def post(self):
data = parserLogin.parse_args()
current_user = UserModel.find_by_email(data['email'])
if not current_user:
return {
'message': 'User {} doesn\'t exist'.format(data['email']),
'login': False
}, 400
elif not UserModel.verify_hash(data['password'],
current_user.password):
return {
'message': 'Wrong credentials or bad behaviour',
'login': False
}, 401
elif not UserModel.verify_model(current_user.model_id,
json.loads(data['test'])):
return {
'message': 'Wrong credentials or bad behaviour',
'login': False
}, 401
else:
access_token = create_access_token(identity=data['email'])
refresh_token = create_refresh_token(identity=data['email'])
return {
'login': True,
'access_token': access_token,
'refresh_token': refresh_token
}, 200
def post(self):
data = registration_parser.parse_args()
if UserModel.find_by_username(
data['username']) or UserModel.find_by_email(data['email']):
return {
'message': "User with such username or email already exists"
}, 400
new_user = UserModel(username=data['username'],
password=UserModel.generate_hash(
data['password']),
email=data['email'],
name=data['name'],
surname=data['surname'],
current_balance=100)
try:
new_user.save_to_db()
access_token = create_access_token(identity=new_user)
refresh_token = create_refresh_token(identity=new_user)
return {
'message': 'User {} was created'.format(data['username']),
'access_token': access_token,
'refresh_token': refresh_token
}
except:
return {'message': 'Something went wrong'}, 500
def post(self):
data = register.parse_args()
if UserModel.find_by_username(data['username']):
return {
'success': 'false',
'message': 'User {} already exists'.format(data['username'])
}
if UserModel.find_by_email(data['email']):
return {
'success': 'false',
'message': 'Email {} already exists'.format(data['email'])
}
new_user = UserModel(username=data['username'],
password=UserModel.generate_hash(
data['password']),
email=data['email'],
kantor=data['kantor'],
no_hp=data['no_hp'],
alamat=data['alamat'])
try:
new_user.save_to_db()
access_token = create_access_token(identity=data['username'])
refresh_token = create_refresh_token(identity=data['username'])
return {
'success': 'true',
'message': 'User {} was created'.format(data['username']),
'access_token': access_token,
'refresh_token': refresh_token
}
except:
return {'success': 'false'}, 500
def post(self):
data = parser.parse_args()
current_user = UserModel.find_by_email(data['email'])
if not current_user:
return {
'message': "Email {} doesn't exist".format(data['email'])
}, 401
# Verify user is active
if not current_user.active:
return {
'message': "Email {} is not yet verified".format(data['email'])
}, 401
# If the password matches, generate and send the token
if current_user.verify_password(data['password']):
access_token = create_access_token(identity=data['email'])
refresh_token = create_refresh_token(identity=data['email'])
return {
'message': 'Logged in as {}'.format(current_user.email),
'access_token': access_token,
'refresh_token': refresh_token
}
else:
return {'message': "Wrong credentials"}, 401
def post(self):
data = parserRegister.parse_args()
if UserModel.find_by_email(data['email']):
return {
'message':
'User with email {} already exists'.format(data['email'])
}, 409
if not fullmatch(r"[^@]+@[^@]+\.[^@]+", data['email']):
return {
'message':
'Email address {} is not valid'.format(data['email'])
}, 400
new_user = UserModel(email=data['email'],
password=UserModel.generate_hash(
data['password']),
model_id=uuid.uuid4().hex)
try:
new_user.save_to_db()
new_user.create_model(json.loads(data['train']))
return {
'message': 'User {} was created'.format(data['email']),
}
except Exception as e:
print(e)
return {'message': 'Something went wrong'}, 500
def post(self):
if request.is_json:
try:
fullName = request.get_json()['fullName']
email = request.get_json()['email']
password = request.get_json()['password']
except Exception as e:
capture_exception(e)
return {"Message": "Some field is empty"}, 400
else:
capture_message("None JSON data sent")
return {"Message": "Request body is null/not JSON"}, 400
if UserModel.find_by_email(email):
return {
"Message": "Email {} already registered".format(email)
}, 409
try:
user = UserModel(fullName=fullName,
email=email,
password=UserModel.generate_hash(password))
user.save_to_db()
