def auth_register():
"""
Creates a new user in the app
Returns:
Tuple containing the dict of the new user and status code
"""
user_fields = user_schema.load(request.json)
# Check uniqueness of username/email and return aborts instead of getting errors
if User.query.filter_by(username=user_fields["username"]).first():
return abort(400, description="Username is unavailable.")
if User.query.filter_by(email=user_fields["email"]).first():
return abort(400, description="Email already registered.")
user = User()
user.username = user_fields["username"]
user.email = user_fields["email"]
user.password = bcrypt.generate_password_hash(
user_fields["password"]).decode("utf-8")
db.session.add(user)
db.session.commit()
return (jsonify(user_schema.dump(user)), 201)
def auth_register():
current_user = get_jwt_identity()
if current_user:
return redirect(url_for("user.profile"))
new_user = user_schema.load(request.json)
user = register_user_svc(new_user)
if user is None:
return abort(400, description="Email already registered")
return jsonify(user_schema.dump(user))
def auth_login():
user_fields = user_schema.load(request.json, partial=True)
user = login_user_svc(email=user_fields["email"],
password=user_fields["password"])
if not user:
return abort(401, description="Incorrect username and password")
expiry = timedelta(days=1)
access_token = create_access_token(identity=user.id, expires_delta=expiry)
return jsonify({"token": access_token})
def auth_login():
user = login_user_svc(user_schema.load(request.json, partial=True))
if not user:
return abort(401, description="Incorrect username and password")
expiry = timedelta(days=1)
access_token = create_access_token(identity=user.id, expires_delta=expiry)
logger = logging.getLogger('login')
logger.warning('User %s logged in @ [%s], IP: %s.', user.username,
dt.now().strftime("%d/%b/%Y:%H:%M:%S.%f")[:-3],
request.remote_addr)
return jsonify({"token": access_token})
def auth_login():
user_fields = user_schema.load(request.json)
user = User.query.filter_by(email=user_fields["email"]).first()
if not user or not bcrypt.check_password_hash(user.password,
user_fields["password"]):
return abort(401, description="Incorrect username or password")
expiry = timedelta(days=1)
access_token = create_access_token(identity=str(user.id),
expires_delta=expiry)
return jsonify({"token": access_token})
def auth_register():
current_user = get_jwt_identity()
if current_user:
return jsonify({"msg": "Already logged in"}), 200
user_fields = user_schema.load(request.json)
user = register_user_svc(f_name=user_fields["f_name"],
l_name=user_fields["l_name"],
email=user_fields["email"],
bio=user_fields["bio"],
username=user_fields["username"],
password=user_fields["password"])
if user is None:
return abort(400, description="Email already registered")
return jsonify(user_schema.dump(user))
def auth_register():
user_fields = user_schema.load(request.json)
user = User.query.filter_by(email=user_fields["email"]).first()
if user:
return abort(400, description="User already")
user = User()
user.email = user_fields["email"]
user.password = bcrypt.generate_password_hash(
user_fields["password"]).decode("utf-8")
db.session.add(user)
db.session.commit()
return jsonify(user_schema.dump(user))
def auth_login():
"""
Logs the user in using email/password and returns a JWT for authorization to use other endpoints
Returns:
Dict containing the JWT for the user
"""
user_fields = user_schema.load(request.json)
user = User.query.filter_by(email=user_fields["email"]).first()
if not user or not bcrypt.check_password_hash(user.password, user_fields["password"]):
return abort(401, description="Incorrect email and password.")
access_token = create_access_token(identity=str(user.id), expires_delta=timedelta(days=1))
return jsonify({"token": access_token})
def edit_user_account_details():
"""
GET returns the template for the edit account page, when the form is submitted the data is
sent back to the endpoint using POST which updates the users account data.
"""
form = EditUserAccountForm()
if form.validate_on_submit():
if current_user.username != form.username.data and not User.check_unique_username(
form.username.data):
flash("A user already exists with that username.")
elif current_user.email != form.email.data and not User.check_unique_email(
form.email.data):
flash("A user already exists with that email address.")
elif form.new_password.data and not current_user.check_password(
form.current_password.data):
flash("Your current password is incorrect.")
else:
user = User.query.filter_by(id=current_user.id)
data = {}
if form.username.data:
data["username"] = form.username.data
if form.email.data:
data["email"] = form.email.data
if form.confirm_password.data:
data["password"] = bcrypt.generate_password_hash(
form.confirm_password.data).decode("utf-8")
fields = user_schema.load(data, partial=True)
user.update(fields)
db.session.commit()
flash("Account details updated successfully.")
return redirect(url_for("users.get_user_account_details"))
# Prepopulate the form with existing data
form.username.data = current_user.username
form.email.data = current_user.email
return render_template("account_edit.html", form=form)
def update_user(user, user_id):
"""
Updates user details for the current user
Parameters:
user: User
The user object for the user trying to make the request
user_id: integer
The user id number for the user to update
Returns:
Dict of the updated user
"""
user_fields = user_schema.load(request.json, partial=True)
users = User.query.filter_by(id=user.id)
users.update(user_fields)
db.session.commit()
return jsonify(user_schema.dump(users[0]))