def refresh_user_token(): response_object = { "status": "fail", "message": "Provide a valid refresh token." } auth_header = request.headers.get("Authorization") if not auth_header: return jsonify(response_object), 403 refresh_token = auth_header.split(" ")[1] try: resp = UserModel.decode_token(refresh_token) user = UserModel.find_by_id(resp) if not user: response_object["status"] = "fail" response_object["message"] = "Invalid token" return jsonify(response_object), 401 new_access_token = user.encode_token(user.id, "access") new_refresh_token = user.encode_token(user.id, "refresh") response_object = { "status": "success", "access_token": new_access_token.decode(), "refresh_token": new_refresh_token.decode(), } return response_object, 200 except jwt.ExpiredSignatureError: response_object["status"] = "fail" response_object["message"] = "Signature expired. Please log in again." return jsonify(response_object), 401 except jwt.InvalidTokenError: response_object["status"] = "fail" response_object["message"] = "Invalid token. Please log in again.." return jsonify(response_object), 401
def test_add_user_duplicate_email(self): user_data = TestData.user_data_model_1 user = UserModel(**user_data) db.session.add(user) db.session.commit() duplicate_user = UserModel(**user_data) db.session.add(duplicate_user) self.assertRaises(IntegrityError, db.session.commit)
def post(cls, user_id: int): """Resend confirmation email""" response_object = {"status": "fail", "message": "User Not found"} user = UserModel.find_by_id(_id=user_id) if not user: return response_object, 404 try: confirmation = user.most_recent_confirmation if confirmation: if confirmation.confirmed: response_object["message"] = "Already confirmed" return response_object, 400 confirmation.force_to_expire() new_confirmation = ConfirmationModel(user_id) new_confirmation.save_to_db() user.send_confirmation_mail() response_object["status"] = "success" response_object[ "message"] = "Email confirmation successfully resent" return response_object, 201 except MailGunException as e: response_object["message"] = str(e) user.delete_from_db() return response_object, 500 except Exception: traceback.print_exc() user.delete_from_db() response_object[ "message"] = "Internal Server Error. Failed to resend confirmation email" return response_object, 500
def test_add_user_duplicate_email(self): """Ensure error is thrown if the email already exists.""" user_auth = TestData.user_data_model_1 token = TestUtils.user_login(user_auth, self.client) admin_user = UserModel.find_by_email(user_auth["email"]) admin_user.admin = True admin_user.save_to_db() TestUtils.confirm_user(admin_user.id) for user_type in ("retail", "wholesale"): if user_type == "wholesale": new_user = TestData.user_wholesale_data else: new_user = TestData.user_retail_data with self.client: self.client.post( f"/users/{user_type}", data=json.dumps(new_user), content_type="application/json", headers={"Authorization": f"Bearer {token}"}, ) response = self.client.post( f"/users/{user_type}", data=json.dumps(new_user), content_type="application/json", headers={"Authorization": f"Bearer {token}"}, ) data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 400) self.assertIn("Sorry. That email already exists.", data["message"]) self.assertIn("fail", data["status"])
def test_add_user(self): """Ensure a new user can be added to the database.""" user_auth = TestData.user_data_model_1 token = TestUtils.user_login(user_auth, self.client) admin_user = UserModel.find_by_email(user_auth["email"]) admin_user.admin = True admin_user.save_to_db() TestUtils.confirm_user(admin_user.id) for user_type in ("retail", "wholesale"): if user_type == "wholesale": new_user = TestData.user_wholesale_data else: new_user = TestData.user_retail_data with self.client: response = self.client.post( f"/users/{user_type}", data=json.dumps(new_user), content_type="application/json", headers={"Authorization": f"Bearer {token}"}, ) data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 201) self.assertIn(f"{new_user['email']} was added!", data["message"]) self.assertIn("success", data["status"])
def add_user(cls, username, email, password, user_type=None): user = UserModel( username=username, email=email, password=password, user_type=user_type ) db.session.add(user) db.session.commit() return user
def index(): if request.method == "POST": username = request.form["username"] email = request.form["email"] password = request.form["password"] db.session.add( UserModel(username=username, email=email, password=password)) db.session.commit() users = UserModel.query.all() return render_template("index.html", users=users)
def test_add_user(self): user = UserModel(**TestData.user_data_model_1) db.session.add(user) db.session.commit() confirmation = ConfirmationModel(user.id) confirmation.save_to_db() self.assertTrue(user.id) self.assertEqual(user.username, TestData.user_data_model_1["username"]) self.assertEqual(user.email, TestData.user_data_model_1["email"]) self.assertFalse(user.most_recent_confirmation.confirmed) self.assertTrue(user.password) self.assertFalse(user.admin)
def decorated_function(*args, **kwargs): response_object = { "status": "fail", "message": "Provide a valid auth token." } auth_header = request.headers.get("Authorization") if not auth_header: return response_object, 403 auth_token = auth_header.split(" ")[1] resp = UserModel.decode_token(auth_token) if isinstance(resp, str): response_object["message"] = resp return response_object, 401 user = UserModel.find_by_id(_id=resp) if not user: return response_object, 401 confirmation = user.most_recent_confirmation if not confirmation or not confirmation.confirmed: response_object[ "message"] = "You have not confirmed registration. Please check your email." return response_object, 401 return f(resp, *args, **kwargs)
