Exemplo n.º 1
0
    def post(self):
        """
        """

        roles_schema = RoleSchema()

        roles_data = request.get_json()

        validated_role_data, errors = roles_schema.load(roles_data)

        role_name = validated_role_data.get('name', None)

        if errors:
            return dict(status="fail", message=errors), 400

        role_existant = Role.find_first(name=role_name)

        if role_existant:
            return dict(
                status="fail",
                message=f"Role {validated_role_data['name']} Already Exists."
                ), 400

        role = Role(**validated_role_data)
        saved_role = role.save()

        if not saved_role:
            return dict(status='fail', message=f'Internal Server Error'), 500

        new_role_data, errors = roles_schema.dumps(role)

        return dict(
            status='success',
            data=dict(role=json.loads(new_role_data))
            ), 201
Exemplo n.º 2
0
    def post(self):
        """
        """

        user_schema = UserSchema()

        user_data = request.get_json()

        validated_user_data, errors = user_schema.load(user_data)

        email = validated_user_data.get('email', None)
        client_base_url = os.getenv('CLIENT_BASE_URL',
                                    f'https://{request.host}/users')

        # To do change to a frontend url
        verification_url = f"{client_base_url}/verify/"
        secret_key = current_app.config["SECRET_KEY"]
        password_salt = current_app.config["VERIFICATION_SALT"]
        sender = current_app.config["MAIL_DEFAULT_SENDER"]
        template = "user/verify.html"
        subject = "Please confirm your email"

        if errors:
            return dict(status="fail", message=errors), 400

        # get the customer role
        user_role = Role.find_first(name='customer')

        user_existant = User.query.filter_by(email=email).first()

        if user_existant:
            return dict(
                status="fail",
                message=f"Email {validated_user_data['email']} already in use."
            ), 400

        user = User(**validated_user_data)

        if user_role:
            user.roles.append(user_role)

        saved_user = user.save()

        if not saved_user:
            return dict(status='fail', message=f'Internal Server Error'), 500

        # send verification
        send_verification(email, user.name, verification_url, secret_key,
                          password_salt, sender,
                          current_app._get_current_object(), template, subject)

        new_user_data, errors = user_schema.dumps(user)

        return dict(status='success',
                    data=dict(user=json.loads(new_user_data))), 201
Exemplo n.º 3
0
    def post(self):
        """
        """

        user_schema = UserSchema(only=("email", "password"))

        token_schema = UserSchema()

        login_data = request.get_json()

        validated_user_data, errors = user_schema.load(login_data)

        if errors:
            return dict(status='fail', message=errors), 400

        email = validated_user_data.get('email', None)
        password = validated_user_data.get('password', None)

        user = User.find_first(email=email)
        admin_role = Role.find_first(name='administrator')

        if not user or not admin_role or (admin_role not in user.roles):
            return dict(status='fail', message="login failed"), 401

        if not user.verified:
            return dict(status='fail',
                        message='Email not verified',
                        data=dict(verified=user.verified)), 401

        user_dict, errors = token_schema.dump(user)

        if user and user.password_is_valid(password):

            access_token = user.generate_token(user_dict)

            if not access_token:
                return dict(status="fail",
                            message="Internal Server Error"), 500

            return dict(status='success',
                        data=dict(
                            access_token=access_token,
                            email=user.email,
                            username=user.username,
                            verified=user.verified,
                            id=str(user.id),
                        )), 200

        return dict(status='fail', message="login failed"), 401
Exemplo n.º 4
0
def create_default_roles():
    admin = 'administrator'
    user = '******'

    # create admin role
    admin_role = Role.find_first(name=admin)

    if not admin_role:
        try:
            admin_role = Role(name=admin)
            admin_role.save()
        except Exception as e:
            print(str(e))
            return
    # create user role
    user_role = Role.find_first(name=user)

    if not user_role:
        try:
            user_role = Role(name=user)
            user_role.save()
        except Exception as e:
            print(str(e))
            return
Exemplo n.º 5
0
def create_superuser(email, password, confirm_password):

    email_pattern = re.compile(r"\"?([-a-zA-Z0-9.`?{}]+@\w+\.\w+)\"?")

    # check passwords match
    if password != confirm_password:
        print("Passwords do not match")
        return

    # check email is of valid format
    if not re.match(email_pattern, email):
        print("Wrong email format")
        return

    # check administrator role exists
    admin_role = Role.find_first(**{'name': 'administrator'})

    if not admin_role:
        try:
            admin_role = Role(name='administrator')
            admin_role.save()
        except Exception as e:
            print(str(e))
            return

    # create admin user
    try:
        admin_user = User.find_first(**{'email': email})
        if admin_user:
            print(f'email {email} already in use')
            return

        admin_user = User(email=email, name='admin', password=password)
        admin_user.verified = True
        admin_user.roles.append(admin_role)
        admin_user.save()
        print("Admin user created successfully")
        print('password: ', password)
        return
    except Exception as e:
        print(str(e))
        return