access_token = create_access_token(identity=email)
refresh_token = create_refresh_token(identity=email)
return {
'message': 'User {} was created'.format(email),
'access_token': access_token,
'refresh_token': refresh_token
}, 200
except Exception as e:
capture_exception(e)
return {"Message": "Unable to create user"}, 500
def post(cls):
try:
company_json = request.get_json()["company"]
company = company_schema.load(company_json)
for user in company.users:
if UserModel.find_by_username(user.username):
return {"message": "Username already exists"}, 400
if UserModel.find_by_email(user.email):
return {"message": "Username already exists"}, 400
hashed_password = custom_pbkdf2.hash(user.password)
user.password = hashed_password
company.save_to_db()
for user in company.users:
user_setting = user_setting_schema.load({"user_id": user.id})
user_setting.save_to_db()
return {
"message": "Company created!",
"company": company_schema.dump(company)
}
except Exception as e:
return {"message": "An error has occurred!"}
def post(self):
parser = reqparse.RequestParser()
parser.add_argument('email',
help='This field cannot be blank',
required=True)
parser.add_argument('password',
help='This field cannot be blank',
required=True)
parser.add_argument('name',
help='This field cannot be blank',
required=True)
data = parser.parse_args()
if UserModel.find_by_email(data['email']):
return {
'message': 'User {} already exists'.format(data['email'])
}, 409
new_user = UserModel(name=data['name'],
email=data['email'],
password=UserModel.generate_hash(
data['password']))
try:
new_user.save_to_db()
access_token = create_access_token(identity=data['email'])
return {
'message': 'User {} was created'.format(data['email']),
'access_token': access_token
}
except:
return {'message': 'Something went wrong'}, 500
def post(self):
data = registration_parser.parse_args()
if UserModel.find_by_email(data['email']):
return {
'message': 'User {} already exists'.format(data['email'])
}, 400
new_user = UserModel(email=data['email'],
password=UserModel.generate_hash(
data['password']),
first_name=data['first_name'],
last_name=data['last_name'],
phone=data['phone'],
gender=data['gender'],
dob=data['dob'],
dod=data['dod'],
medications=[],
heatmap=[])
try:
new_user.save_to_db()
access_token = create_access_token(identity=data['email'])
refresh_token = create_refresh_token(identity=data['email'])
return {
'message': 'User {} was created'.format(data['email']),
'access_token': access_token,
'refresh_token': refresh_token
}
except Exception as e:
print(e)
return {'message': 'Something went wrong'}, 500
def put(cls, id):
user_json = request.get_json()["user"]
user = UserModel.find_by_id (id)
if user:
if user.username != user_json.get("username") and UserModel.find_by_username(user_json.get("username")):
return {"message":"Username already exists"}, 400
if user.email != user_json.get("email") and UserModel.find_by_email(user_json.get("email")):
return {"message":"Username already exists"}, 400
user.username = user_json["username"]
user.email = user_json["email"]
user.role_id = user_json["role_id"]
if user_json["password"]:
hashed_password = custom_pbkdf2.hash(user_json["password"])
user.password = hashed_password
user.save_to_db()
return {"message":"Agent updated!", "user": user_schema.dump(user)}
return {"message":"not found"}, 404
def post(self):
data = parser.parse_args()
if UserModel.find_by_email(data['email']):
return {
'message': 'User {} already exists'.format(data['email'])
}, 400
random_char = ''.join([
random.choice(string.ascii_letters + string.digits)
for n in range(8)
])
content = "your password for kaala app is " + random_char
mail = ""
password = ""
self.send_email(mail, password, data['email'], content)
new_user = UserModel(emp_id=data['emp_id'],
email=data['email'],
password=UserModel.generate_hash(random_char),
role=data['role'])
try:
new_user.save_to_db()
return {
'message': 'User {} is created'.format(data['email']),
'password': random_char
}
except:
return {'message': 'Something went wrong'}, 500
def get(self):
current_user = UserModel.find_by_email(get_jwt_identity())
if current_user:
return {
'name': current_user.name,
'email': current_user.email,
'avatar_url': generate_gravatar(current_user.email)
}
def post(self):
data = password_recover_parser.parse_args()
current_user = UserModel.find_by_email(data['email'])
