def refresh_user_token():
response_object = {
"status": "fail",
"message": "Provide a valid refresh token."
}
auth_header = request.headers.get("Authorization")
if not auth_header:
return jsonify(response_object), 403
refresh_token = auth_header.split(" ")[1]
try:
resp = UserModel.decode_token(refresh_token)
user = UserModel.find_by_id(resp)
if not user:
response_object["status"] = "fail"
response_object["message"] = "Invalid token"
return jsonify(response_object), 401
new_access_token = user.encode_token(user.id, "access")
new_refresh_token = user.encode_token(user.id, "refresh")
response_object = {
"status": "success",
"access_token": new_access_token.decode(),
"refresh_token": new_refresh_token.decode(),
}
return response_object, 200
except jwt.ExpiredSignatureError:
response_object["status"] = "fail"
response_object["message"] = "Signature expired. Please log in again."
return jsonify(response_object), 401
except jwt.InvalidTokenError:
response_object["status"] = "fail"
response_object["message"] = "Invalid token. Please log in again.."
return jsonify(response_object), 401
def test_add_user_duplicate_email(self):
user_data = TestData.user_data_model_1
user = UserModel(**user_data)
db.session.add(user)
db.session.commit()
duplicate_user = UserModel(**user_data)
db.session.add(duplicate_user)
self.assertRaises(IntegrityError, db.session.commit)
def post(cls, user_id: int):
"""Resend confirmation email"""
response_object = {"status": "fail", "message": "User Not found"}
user = UserModel.find_by_id(_id=user_id)
if not user:
return response_object, 404
try:
confirmation = user.most_recent_confirmation
if confirmation:
if confirmation.confirmed:
response_object["message"] = "Already confirmed"
return response_object, 400
confirmation.force_to_expire()
new_confirmation = ConfirmationModel(user_id)
new_confirmation.save_to_db()
user.send_confirmation_mail()
response_object["status"] = "success"
response_object[
"message"] = "Email confirmation successfully resent"
return response_object, 201
except MailGunException as e:
response_object["message"] = str(e)
user.delete_from_db()
return response_object, 500
except Exception:
traceback.print_exc()
user.delete_from_db()
response_object[
"message"] = "Internal Server Error. Failed to resend confirmation email"
return response_object, 500
def test_add_user_duplicate_email(self):
"""Ensure error is thrown if the email already exists."""
user_auth = TestData.user_data_model_1
token = TestUtils.user_login(user_auth, self.client)
admin_user = UserModel.find_by_email(user_auth["email"])
admin_user.admin = True
admin_user.save_to_db()
TestUtils.confirm_user(admin_user.id)
for user_type in ("retail", "wholesale"):
if user_type == "wholesale":
new_user = TestData.user_wholesale_data
else:
new_user = TestData.user_retail_data
with self.client:
self.client.post(
f"/users/{user_type}",
data=json.dumps(new_user),
content_type="application/json",
headers={"Authorization": f"Bearer {token}"},
)
response = self.client.post(
f"/users/{user_type}",
data=json.dumps(new_user),
content_type="application/json",
headers={"Authorization": f"Bearer {token}"},
)
data = json.loads(response.data.decode())
self.assertEqual(response.status_code, 400)
self.assertIn("Sorry. That email already exists.",
data["message"])
self.assertIn("fail", data["status"])
def test_add_user(self):
"""Ensure a new user can be added to the database."""
