Exemplo n.º 1
0
    def post(self):
        claims = get_jwt_claims()

        if 'admin' not in claims['authorities']:
            return {'message': 'You dont have permision to perform this operation'}, 401

        data = parser.parse_args()

        if UserModel.find_by_login(data['login']):
            return {'message': 'User {} already exists'.format(data['login'])}

        new_user = UserModel(
            login=data['login'],
            password=UserModel.generate_hash(data['password']),
            firstName=data['firstName'],
            lastName=data['lastName'],
            email=data['email']
        )

        for authority in data['authorities']:
            new_user_authority = AuthorityModel.find_by_authority_name(authority)
            if new_user_authority:
                new_user.authorities.append(new_user_authority)

        try:
            new_user.save_to_db()

            return {'message': 'User {} was create'.format(new_user.login)}
        except:
            return {'message': 'Something went wrong'}, 500
Exemplo n.º 2
0
    def post(self):
        claims = get_jwt_claims()

        if 'admin' not in claims['roles']:
            return {
                'message': 'You dont have persmision to perform this operation'
            }, 401

        data = parser.parse_args()

        if not data['username'] or not data['password']:
            return {
                'message':
                'Imposible to perform operation... missing parameters'
            }, 400

        user = UserModel.find_by_username(data['username'])

        if not user:
            return {
                'message': 'User {} doesn\'t exists'.format(data['username'])
            }, 401

        user.password = UserModel.generate_hash(data['password'])
        try:
            user.save_to_db()
            return {
                'message':
                'Password for user {} successfully changed'.format(
                    user.username)
            }
        except:
            return {'message': 'Something went wrong'}, 500
Exemplo n.º 3
0
    def post(self):

        data = parser.parse_args()

        if not data['username'] or not data['password'] or not data[
                'old_password']:
            return {
                'message':
                'Imposible to perform operation... missing parameters'
            }, 400

        current_username = get_jwt_identity()

        if current_username != data['username']:
            return {'message': 'Not matching username'}, 400

        user = UserModel.find_by_username(current_username)

        if not user:
            return {
                'message': 'User {} doesn\'t exists'.format(current_username)
            }, 401

        if not UserModel.verify_hash(data['old_password'], user.password):
            return {'message': 'Current password doesn\'t match'}, 403

        user.password = UserModel.generate_hash(data['password'])

        try:
            user.save_to_db()
            return {
                'message':
                'Password for user {} successfully changed'.format(
                    user.username)
            }
        except:
            return {'message': 'Something went wrong'}, 500
Exemplo n.º 4
0
    def post(self):
        claims = get_jwt_claims()

        if 'admin' not in claims['roles']:
            return {
                'message': 'You dont have persmision to perform this operation'
            }, 401

        data = parser.parse_args()

        if UserModel.find_by_username(data['username']):
            return {
                'message': 'User {} already exists'.format(data['username'])
            }

        new_user = UserModel(username=data['username'],
                             password=UserModel.generate_hash(
                                 data['password']),
                             firstName=data['firstName'],
                             lastName=data['lastName'])

        for role in data['roles']:
            new_user_role = RoleModel.find_by_role_name(role)
            if new_user_role:
                new_user.roles.append(new_user_role)

        try:
            new_user.save_to_db()
            # access_token = create_access_token(identity=new_user)
            # refresh_token = create_refresh_token(identity=new_user)
            return {
                'message': 'User {} was created'.format(new_user.username)
                # 'access_token': access_token,
                # 'refresh_token': refresh_token
            }
        except:
            return {'message': 'Something went wrong'}, 500