if not current_user:
return {'message': 'User with such email doesn\'t exist'}, 400
UserModel.send_password_reset_email(current_user)
return {'message': "An e-mail was sent to {}. Follow the instructions to reset the password".format(data['email'])}
def post(self):
"""Returns access_token for in exchange to valid user credentials"""
req_data = self.parser.parse_args()
user = UserModel.find_by_email(req_data["email"])
if not user or user.password != req_data["password"]:
return {"success": False, "message": "invalid_credentials"}, 400
access_token = create_access_token(identity=user.id)
return {"success": True, "access_token": access_token}
def post(self):
user = UserModel.find_by_email(get_jwt_identity())
if not user:
return {'message': 'User not found'}, 404
data = user_heatmap_parser.parse_args()
print("location: " + data['location'])
user.heatmap.append(data['location'])
user.save_to_db()
return {'message': 'added to heatmap'}
def put(self):
user = UserModel.find_by_email(get_jwt_identity())
if not user:
return {'message': 'User not found'}, 404
data = user_medication_parser.parse_args()
print("medication: " + data['medication'])
user.medications.append(data['medication'])
user.save_to_db()
return {'message': 'added to medications'}
def delete(self):
user = UserModel.find_by_email(get_jwt_identity())
if not user:
return {'message': 'User not found'}, 404
data = user_medication_parser.parse_args()
print("medication: " + data['medication'])
user.medications.remove(data['medication'])
user.save_to_db()
return {'message': 'removed medication'}
def post(self):
"""create user by email and password"""
req_data = self.parser.parse_args()
if UserModel.find_by_email(req_data["email"]):
return self.generate_response(False, "user_exists"), 400
user = UserModel(**req_data)
user.save_to_db()
return self.generate_response(True, "user_created"), 201
def post(self):
data = self.reqparse_args.parse_args()
current_user = UserModel.find_by_email(data['email'])
if not current_user:
return {'message': 'User {} doesn\'t exist'.format(data['email'])}
if UserModel.verify_hash(data['password'], current_user.password):
access_token = create_access_token(identity=data['email'])
refresh_token = create_refresh_token(identity=data['email'])
return {'jwt': access_token, 'refresh_token': refresh_token}, 201
else:
return {'message': 'Wrong credentials'}
def put(self):
data = alexa_heatmap_parser.parse_args()
user = UserModel.find_by_email(data['email'])
if not user:
return {'message': 'User {} not found'.format(data['email'])}, 404
if data['password'] != ALEXA_SECRET_KEY:
return {'message': 'password invalid'}, 400
if data['location'] not in VALID_JOINTS:
print("invalid location: " + data['location'])
# return {'message': 'location invalid'}, 400
user.heatmap.append(data['location'])
user.save_to_db()
return {'message': 'added to heatmap'}
def delete(self, id):
current_user = UserModel.find_by_email(get_jwt_identity())
is_current_user_admin = UserModel.find_role(current_user.id)
if not is_current_user_admin:
return {
'message': 'User {} is not admin'.format(current_user.email)
}, 400
try:
LeaveTypesModel.delete_leaveType(id)
return {'message': 'Leave type deleted successfully'}
except:
return {'message': 'Something went wrong'}, 500
def put(cls):
user_id = get_jwt_identity()
email = request.get_json()["email"]
if UserModel.find_by_email(email):
return {"message":"Username already exists"}, 400
user = UserModel.find_by_id(user_id)
user.email = email
user.save_to_db()
return {"message":"Email updated!", "user":user_schema.dump(user)}
def get(self, token):
"""Yes, this shouldn't be a GET, but users clicking URLs will generate a GET"""
ts = URLSafeTimedSerializer(current_app.config['SECRET_KEY'])
try:
email = ts.loads(token, salt='email-confirm-key')
# TODO: set `max_age=86400` above and handle re-sending confirmation email
# The token can either expire or be invalid
except:
return {'message': "Unknown email confirmation token"}, 404
# Get the user from the database
user = UserModel.find_by_email(email)
user.active = True
user.update()
return {'message': "Email successfully confirmed! You can now login."}
def post(self):
data = leave_parser.parse_args()
current_user = UserModel.find_by_email(get_jwt_identity())
new_leave = LeavesModel(leave_type=data['leave_type'],