user_auth = TestData.user_data_model_1
token = TestUtils.user_login(user_auth, self.client)
admin_user = UserModel.find_by_email(user_auth["email"])
admin_user.admin = True
admin_user.save_to_db()
TestUtils.confirm_user(admin_user.id)
for user_type in ("retail", "wholesale"):
if user_type == "wholesale":
new_user = TestData.user_wholesale_data
else:
new_user = TestData.user_retail_data
with self.client:
response = self.client.post(
f"/users/{user_type}",
data=json.dumps(new_user),
content_type="application/json",
headers={"Authorization": f"Bearer {token}"},
)
data = json.loads(response.data.decode())
self.assertEqual(response.status_code, 201)
self.assertIn(f"{new_user['email']} was added!",
data["message"])
self.assertIn("success", data["status"])
def add_user(cls, username, email, password, user_type=None):
user = UserModel(
username=username, email=email, password=password, user_type=user_type
)
db.session.add(user)
db.session.commit()
return user
def index():
if request.method == "POST":
username = request.form["username"]
email = request.form["email"]
password = request.form["password"]
db.session.add(
UserModel(username=username, email=email, password=password))
db.session.commit()
users = UserModel.query.all()
return render_template("index.html", users=users)
def test_add_user(self):
user = UserModel(**TestData.user_data_model_1)
db.session.add(user)
db.session.commit()
confirmation = ConfirmationModel(user.id)
confirmation.save_to_db()
self.assertTrue(user.id)
self.assertEqual(user.username, TestData.user_data_model_1["username"])
self.assertEqual(user.email, TestData.user_data_model_1["email"])
self.assertFalse(user.most_recent_confirmation.confirmed)
self.assertTrue(user.password)
self.assertFalse(user.admin)
def decorated_function(*args, **kwargs):
response_object = {
"status": "fail",
"message": "Provide a valid auth token."
}
auth_header = request.headers.get("Authorization")
if not auth_header:
return response_object, 403
auth_token = auth_header.split(" ")[1]
resp = UserModel.decode_token(auth_token)
if isinstance(resp, str):
response_object["message"] = resp
return response_object, 401
user = UserModel.find_by_id(_id=resp)
if not user:
return response_object, 401
confirmation = user.most_recent_confirmation
if not confirmation or not confirmation.confirmed:
response_object[
"message"] = "You have not confirmed registration. Please check your email."
return response_object, 401
return f(resp, *args, **kwargs)
def get(cls, user_id: int):
"""Returns confirmation for specific user"""
response_object = {"status": "fail"}
user = UserModel.find_by_id(_id=user_id)
if not user:
return response_object, 404
else:
response_object["status"] = "success"
response_object["current_time"] = int(time())
response_object["confirmation"] = [
each.json() for each in user.confirmation.order_by(
ConfirmationModel.expire_at)
]
return response_object, 200
def add_user_to_db(username, password, email, user_type, street_name,
street_number, city, zip_code):
new_user = UserModel(username=username,
password=password,
email=email,
user_type=user_type)
db.session.add(new_user)
# add address
new_address = AddressModel(
street_name=street_name,
street_number=street_number,
city=city,
zip_code=zip_code,
)
db.session.add(new_address)
db.session.commit()
return new_user, new_address
def test_add_user_invalid_json(self):
"""Ensure error is thrown if the JSON object is empty."""
user_auth = TestData.user_data_model_1
token = TestUtils.user_login(user_auth, self.client)
admin_user = UserModel.find_by_email(user_auth["email"])
admin_user.admin = True
admin_user.save_to_db()
TestUtils.confirm_user(admin_user.id)
for user_type in ("retail", "wholesale"):
with self.client:
response = self.client.post(
f"/users/{user_type}",
data=json.dumps({}),
content_type="application/json",
headers={"Authorization": f"Bearer {token}"},
)
data = json.loads(response.data.decode())
self.assertEqual(response.status_code, 400)
self.assertIn("Invalid Payload", data["message"])
self.assertIn("fail", data["status"])
def test_add_user_invalid_json_keys_no_password(self):
"""
Ensure error is thrown if the JSON object
does not have a password key.
"""
user_auth = TestData.user_data_model_1
token = TestUtils.user_login(user_auth, self.client)
user = UserModel.find_by_email(TestData.user_data_model_1["email"])
user.admin = True
user.save_to_db()
for user_type in ("retail", "wholesale"):
with self.client:
response = self.client.post(
f"/users/{user_type}",
data=json.dumps(
dict(username="******", email="*****@*****.**")),
content_type="application/json",
headers={"Authorization": f"Bearer {token}"},
)
data = json.loads(response.data.decode())
self.assertEqual(response.status_code, 400)
self.assertIn("Invalid Payload", data["message"])
self.assertIn("fail", data["status"])
def seed_db():
"""Seeds the database."""
