wrong credentials or bad behaviour', 'login': False }, 401 elif not UserModel.verify_model(current_user.model_id, json.loads(data['test'])): return { 'message': 'Wrong credentials or bad behaviour', 'login': False }, 401 else: access_token = create_access_token(identity=data['email']) refresh_token = create_refresh_token(identity=data['email']) return { 'login': True, 'access_token': access_token, 'refresh_token': refresh_token }, 200
def post(self): data = registration_parser.parse_args() if UserModel.find_by_username( data['username']) or UserModel.find_by_email(data['email']): return { 'message': "User with such username or email already exists" }, 400 new_user = UserModel(username=data['username'], password=UserModel.generate_hash( data['password']), email=data['email'], name=data['name'], surname=data['surname'], current_balance=100) try: new_user.save_to_db() access_token = create_access_token(identity=new_user) refresh_token = create_refresh_token(identity=new_user) return { 'message': 'User {} was created'.format(data['username']), 'access_token': access_token, 'refresh_token': refresh_token } except: return {'message': 'Something went wrong'}, 500
def post(self): data = register.parse_args() if UserModel.find_by_username(data['username']): return { 'success': 'false', 'message': 'User {} already exists'.format(data['username']) } if UserModel.find_by_email(data['email']): return { 'success': 'false', 'message': 'Email {} already exists'.format(data['email']) } new_user = UserModel(username=data['username'], password=UserModel.generate_hash( data['password']), email=data['email'], kantor=data['kantor'], no_hp=data['no_hp'], alamat=data['alamat']) try: new_user.save_to_db() access_token = create_access_token(identity=data['username']) refresh_token = create_refresh_token(identity=data['username']) return { 'success': 'true', 'message': 'User {} was created'.format(data['username']), 'access_token': access_token, 'refresh_token': refresh_token } except: return {'success': 'false'}, 500
def post(self): data = parser.parse_args() current_user = UserModel.find_by_email(data['email']) if not current_user: return { 'message': "Email {} doesn't exist".format(data['email']) }, 401 # Verify user is active if not current_user.active: return { 'message': "Email {} is not yet verified".format(data['email']) }, 401 # If the password matches, generate and send the token if current_user.verify_password(data['password']): access_token = create_access_token(identity=data['email']) refresh_token = create_refresh_token(identity=data['email']) return { 'message': 'Logged in as {}'.format(current_user.email), 'access_token': access_token, 'refresh_token': refresh_token } else: return {'message': "Wrong credentials"}, 401
def post(self): data = parserRegister.parse_args() if UserModel.find_by_email(data['email']): return { 'message': 'User with email {} already exists'.format(data['email']) }, 409 if not fullmatch(r"[^@]+@[^@]+\.[^@]+", data['email']): return { 'message': 'Email address {} is not valid'.format(data['email']) }, 400 new_user = UserModel(email=data['email'], password=UserModel.generate_hash( data['password']), model_id=uuid.uuid4().hex) try: new_user.save_to_db() new_user.create_model(json.loads(data['train'])) return { 'message': 'User {} was created'.format(data['email']), } except Exception as e: print(e) return {'message': 'Something went wrong'}, 500
def post(self): if request.is_json: try: fullName = request.get_json()['fullName'] email = request.get_json()['email'] password = request.get_json()['password'] except Exception as e: capture_exception(e) return {"Message": "Some field is empty"}, 400 else: capture_message("None JSON data sent") return {"Message": "Request body is null/not JSON"}, 400 if UserModel.find_by_email(email): return { "Message": "Email {} already registered".format(email) }, 409 try: user = UserModel(fullName=fullName, email=email, password=UserModel.generate_hash(password)) user.save_to_db() access_token = create_access_token(identity=email) refresh_token = create_refresh_token(identity=email) return { 'message': 'User {} was created'.format(email), 'access_token': access_token, 'refresh_token': refresh_token }, 200 except Exception as e: capture_exception(e) return {"Message": "Unable to create user"}, 500