description=data['description'],
employee_id=current_user.id,
from_date=data['from_date'],
to_date=data['to_date'],
num_of_days=data['num_of_days'],
status=data['status'])
try:
new_leave.save_to_db()
return {'message': 'Away created successfully'}
except:
return {'message': 'Something went wrong'}, 500
def test_user_registration(self):
"""Test correct user registration"""
response = self.client_post('/registration', PAYLOAD)
self.assertEqual(
response.json, {
'message':
"User {} was created, please verify your email".format(EMAIL)
})
user = UserModel.find_by_email(EMAIL)
self.assertIsNotNone(user)
self.assertEqual(user.email, EMAIL)
# Ensure plaintext password is not stored
self.assertNotEqual(user.password, PASSWORD)
self.assertFalse(user.active)
def test_duplicate_registration(self):
"""Test registration on existing email"""
hashed_pass = UserModel.generate_hash('pass123')
user = UserModel(
email=EMAIL,
password=hashed_pass,
active=True,
)
user.save_to_db()
response = self.client_post('/registration', PAYLOAD)
self.assertEqual(response.json,
{'message': "Email {} already exists".format(EMAIL)})
user = UserModel.find_by_email(EMAIL)
# Ensure user wasn't changed
self.assertEqual(user.password, hashed_pass)
def put(self):
data = login_parser.parse_args()
current_user = UserModel.find_by_email(data['email'])
if not current_user:
return {'message': 'invalid email or password'}, 400
if UserModel.verify_hash(data['password'], current_user.password):
access_token = create_access_token(identity=data['email'])
refresh_token = create_refresh_token(identity=data['email'])
return {
'message': 'Logged in as {}'.format(current_user.email),
'access_token': access_token,
'refresh_token': refresh_token
}
else:
return {'message': 'invalid email or password'}, 400
def post(self):
data = parser.parse_args()
# TODO: Validate/sanitize email format
if UserModel.find_by_email(data['email']):
return {'message': "Email {} already exists".format(data['email'])}
# Create the user, remember to hash the password!
new_user = UserModel(email=data['email'],
password=UserModel.generate_hash(
data['password']),
active=False)
try:
new_user.save_to_db()
except:
logger.exception("Error saving new user to DB")
return {'message': "Something went wrong"}, 500
try:
# This email confirmation code mostly comes from:
# https://github.com/MaxHalford/flask-boilerplate/blob/master/app/views/user.py
# Serializer for generating random tokens
ts = URLSafeTimedSerializer(current_app.config['SECRET_KEY'])
# Subject of the confirmation email
subject = 'Please confirm your email address.'
# Generate a random token
token = ts.dumps(new_user.email, salt='email-confirm-key')
# Build a confirm link with token
confirm_url = url_for('user.confirm', token=token, _external=True)
# Render an HTML template to send by email
html = render_template('email-confirm.html',
confirm_url=confirm_url)
# Send the email to user
emails.send(new_user.email, subject, html)
return {
'message':
'User {} was created, please verify your email'.format(
data['email']),
}
except:
logger.exception("Something went wrong sending confirmation email")
return {'message': "Something went wrong"}, 500
def post(self):
data = parser.parse_args()
email = data['email']
password = data['password']
current_user = UserModel.find_by_email(email)
if not current_user:
return {'message': 'User {} doesn\'t exist'.format(email)}
if UserModel.verify_hash(password, current_user.password):
access_token = create_access_token(identity=email)
refresh_token = create_refresh_token(identity=email)
return {
'message': 'Logged in as {}'.format(email),
'access_token': access_token,
'refresh_token': refresh_token
}
else:
return {'message': 'Wrong credentials'}
def post(self):
data = login_parser.parse_args()
current_user = UserModel.find_by_email(data['email'])
if not current_user:
return {
'message': 'User {} doesn\'t exist'.format(data['email'])
}, 404
if UserModel.verify_hash(data['password'], current_user.password):
access_token = create_access_token(identity=data['email'])
refresh_token = create_refresh_token(identity=data['email'])
return jsonify({
'id': format(current_user.id),
'email': format(current_user.email),
'access_token': access_token,
'refresh_token': refresh_token
})
else:
return {'message': 'Wrong credentials'}, 401
