def post(args): if not safe_str_cmp(args['password'], args['password_confirmation']): return { 'success': False, 'errors': { 'password': ['Password and password confirmation do not match'] } }, 409 user = UserModel.find_by_email(args['email']) if user: return { 'success': False, 'error': 'Email has already been taken' }, 409 is_admin = False if UserModel.count_all() < 1: is_admin = True phone = None if 'phone' in args: phone = args['phone'] hashed_password = UserModel.generate_hash(args['password']) user = UserModel(args['name'], hashed_password, args['email'], phone, is_admin) user.save_to_db() return {'success': True, 'user': user_summary.dump(user).data}, 201
def post(self): parser = reqparse.RequestParser() parser.add_argument('resetPasswordHash', help='This field cannot be blank', required=True, type=str) parser.add_argument('newPassword', help='This field cannot be blank', required=True, type=str) data = parser.parse_args() user = UserModel.find_by_reset_password_hash(data['resetPasswordHash']) if not user: abort(401, message=RESET_PASSWORD_HASH_INVALID) now = datetime.now() hash_age = now - user.reset_password_hash_created # Hash must be younger then 24 hours if divmod(hash_age.total_seconds(), 60 * 60 * 24)[0] > 0.0: abort(401, message=RESET_PASSWORD_HASH_INVALID) if len(data['newPassword']) < 8: abort(400, message=PASSWORD_TOO_SHORT) user.password = UserModel.generate_hash(data['newPassword']) user.reset_password_hash = None user.reset_password_hash_created = None user.persist() access_token = create_access_token(identity=user.username) refresh_token = create_refresh_token(identity=user.username) return AuthResponse(PASSWORD_RESET, user, access_token=access_token, refresh_token=refresh_token), 202
def put(self): password_parser = reqparse.RequestParser() password_parser.add_argument('old_password', help='This field cannot be blank', required=True, type=str) password_parser.add_argument('new_password', help='This field cannot be blank', required=True, type=str) data = password_parser.parse_args() user = UserModel.find_by_username(get_jwt_identity()) if UserModel.verify_hash(data['old_password'], user.password): if len(data['new_password']) < 8: abort(400, message=PASSWORD_TOO_SHORT) user.password = UserModel.generate_hash(data['new_password']) user.persist() return SimpleMessage(PASSWORD_CHANGED), 201 else: abort(401, message=OLD_PASSWORD_INCORRECT)
def add_users(): data = request.get_json() newUser = UserModel(username=data['username'], password=UserModel.generate_hash(data['password'])) try: newUser.save_to_db() return jsonify( {'message': 'User {} was created'.format(data['username'])}) except SQLException.IntegrityError: return jsonify({'message': 'This username is already in use'}), 409 except Exception as e: print('Exception: ', e) return jsonify({'message': 'Something went wrong'}), 500
def post(self): parser = reqparse.RequestParser() parser.add_argument('username', help='This field cannot be blank', required=True, type=str) parser.add_argument('password', help='This field cannot be blank', required=True, type=str) parser.add_argument('email', help='This field cannot be blank', required=True, type=str) data = parser.parse_args() if UserModel.find_by_username(data['username']): abort(409, message=USER_ALREADY_EXISTS) if len(data['username']) < 3: abort(400, message=USERNAME_TOO_SHORT) if not re.match(username_regex, data['username']): abort(400, message=USERNAME_INVALID) if not re.match(email_regex, data['email']): abort(400, message=EMAIL_INVALID) if len(data['password']) < 8: abort(400, message=PASSWORD_TOO_SHORT) new_user = UserModel( username=data['username'], password=UserModel.generate_hash(data['password']), email=data['email'] ) new_account_settings = AccountSettingsModel() try: new_user.persist() new_account_settings.user_id = new_user.id new_account_settings.persist() access_token = create_access_token(identity=data['username']) refresh_token = create_refresh_token(identity=data['username']) return AuthResponse( USER_CREATION_SUCCESS, new_user, access_token=access_token, refresh_token=refresh_token), 201 except: abort(500, message=INTERNAL_SERVER_ERROR)