def register_user(): # get post data post_data = request.get_json() response_object = {"status": "fail", "message": "Invalid payload."} if not post_data: return jsonify(response_object), 400 username = post_data.get("username") email = post_data.get("email") password = post_data.get("password") try: # check for existing user user = User.query.filter( or_(User.username == username, User.email == email) ).first() if not user: # add new user to db user = User(username=username, email=email, password=password) db.session.add(user) db.session.commit() # generate auth token auth_token = user.encode_auth_token(user.id) response_object["status"] = "success" response_object["message"] = "Successfully registered." response_object["auth_token"] = auth_token.decode() return jsonify(response_object), 201 else: response_object["message"] = "Sorry. That user already exists." return jsonify(response_object), 400 # handler errors except (exc.IntegrityError, ValueError): db.session.rollback() return jsonify(response_object), 400
def seed_db(): db.session.add( User(username="******", email="*****@*****.**", password="******")) db.session.add( User(username="******", email="*****@*****.**", password="******")) db.session.add(Location(lat="30.99999", lng="-120.93999")) db.session.commit()
def seed_db(): db.session.add( User(username="******", email="*****@*****.**", password="******")) db.session.add( User(username="******", email="*****@*****.**", password="******")) db.session.commit()
def seed_db(): db.session.add( User(username='******', email="*****@*****.**", password="******")) db.session.add( User(username='******', email="*****@*****.**", password="******")) db.session.commit()
def seed_db(): """Seeds the database.""" db.session.add( User(username='******', email='*****@*****.**', password='******')) db.session.add( User(username='******', email='*****@*****.**', password='******')) db.session.commit()
def seed_db(): """Seeds the database.""" db.session.add( User( username="******", email="*****@*****.**", password="******", )) db.session.add( User(username="******", email="*****@*****.**", password="******")) db.session.commit()
def seed_db(): """Seeds the database.""" db.session.add( User(username="******", email="*****@*****.**", password="******")) db.session.add( User( username="******", email="*****@*****.**", password="******", )) db.session.commit()
def seed_users(): db.session.add( User(username="******", email="*****@*****.**", password="******", role="sponsor", sponsor_logo="https://logodix.com/logo/441272.png", sponsor_headline="We Deliver", sponsor_slug="The original LTL Experts")) db.session.add( User( username="******", email="*****@*****.**", password="******", role="sponsor", sponsor_logo= "https://www.jing.fm/clipimg/detail/9-98595_driving-clipart-semi-truck-semi-trucks.png", sponsor_headline="The Biggest Freight Company", sponsor_slug="We are very big.")) db.session.add( User(username="******", email="*****@*****.**", password="******", role="admin")) db.session.add( User(username="******", email="*****@*****.**", password="******", role="sponsor_mgr")) db.session.add( User(username="******", email="*****@*****.**", password="******", role="sponsor_mgr")) db.session.add( User(username="******", email="*****@*****.**", password="******", role="driver")) db.session.add( User(username="******", email="*****@*****.**", password="******", role="driver")) db.session.add( User(username="******", email="*****@*****.**", password="******", role="driver")) db.session.add( User(username="******", email="*****@*****.**", password="******", role="driver")) # db.session.add(User(username="", email="", password="", role="", sponsor_name="")) db.session.commit()
def add_user(username, email, password): user = User(username=username, email=email, password=password) db.session.add(user) db.session.commit() return user
def post(self): """Refresh an existing token.""" post_data = request.get_json() refresh_token = post_data.get("refresh_token") response_object = {} try: resp = User.decode_token(refresh_token) user = get_user_by_id(resp) if not user: auth_namespace.abort(401, "Invalid token") access_token = user.encode_token(user.id, "access") refresh_token = user.encode_token(user.id, "refresh") response_object = { "access_token": access_token.decode(), "refresh_token": refresh_token.decode(), } return response_object, 200 except jwt.ExpiredSignatureError: auth_namespace.abort(401, "Signature expired. Please log in again.") return "Signature expired. Please log in again." except jwt.InvalidTokenError: auth_namespace.abort(401, "Invalid token. Please log in again.")
