def put(cls, id): user_json = request.get_json()["user"] user = UserModel.find_by_id (id) if user: if user.username != user_json.get("username") and UserModel.find_by_username(user_json.get("username")): return {"message":"Username already exists"}, 400 if user.email != user_json.get("email") and UserModel.find_by_email(user_json.get("email")): return {"message":"Username already exists"}, 400 user.username = user_json["username"] user.email = user_json["email"] user.role_id = user_json["role_id"] if user_json["password"]: hashed_password = custom_pbkdf2.hash(user_json["password"]) user.password = hashed_password user.save_to_db() return {"message":"Agent updated!", "user": user_schema.dump(user)} return {"message":"not found"}, 404
def post(self): data = self.token_parser.parse_args() current_user_id = get_jwt_identity() logged_in = current_user_id is not None denied = [] tokens = {} for app_id in data['ids']: denied.append(app_id) if logged_in: current_user = UserModel.find_by_id(current_user_id) if not current_user: return {'message': 'Invalid token'}, 401 for app_id in denied: if Purchase.find_purchase(current_user_id, app_id): denied.remove(app_id) tokens[app_id] = jwt.encode( { 'sub': 'users/%d' % current_user_id, 'prefixes': [app_id], 'exp': datetime.utcnow() + longRepoTokenLifetime, 'name': 'auth.py', }, repo_secret, algorithm='HS256').decode('utf-8') return {'denied': denied, 'tokens': tokens}
def identity(payload): """ :param payload: :return: """ user_id = payload['identity'] return UserModel.find_by_id(user_id)
def wrapper(*args, **kwargs): user_id = get_jwt_identity() user = UserModel.find_by_id(user_id) if user.role_id != Roles.ADMIN.value: return {"message":"The current user do not have the privileges to acomplish this action"}, 401 return func(*args, **kwargs)
def whoami(): userid = get_jwt_identity() user = UserModel.find_by_id(userid) if not user: return {'message': 'no such user.'}, 401 return { 'username': user.username, 'message': f'logged in as {user.username}.' }
def delete(cls, id): user = UserModel.find_by_id (id) if user: user.delete_from_db() return {"message":"User deleted!"} return {"message":"not found"}, 404
def put(cls): user_id = get_jwt_identity() user_json = request.get_json()["userProfile"] user = UserModel.find_by_id(user_id) user.username = user_json.get("username") user.save_to_db() return {"message":"User profile updated!", "user":user_schema.dump(user)}
def post(cls, slug): """Revoke like from article by logged in user.""" article = ArticleModel.find_by_slug(slug) if not article: return {"message": "Article not found"}, 404 user_id = get_jwt_identity() user = UserModel.find_by_id(user_id) if not user in article.likes: return {"message": "You have to like this article before you can revoke like"}, 403 article.likes.remove(user) article.save_to_db() return {"message": "Article with id={} has been disliked by {}".format(article.id, user.username)}, 200
def put(cls): user_id = get_jwt_identity() email = request.get_json()["email"] if UserModel.find_by_email(email): return {"message":"Username already exists"}, 400 user = UserModel.find_by_id(user_id) user.email = email user.save_to_db() return {"message":"Email updated!", "user":user_schema.dump(user)}
def post(cls, slug): """Like specific article instance by current logged in user.""" article = ArticleModel.find_by_slug(slug) if not article: return {"message": "Article not found"}, 404 user_id = get_jwt_identity() user = UserModel.find_by_id(user_id) if user == article.author: return {"message": "You can't like your own article"}, 403 if user in article.likes: return {"message": "You can't like this article twice"}, 403 article.likes.append(user) article.save_to_db() return {"message": "Article with id={} has been liked by {}".format(article.id, user.username)}, 200
def get(self): import datetime as dt out_entries = [] scoreboard = ScoreboardEntryModel.get_all_entries() for sbentry in scoreboard: user = UserModel.find_by_id(sbentry.user_id) game = GameModel.find_by_id(sbentry.game_id) elapsed_seconds = (sbentry.time_end - sbentry.time_begin).total_seconds() \ if sbentry.time_end else (dt.datetime.now() - sbentry.time_begin).total_seconds() entry = { "username": user.username, "game": game.title, "current_riddle": sbentry.current_riddle, "finished": sbentry.finished, "time_begin": int(sbentry.time_begin.timestamp() * 1000), "elapsed_seconds": elapsed_seconds } out_entries.append(entry) return {"entries": out_entries}
def get(self, id): user = UserModel.find_by_id(id) return {"username": user.username, "password": user.password}
def post(self): # expenses parser = reqparse.RequestParser() parser.add_argument( "user_id", help="This field cannot be blank", required=True, location="json" ) parser.add_argument( "total_amount", help="This field cannot be blank", required=True, location="json", ) parser.add_argument( "expense_category", help="This field cannot be blank", required=True, location="json", ) parser.add_argument( "divide_it", help="This field cannot be blank", required=False, location="json", ) data = parser.parse_args() # Double check if userId is exists. Although JWT is doing this, still re-doing. unncessary if UserModel.find_by_id(data["user_id"]): # Insert to expenses new_expense = ExpenseModel( user_id=data["user_id"], total_amount=data["total_amount"], expense_category=data["expense_category"], ) createdExpenseId = new_expense.save_to_db() # TODO: check wether expense is divide amoung other? if data["divide_it"] and len(data["divide_it"]) > 0: # If its divided, checking existance of username. divide_betweens = eval(data["divide_it"]) dataToBeInsert = [] # Divided amount must be equal to total amount amount_should_equal = 0 for divide_between in divide_betweens: if UserModel.find_by_id(divide_between["user_id"]): a = DividedExpenseModel( expense_id=createdExpenseId, user_id=divide_between["user_id"], amount=divide_between["amount"], ) amount_should_equal = ( amount_should_equal + divide_between["amount"] ) dataToBeInsert.append(a) else: # rollback created expense entry. # TODO: handle error while deleting. try: ExpenseModel.delete_by_id(createdExpenseId) return { "message": "username: {} not found".format( divide_between["user_id"] ) } except: return {"message": "Something went wrong"}, 500 if int(amount_should_equal) == int(data["total_amount"]): # For divident Expenses for dataWillBeInsert in dataToBeInsert: try: dataWillBeInsert.save_to_db() except: return {"message": "Something went wrong"}, 500 else: # rollback created expense entry. # TODO: handle error while deleting. try: ExpenseModel.delete_by_id(createdExpenseId) return { "message": "total amount is not equal to divident amount" } except: return {"message": "Something went wrong"}, 500 else: return {"message": "length doesn't exist"} return { "message": "Expense created successfully for User id: {}".format( data["user_id"] ) } else: return {"message": "User doesn't exists"}
def identity(payload): user_id = payload['identity'] return UserModel.find_by_id(user_id)