def get(cls, user_id: int): """Returns confirmation for specific user""" response_object = {"status": "fail"} user = UserModel.find_by_id(_id=user_id) if not user: return response_object, 404 else: response_object["status"] = "success" response_object["current_time"] = int(time()) response_object["confirmation"] = [ each.json() for each in user.confirmation.order_by( ConfirmationModel.expire_at) ] return response_object, 200
def add_user_to_db(username, password, email, user_type, street_name, street_number, city, zip_code): new_user = UserModel(username=username, password=password, email=email, user_type=user_type) db.session.add(new_user) # add address new_address = AddressModel( street_name=street_name, street_number=street_number, city=city, zip_code=zip_code, ) db.session.add(new_address) db.session.commit() return new_user, new_address
def test_add_user_invalid_json(self): """Ensure error is thrown if the JSON object is empty.""" user_auth = TestData.user_data_model_1 token = TestUtils.user_login(user_auth, self.client) admin_user = UserModel.find_by_email(user_auth["email"]) admin_user.admin = True admin_user.save_to_db() TestUtils.confirm_user(admin_user.id) for user_type in ("retail", "wholesale"): with self.client: response = self.client.post( f"/users/{user_type}", data=json.dumps({}), content_type="application/json", headers={"Authorization": f"Bearer {token}"}, ) data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 400) self.assertIn("Invalid Payload", data["message"]) self.assertIn("fail", data["status"])
def test_add_user_invalid_json_keys_no_password(self): """ Ensure error is thrown if the JSON object does not have a password key. """ user_auth = TestData.user_data_model_1 token = TestUtils.user_login(user_auth, self.client) user = UserModel.find_by_email(TestData.user_data_model_1["email"]) user.admin = True user.save_to_db() for user_type in ("retail", "wholesale"): with self.client: response = self.client.post( f"/users/{user_type}", data=json.dumps( dict(username="******", email="*****@*****.**")), content_type="application/json", headers={"Authorization": f"Bearer {token}"}, ) data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 400) self.assertIn("Invalid Payload", data["message"]) self.assertIn("fail", data["status"])
def seed_db(): """Seeds the database.""" user_1_s = UserModel( username="******", email="*****@*****.**", password="******", admin=True, user_type=UserType.wholesale, ) db.session.add(user_1_s) db.session.commit() user_2_s = UserModel( username="******", email="*****@*****.**", password="******", user_type=UserType.wholesale, ) db.session.add(user_2_s) user_3_r = UserModel( username="******", email="*****@*****.**", password="******" ) db.session.add(user_3_r) user_4_r = UserModel( username="******", email="*****@*****.**", password="******" ) db.session.add(user_4_r) db.session.commit() confirmation_1 = ConfirmationModel(user_1_s.id, confirmed=True) confirmation_1.save_to_db() confirmation_2 = ConfirmationModel(user_2_s.id, confirmed=True) confirmation_2.save_to_db() confirmation_3 = ConfirmationModel(user_3_r.id, confirmed=True) confirmation_3.save_to_db() confirmation_4 = ConfirmationModel(user_4_r.id, confirmed=True) confirmation_4.save_to_db() # add suppliers supplier_1 = SupplierModel(user_id=user_1_s.id) db.session.add(supplier_1) supplier_2 = SupplierModel(user_id=user_2_s.id) db.session.add(supplier_2) # add retailers retailer_1 = RetailerModel(user_id=user_3_r.id) db.session.add(retailer_1) retailer_2 = RetailerModel(user_id=user_4_r.id) db.session.add(retailer_2) retailer_1.suppliers.append(supplier_1) retailer_1.suppliers.append(supplier_2) retailer_2.suppliers.append(supplier_2) db.session.commit() # add addresses address_1 = AddressModel( street_name="Agaiou", street_number="46", city="Rafina", zip_code="190 09", ) db.session.add(address_1) address_2 = AddressModel( street_name="Στρ. Νικ. Πλαστήρα", street_number="ΠΛΑΤΕΙΑ", city="Ραφηνα", zip_code="190 09", ) db.session.add(address_2) address_3 = AddressModel( street_name="Dimarchou Christou Mpeka", street_number="8", city="Spata", zip_code="190 04", ) db.session.add(address_3) address_4 = AddressModel( street_name="Thessalonikis", street_number="119", city="Athens", zip_code="118 52", ) db.session.add(address_4) address_5 = AddressModel( street_name="Τρωων", street_number="115", city="Athens", zip_code="118 52", ) db.session.add(address_5) address_6 = AddressModel( street_name="Τρωων", street_number="125", city="Athens", zip_code="118 52", ) db.session.add(address_6) # commit for addresses db.session.commit() # add stores store_1 = StoreModel( retailer_id=retailer_1.id, store_name="store_1", store_type=StoreType.cafeBar.name, address_id=address_4.id, ) db.session.add(store_1) store_2 = StoreModel( retailer_id=retailer_2.id, store_name="store_2", store_type=StoreType.quick_service_restaurant.name, address_id=address_5.id, ) db.session.add(store_2) store_3 = StoreModel( retailer_id=retailer_2.id, store_name="store_3", store_type=StoreType.other.name, address_id=address_6.id, ) db.session.add(store_3) # add companies company_1 = CompanyModel( supplier_id=supplier_1.id, company_name="company_1", address_id=address_1.id, company_type=CompanyType.meat_and_poultry, ) db.session.add(company_1) company_2 = CompanyModel( supplier_id=supplier_1.id, company_name="company_2", company_type=CompanyType.meat_and_poultry, address_id=address_2.id, ) db.session.add(company_2) company_3 = CompanyModel( supplier_id=supplier_2.id, company_name="company_3", company_type=CompanyType.coffee_and_drinks, address_id=address_3.id, ) db.session.add(company_3) db.session.commit()
def test_decode_refresh_token(self): user = TestUtils.add_user(**TestData.user_data_model_1) auth_token = user.encode_token(user.id, "refresh") self.assertTrue(isinstance(auth_token, bytes)) self.assertEqual(UserModel.decode_token(auth_token), user.id)