def post(self):
args = register_args.parse_args()
hashed_pass = generate_password_hash(args['password'])
new_user = User(name=args['name'],
password=hashed_pass,
role=args['role'])
saved = new_user.save()
user = updateDocFields(saved)
return user, 201
def basic_authentication(*args, **kwargs):
args = auth_args.parse_args()
if 'token' not in args:
return
token = args['token']
info = verifyToken(token)
if info is None:
return
if 'id' in info:
id = info['id']
db_user = User.objects.with_id(id)
return updateDocFields(db_user)
def put(self, id, account):
args = put_args.parse_args()
target = User.objects.with_id(id)
for key, value in args.items():
if value is not None:
if key == 'password':
target['password'] = generate_password_hash(value)
else:
target[key] = value
target['updatedTime'] = datetime.utcnow()
saved = target.save()
user = updateDocFields(saved)
return user, 200
def post(self):
args = login_args.parse_args()
name = args['name']
password = args['password']
db_user = User.objects(name=name).first()
if db_user is None:
return 404
passed = check_password_hash(db_user['password'], password)
if passed:
user = updateDocFields(db_user)
token = createToken(user['id'])
return user, 200, {'Set-Cookie': f'token={token}'}
return 400
def doc_modifier(doc):
obj = updateDocFields(doc)
db_author = doc.author
obj['author'] = updateDocFields(db_author)
return obj