def post(cls): try: company_json = request.get_json()["company"] company = company_schema.load(company_json) for user in company.users: if UserModel.find_by_username(user.username): return {"message": "Username already exists"}, 400 if UserModel.find_by_email(user.email): return {"message": "Username already exists"}, 400 hashed_password = custom_pbkdf2.hash(user.password) user.password = hashed_password company.save_to_db() for user in company.users: user_setting = user_setting_schema.load({"user_id": user.id}) user_setting.save_to_db() return { "message": "Company created!", "company": company_schema.dump(company) } except Exception as e: return {"message": "An error has occurred!"}
def post(self): parser = reqparse.RequestParser() parser.add_argument('email', help='This field cannot be blank', required=True) parser.add_argument('password', help='This field cannot be blank', required=True) parser.add_argument('name', help='This field cannot be blank', required=True) data = parser.parse_args() if UserModel.find_by_email(data['email']): return { 'message': 'User {} already exists'.format(data['email']) }, 409 new_user = UserModel(name=data['name'], email=data['email'], password=UserModel.generate_hash( data['password'])) try: new_user.save_to_db() access_token = create_access_token(identity=data['email']) return { 'message': 'User {} was created'.format(data['email']), 'access_token': access_token } except: return {'message': 'Something went wrong'}, 500
def post(self): data = registration_parser.parse_args() if UserModel.find_by_email(data['email']): return { 'message': 'User {} already exists'.format(data['email']) }, 400 new_user = UserModel(email=data['email'], password=UserModel.generate_hash( data['password']), first_name=data['first_name'], last_name=data['last_name'], phone=data['phone'], gender=data['gender'], dob=data['dob'], dod=data['dod'], medications=[], heatmap=[]) try: new_user.save_to_db() access_token = create_access_token(identity=data['email']) refresh_token = create_refresh_token(identity=data['email']) return { 'message': 'User {} was created'.format(data['email']), 'access_token': access_token, 'refresh_token': refresh_token } except Exception as e: print(e) return {'message': 'Something went wrong'}, 500
def put(cls, id): user_json = request.get_json()["user"] user = UserModel.find_by_id (id) if user: if user.username != user_json.get("username") and UserModel.find_by_username(user_json.get("username")): return {"message":"Username already exists"}, 400 if user.email != user_json.get("email") and UserModel.find_by_email(user_json.get("email")): return {"message":"Username already exists"}, 400 user.username = user_json["username"] user.email = user_json["email"] user.role_id = user_json["role_id"] if user_json["password"]: hashed_password = custom_pbkdf2.hash(user_json["password"]) user.password = hashed_password user.save_to_db() return {"message":"Agent updated!", "user": user_schema.dump(user)} return {"message":"not found"}, 404
def post(self): data = parser.parse_args() if UserModel.find_by_email(data['email']): return { 'message': 'User {} already exists'.format(data['email']) }, 400 random_char = ''.join([ random.choice(string.ascii_letters + string.digits) for n in range(8) ]) content = "your password for kaala app is " + random_char mail = "" password = "" self.send_email(mail, password, data['email'], content) new_user = UserModel(emp_id=data['emp_id'], email=data['email'], password=UserModel.generate_hash(random_char), role=data['role']) try: new_user.save_to_db() return { 'message': 'User {} is created'.format(data['email']), 'password': random_char } except: return {'message': 'Something went wrong'}, 500
def get(self): current_user = UserModel.find_by_email(get_jwt_identity()) if current_user: return { 'name': current_user.name, 'email': current_user.email, 'avatar_url': generate_gravatar(current_user.email) }
def post(self): data = password_recover_parser.parse_args() current_user = UserModel.find_by_email(data['email']) if not current_user: return {'message': 'User with such email doesn\'t exist'}, 400 UserModel.send_password_reset_email(current_user) return {'message': "An e-mail was sent to {}. Follow the instructions to reset the password".format(data['email'])}