def seed_db(): """Seeds the database.""" db.session.add( User(username='******', email='*****@*****.**', password='******')) db.session.commit()
def post(self): post_data = request.get_json() res = {"status": "fail", "message": "invalid payload"} if not post_data: return res, 400 username = post_data.get("username") email = post_data.get("email") password = post_data.get("password") try: user = User.query.filter_by(email=email).first() if not user: db.session.add(User(username=username, email=email, password=password)) db.session.commit() res = {"status": "success", "message": f"{email} was added!"} return res, 201 else: res["message"] = "Sorry. That email already exists." return res, 400 except exc.IntegrityError: db.session.rollback() return res, 400 except (exc.IntegrityError, ValueError): db.session.rollback() return res, 400
def post(self): """Validates credentials and returns access and refresh tokens on success.""" payload = request.get_json() email = payload.get("email") password = payload.get("password") user = get_user_by_email(email) if not user or not user.check_password(password): namespace.abort( 401, f"User with given email {email} or password does not exists") access_token = User.encode_token(user.id, "access").decode() refresh_token = User.encode_token(user.id, "refresh").decode() return { "access_token": access_token, "refresh_token": refresh_token }, 200
def register_user(): post_data = request.get_json() res = {"status": "fail", "message": "Invalid payload."} if not post_data: return jsonify(res), 400 username = post_data.get("username") email = post_data.get("email") password = post_data.get("password") if not username or not email or not password: return jsonify(res), 400 try: user = User.query.filter( or_(User.username == username, User.email == email) ).first() if user: res["message"] = "Sorry, that user already exists." return jsonify(res), 400 else: new_user = User(username=username, email=email, password=password) db.session.add(new_user) db.session.commit() auth_token = new_user.encode_auth_token(new_user.id) current_app.logger.debug(f"Auth Token: {auth_token}, {type(auth_token)}") current_app.logger.debug(f"Auth Token Decode: {auth_token.decode()}") res["status"] = "success" res["message"] = "Successfully registered." res["auth_token"] = auth_token.decode() return jsonify(res), 201 except (exc.IntegrityError, ValueError): db.session.rollback() return jsonify(res), 400
def post(self): """Creates new Access and Refresh tokens.""" payload = request.get_json() refresh_token = payload.get("refresh_token") try: user_id = User.decode_token(refresh_token) user = get_user_by_id(user_id) if not user: namespace.abort(401, "Invalid token") access_token = User.encode_token(user.id, "access").decode() refresh_token = User.encode_token(user.id, "refresh").decode() return { "access_token": access_token, "refresh_token": refresh_token }, 200 except jwt.ExpiredSignature: namespace.abort(401, "Token expired") except jwt.InvalidTokenError: namespace.abort(401, "Invalid token")
def post(self): post_data = request.get_json() username = post_data.get('username') email = post_data.get('email') response_object = {} user = User.query.filter_by(email=email).first() if user: response_object['message'] = 'Sorry. That email already exists.' return response_object, 400 db.session.add(User(username=username, email=email)) db.session.commit() response_object['message'] = f'{email} was added!' return response_object, 201
def logout_user(): # get auth token auth_header = request.headers.get("Authorization") response_object = {"status": "fail", "message": "Provide a valid auth token."} if auth_header: auth_token = auth_header.split(" ")[1] resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): response_object["status"] = "success" response_object["message"] = "Successfully logged out." return jsonify(response_object), 200 else: response_object["message"] = resp return jsonify(response_object), 401 else: return jsonify(response_object), 403
def logout_user(): auth_header = request.headers.get("Authorization") res = {"status": "fail", "message": "Token invalid."} if auth_header: auth_token = auth_header.split(" ")[1] response = User.decode_auth_token(auth_token) if not isinstance(response, str): res["status"] = "success" res["message"] = "Successfully logged out." return jsonify(res), 200 else: res["message"] = response return jsonify(res), 401 else: return jsonify(res), 403
def get_user_status(): auth_header = request.headers.get("Authorization") res = {"status": "fail", "message": "Token invalid."} if auth_header: auth_token = auth_header.split(" ")[1] response = User.decode_auth_token(auth_token) if not isinstance(response, str): user = User.query.filter_by(id=response).first() res["status"] = "success" res["message"] = "Success." res["data"] = user.to_json() return jsonify(res), 200 else: res["message"] = response return jsonify(res), 401 else: return jsonify(res), 401
