예제 #1
0
    def post(self):
        args = register_parser.parse_args()
        failed_msg = validate_registration(args)
        if failed_msg:
            return {'message': failed_msg}, 422
        new_username = args['username'].lower()
        new_email = args['email'].lower()
        try:
            cursor = mysql.get_db().cursor()
            username = username_exists(cursor, new_username)
            email = email_exists(cursor, new_email)
        except OperationalError as e:
            return error_resp(e)

        if username or email:
            return {
                'message':
                f'{"username " if username else "email "}'
                'already exist'
            }, 409

        pwd_hash = bcrypt.generate_password_hash(
            args['password'].encode('utf-8'))

        try:
            sql = '''
            INSERT INTO user (username, password)
            VALUES (%s, %s)
            '''
            cursor.execute(sql, (new_username, pwd_hash))
            new_user_id = cursor.lastrowid

            sql = '''
            INSERT INTO email (address, user_id)
            VALUES (%s, %s)
            '''
            cursor.execute(sql, (new_email, new_user_id))
            new_email_id = cursor.lastrowid

            sql = '''
            INSERT INTO user_primary_email (user_id, email_id)
            VALUES (%s, %s)
            '''
            cursor.execute(sql, (new_user_id, new_email_id))
            mysql.get_db().commit()
        except OperationalError as e:
            return error_resp(e)

        mail_disabled = True  # disable mail sending
        if not mail_disabled:
            email = '*****@*****.**'  # temporary recipient
            token = generate_email_token(email)
            url = request.url_root + f'confirm-email/{token}'
            send_confirmation_email(url, email)

        return {
            'message': f'user {new_username} registered',
            'username': new_username,
            'email': new_email
        }
예제 #2
0
 def delete(self):
     user = get_jwt_identity()
     if not is_admin(user):
         return {'message': 'unauthorized user'}, 401
     aid = self.del_parser.parse_args()['id']
     self.db = mysql.get_db()
     return self.delete_announcement(aid)
예제 #3
0
    def post(self):
        user = get_jwt_identity()
        if not is_admin(user):
            return {'message': 'unauthorized user'}, 401

        args = self.ano_parser.parse_args()
        title = args['title']
        body = args['body']

        uid = user['id']
        self.db = mysql.get_db()
        return self.make_announcement(uid, title, body)
예제 #4
0
    def post(self):
        args = login_parser.parse_args()
        if len(args['userid']) > 100:
            return {
                'message':
                'username or email should be '
                'less than 100 characters'
            }, 400
        try:
            cursor = mysql.get_db().cursor()
            sql = '''
            SELECT user.id, password, username FROM user JOIN email
            ON user.id = email.user_id
            WHERE email.address = %s or user.username = %s
            '''
            cursor.execute(sql, (args['userid'], args['userid']))
            result = cursor.fetchone()
        except OperationalError as e:
            return error_resp(e)

        if not result:
            return ({'message': 'incorrect userid/password combination'}, 409)

        user_id, password, username = result
        if bcrypt.check_password_hash(password.decode('utf-8'),
                                      args['password']):
            access_token = create_access_token(identity=user_id)
            refresh_token = create_refresh_token(identity=user_id)
            resp_body = {
                'message': f'username {username} '
                f'logged in successfully'
            }

            resp = jsonify(resp_body)
            set_access_cookies(resp, access_token)
            set_refresh_cookies(resp, refresh_token)
            return resp

        return ({'message': 'incorrect userid/password combination'}, 409)
예제 #5
0
    def get(self):
        current_user = get_jwt_identity()
        try:
            cursor = mysql.get_db().cursor()

            sql = '''
            SELECT username, password, address FROM email 
            JOIN user_primary_email
            ON email.user_id = user_primary_email.user_id
            JOIN user 
            ON email.user_id = user.id
            WHERE user.id = %s
            '''
            cursor.execute(sql, (current_user, ))
            username, password, address = cursor.fetchone()

            sql = '''
            SELECT address, confirmed FROM email
            WHERE user_id = %s
            '''
            cursor.execute(sql, (current_user, ))
            emails = cursor.fetchall()
        except OperationalError as e:
            return error_resp(e)

        email_list = [{
            'email': email,
            'confirmed': bool(confirmed)
        } for email, confirmed in emails]

        return {
            'username': username,
            'primary_email': address,
            'all_email': email_list,
            'hashed_password': password.decode('utf-8')
        }
예제 #6
0
 def post(self):
     args = self.admin_parser.parse_args()
     admin = args['admin_user']
     password = args['admin_password']
     return self.login(mysql.get_db(), admin, password)
예제 #7
0
    def post(self):
        args = self.reg_parser.parse_args()
        username = args['login']
        password = args['password']

        return self.register(mysql.get_db(), username, password)
예제 #8
0
 def _get_db_conn(self):
     try:
         return mysql.get_db()
     except OperationalError as e:
         print(e)
         return abort(500)
예제 #9
0
 def get(self):
     self.db = mysql.get_db()
     return self.get_announcement()