def post(self): """Returns access_token for in exchange to valid user credentials""" req_data = self.parser.parse_args() user = UserModel.find_by_email(req_data["email"]) if not user or user.password != req_data["password"]: return {"success": False, "message": "invalid_credentials"}, 400 access_token = create_access_token(identity=user.id) return {"success": True, "access_token": access_token}
def post(self): user = UserModel.find_by_email(get_jwt_identity()) if not user: return {'message': 'User not found'}, 404 data = user_heatmap_parser.parse_args() print("location: " + data['location']) user.heatmap.append(data['location']) user.save_to_db() return {'message': 'added to heatmap'}
def put(self): user = UserModel.find_by_email(get_jwt_identity()) if not user: return {'message': 'User not found'}, 404 data = user_medication_parser.parse_args() print("medication: " + data['medication']) user.medications.append(data['medication']) user.save_to_db() return {'message': 'added to medications'}
def delete(self): user = UserModel.find_by_email(get_jwt_identity()) if not user: return {'message': 'User not found'}, 404 data = user_medication_parser.parse_args() print("medication: " + data['medication']) user.medications.remove(data['medication']) user.save_to_db() return {'message': 'removed medication'}
def post(self): """create user by email and password""" req_data = self.parser.parse_args() if UserModel.find_by_email(req_data["email"]): return self.generate_response(False, "user_exists"), 400 user = UserModel(**req_data) user.save_to_db() return self.generate_response(True, "user_created"), 201
def post(self): data = self.reqparse_args.parse_args() current_user = UserModel.find_by_email(data['email']) if not current_user: return {'message': 'User {} doesn\'t exist'.format(data['email'])} if UserModel.verify_hash(data['password'], current_user.password): access_token = create_access_token(identity=data['email']) refresh_token = create_refresh_token(identity=data['email']) return {'jwt': access_token, 'refresh_token': refresh_token}, 201 else: return {'message': 'Wrong credentials'}
def put(self): data = alexa_heatmap_parser.parse_args() user = UserModel.find_by_email(data['email']) if not user: return {'message': 'User {} not found'.format(data['email'])}, 404 if data['password'] != ALEXA_SECRET_KEY: return {'message': 'password invalid'}, 400 if data['location'] not in VALID_JOINTS: print("invalid location: " + data['location']) # return {'message': 'location invalid'}, 400 user.heatmap.append(data['location']) user.save_to_db() return {'message': 'added to heatmap'}
def delete(self, id): current_user = UserModel.find_by_email(get_jwt_identity()) is_current_user_admin = UserModel.find_role(current_user.id) if not is_current_user_admin: return { 'message': 'User {} is not admin'.format(current_user.email) }, 400 try: LeaveTypesModel.delete_leaveType(id) return {'message': 'Leave type deleted successfully'} except: return {'message': 'Something went wrong'}, 500
def put(cls): user_id = get_jwt_identity() email = request.get_json()["email"] if UserModel.find_by_email(email): return {"message":"Username already exists"}, 400 user = UserModel.find_by_id(user_id) user.email = email user.save_to_db() return {"message":"Email updated!", "user":user_schema.dump(user)}
def get(self, token): """Yes, this shouldn't be a GET, but users clicking URLs will generate a GET""" ts = URLSafeTimedSerializer(current_app.config['SECRET_KEY']) try: email = ts.loads(token, salt='email-confirm-key') # TODO: set `max_age=86400` above and handle re-sending confirmation email # The token can either expire or be invalid except: return {'message': "Unknown email confirmation token"}, 404 # Get the user from the database user = UserModel.find_by_email(email) user.active = True user.update() return {'message': "Email successfully confirmed! You can now login."}