user_1_s = UserModel(
username="******",
email="*****@*****.**",
password="******",
admin=True,
user_type=UserType.wholesale,
)
db.session.add(user_1_s)
db.session.commit()
user_2_s = UserModel(
username="******",
email="*****@*****.**",
password="******",
user_type=UserType.wholesale,
)
db.session.add(user_2_s)
user_3_r = UserModel(
username="******", email="*****@*****.**", password="******"
)
db.session.add(user_3_r)
user_4_r = UserModel(
username="******", email="*****@*****.**", password="******"
)
db.session.add(user_4_r)
db.session.commit()
confirmation_1 = ConfirmationModel(user_1_s.id, confirmed=True)
confirmation_1.save_to_db()
confirmation_2 = ConfirmationModel(user_2_s.id, confirmed=True)
confirmation_2.save_to_db()
confirmation_3 = ConfirmationModel(user_3_r.id, confirmed=True)
confirmation_3.save_to_db()
confirmation_4 = ConfirmationModel(user_4_r.id, confirmed=True)
confirmation_4.save_to_db()
# add suppliers
supplier_1 = SupplierModel(user_id=user_1_s.id)
db.session.add(supplier_1)
supplier_2 = SupplierModel(user_id=user_2_s.id)
db.session.add(supplier_2)
# add retailers
retailer_1 = RetailerModel(user_id=user_3_r.id)
db.session.add(retailer_1)
retailer_2 = RetailerModel(user_id=user_4_r.id)
db.session.add(retailer_2)
retailer_1.suppliers.append(supplier_1)
retailer_1.suppliers.append(supplier_2)
retailer_2.suppliers.append(supplier_2)
db.session.commit()
# add addresses
address_1 = AddressModel(
street_name="Agaiou", street_number="46", city="Rafina", zip_code="190 09",
)
db.session.add(address_1)
address_2 = AddressModel(
street_name="Στρ. Νικ. Πλαστήρα",
street_number="ΠΛΑΤΕΙΑ",
city="Ραφηνα",
zip_code="190 09",
)
db.session.add(address_2)
address_3 = AddressModel(
street_name="Dimarchou Christou Mpeka",
street_number="8",
city="Spata",
zip_code="190 04",
)
db.session.add(address_3)
address_4 = AddressModel(
street_name="Thessalonikis",
street_number="119",
city="Athens",
zip_code="118 52",
)
db.session.add(address_4)
address_5 = AddressModel(
street_name="Τρωων", street_number="115", city="Athens", zip_code="118 52",
)
db.session.add(address_5)
address_6 = AddressModel(
street_name="Τρωων", street_number="125", city="Athens", zip_code="118 52",
)
db.session.add(address_6)
# commit for addresses
db.session.commit()
# add stores
store_1 = StoreModel(
retailer_id=retailer_1.id,
store_name="store_1",
store_type=StoreType.cafeBar.name,
address_id=address_4.id,
)
db.session.add(store_1)
store_2 = StoreModel(
retailer_id=retailer_2.id,
store_name="store_2",
store_type=StoreType.quick_service_restaurant.name,
address_id=address_5.id,
)
db.session.add(store_2)
store_3 = StoreModel(
retailer_id=retailer_2.id,
store_name="store_3",
store_type=StoreType.other.name,
address_id=address_6.id,
)
db.session.add(store_3)
# add companies
company_1 = CompanyModel(
supplier_id=supplier_1.id,
company_name="company_1",
address_id=address_1.id,
company_type=CompanyType.meat_and_poultry,
)
db.session.add(company_1)
company_2 = CompanyModel(
supplier_id=supplier_1.id,
company_name="company_2",
company_type=CompanyType.meat_and_poultry,
address_id=address_2.id,
)
db.session.add(company_2)
company_3 = CompanyModel(
supplier_id=supplier_2.id,
company_name="company_3",
company_type=CompanyType.coffee_and_drinks,
address_id=address_3.id,
)
db.session.add(company_3)
db.session.commit()
def test_decode_refresh_token(self):
user = TestUtils.add_user(**TestData.user_data_model_1)
auth_token = user.encode_token(user.id, "refresh")
self.assertTrue(isinstance(auth_token, bytes))
self.assertEqual(UserModel.decode_token(auth_token), user.id)