def get_user_status(): # get auth token auth_header = request.headers.get("Authorization") response_object = {"status": "fail", "message": "Provide a valid auth token."} if auth_header: auth_token = auth_header.split(" ")[1] resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): user = User.query.filter_by(id=resp).first() response_object["status"] = "success" response_object["message"] = "Success." response_object["data"] = user.to_json() return jsonify(response_object), 200 response_object["message"] = resp return jsonify(response_object), 401 else: return jsonify(response_object), 401
def get(self): auth_header = request.headers.get("Authorization") or "" if auth_header: try: access_token = auth_header.split(" ")[1] user_id = User.decode_token(access_token) user = get_user_by_id(user_id) if not user: namespace.abort(401, "Invalid token") return user, 200 except jwt.ExpiredSignatureError: namespace.abort(401, "Token expired") except jwt.InvalidTokenError: namespace.abort(401, "Invalid token") except IndexError: namespace.abort(401, "Invalid token") else: namespace.abort(403, "Access token required")
def get(self): auth_header = request.headers.get("Authorization") if auth_header: try: access_token = auth_header.split(" ")[1] resp = User.decode_token(access_token) user = get_user_by_id(resp) if not user: auth_namespace.abort(401, "Invalid token") return user, 200 except jwt.ExpiredSignatureError: auth_namespace.abort( 401, "Signature expired. Please log in again.") return "Signature expired. Please log in again." except jwt.InvalidTokenError: auth_namespace.abort(401, "Invalid token. Please log in again.") else: auth_namespace.abort(403, "Token required")
def decorator(*args, **kwargs): token = None if 'Authorization' in request.headers: auth_header = request.headers.get("Authorization") token = auth_header resp = User.decode_token(token) if not resp: users_namespace.abort(404, f"a valid token is missing") try: user = get_user_by_id(resp) if not user: users_namespace.abort(404, f"User does not exist") except Exception as e: users_namespace.abort(404, f"a valid token is missing") return f(*args, **kwargs)
def post(self): post_data = request.get_json() response_object = {"status": "fail", "message": "Invalid payload."} if not post_data: return response_object, 400 username = post_data.get("username") email = post_data.get("email") try: user = User.query.filter_by(email=email).first() if not user: db.session.add(User(username=username, email=email)) db.session.commit() response_object["status"] = "success" response_object["message"] = f"{email} was added!" return response_object, 201 else: response_object[ "message"] = "Sorry. That email already exists." return response_object, 400 except exc.IntegrityError: db.session.rollback() return response_object, 400
def refresh(): post_data = request.get_json() refresh_token = post_data['refresh_token'] response_object = {} try: resp = User.decode_token(refresh_token) user = get_user_by_id(resp) if not user: response_object["message"] = "Invalid token" return response_object, 401 access_token = user.encode_token(user.id, "access") refresh_token = user.encode_token(user.id, "refresh") response_object = { "access_token": access_token.decode(), "refresh_token": refresh_token.decode(), } return response_object, 200 except jwt.ExpiredSignatureError: auth_namespace.abort(401, "Signature expired. Please log in again.") return "Signature expired. Please log in again." except jwt.InvalidTokenError: auth_namespace.abort(401, "Invalid token. Please log in again.")
def get_status(): auth_header = request.headers.get("Authorization") response_object = {} if auth_header: try: access_token = auth_header.split(" ")[1] resp = User.decode_token(access_token) user = get_user_by_id(resp) if not user: response_object['message'] = "Invalid token" return response_object, 401 response_object['username'] = user.username response_object['email'] = user.email return response_object, 200 except jwt.ExpiredSignatureError: response_object["message"] = "Signature expired. Please log in again." return response_object, 401 except jwt.InvalidTokenError: response_object["message"] = "Invalid token. Please log in again." return response_object, 401 else: auth_namespace.abort(403, "Token required") response_object["message"] = "Token required." return response_object, 403
def test_decode_token(test_app, test_database, add_user): user = add_user("justatest", "*****@*****.**", "test") token = user.encode_token(user.id, "refresh") assert isinstance(token, bytes) assert User.decode_token(token) == user.id
def _add_user(username, email): user = User(username=username, email=email) db.session.add(user) db.session.commit() return user
def seed_db(): db.session.add(User(username="******", email="*****@*****.**")) db.session.add(User(username="******", email="*****@*****.**")) db.session.commit()