def post(self): data = leave_parser.parse_args() current_user = UserModel.find_by_email(get_jwt_identity()) new_leave = LeavesModel(leave_type=data['leave_type'], description=data['description'], employee_id=current_user.id, from_date=data['from_date'], to_date=data['to_date'], num_of_days=data['num_of_days'], status=data['status']) try: new_leave.save_to_db() return {'message': 'Away created successfully'} except: return {'message': 'Something went wrong'}, 500
def test_user_registration(self): """Test correct user registration""" response = self.client_post('/registration', PAYLOAD) self.assertEqual( response.json, { 'message': "User {} was created, please verify your email".format(EMAIL) }) user = UserModel.find_by_email(EMAIL) self.assertIsNotNone(user) self.assertEqual(user.email, EMAIL) # Ensure plaintext password is not stored self.assertNotEqual(user.password, PASSWORD) self.assertFalse(user.active)
def test_duplicate_registration(self): """Test registration on existing email""" hashed_pass = UserModel.generate_hash('pass123') user = UserModel( email=EMAIL, password=hashed_pass, active=True, ) user.save_to_db() response = self.client_post('/registration', PAYLOAD) self.assertEqual(response.json, {'message': "Email {} already exists".format(EMAIL)}) user = UserModel.find_by_email(EMAIL) # Ensure user wasn't changed self.assertEqual(user.password, hashed_pass)
def put(self): data = login_parser.parse_args() current_user = UserModel.find_by_email(data['email']) if not current_user: return {'message': 'invalid email or password'}, 400 if UserModel.verify_hash(data['password'], current_user.password): access_token = create_access_token(identity=data['email']) refresh_token = create_refresh_token(identity=data['email']) return { 'message': 'Logged in as {}'.format(current_user.email), 'access_token': access_token, 'refresh_token': refresh_token } else: return {'message': 'invalid email or password'}, 400
def post(self): data = parser.parse_args() # TODO: Validate/sanitize email format if UserModel.find_by_email(data['email']): return {'message': "Email {} already exists".format(data['email'])} # Create the user, remember to hash the password! new_user = UserModel(email=data['email'], password=UserModel.generate_hash( data['password']), active=False) try: new_user.save_to_db() except: logger.exception("Error saving new user to DB") return {'message': "Something went wrong"}, 500 try: # This email confirmation code mostly comes from: # https://github.com/MaxHalford/flask-boilerplate/blob/master/app/views/user.py # Serializer for generating random tokens ts = URLSafeTimedSerializer(current_app.config['SECRET_KEY']) # Subject of the confirmation email subject = 'Please confirm your email address.' # Generate a random token token = ts.dumps(new_user.email, salt='email-confirm-key') # Build a confirm link with token confirm_url = url_for('user.confirm', token=token, _external=True) # Render an HTML template to send by email html = render_template('email-confirm.html', confirm_url=confirm_url) # Send the email to user emails.send(new_user.email, subject, html) return { 'message': 'User {} was created, please verify your email'.format( data['email']), } except: logger.exception("Something went wrong sending confirmation email") return {'message': "Something went wrong"}, 500
def post(self): data = parser.parse_args() email = data['email'] password = data['password'] current_user = UserModel.find_by_email(email) if not current_user: return {'message': 'User {} doesn\'t exist'.format(email)} if UserModel.verify_hash(password, current_user.password): access_token = create_access_token(identity=email) refresh_token = create_refresh_token(identity=email) return { 'message': 'Logged in as {}'.format(email), 'access_token': access_token, 'refresh_token': refresh_token } else: return {'message': 'Wrong credentials'}
def post(self): data = login_parser.parse_args() current_user = UserModel.find_by_email(data['email']) if not current_user: return { 'message': 'User {} doesn\'t exist'.format(data['email']) }, 404 if UserModel.verify_hash(data['password'], current_user.password): access_token = create_access_token(identity=data['email']) refresh_token = create_refresh_token(identity=data['email']) return jsonify({ 'id': format(current_user.id), 'email': format(current_user.email), 'access_token': access_token, 'refresh_token': refresh_token }) else: return {'message': 'Wrong credentials'}, 401