def does_snippet_exist(title=None, snippet_id=None): if title is not None: return db.session.query( db.exists().where(Snippet.name == title)).scalar() if snippet_id is not None: return db.session.query( db.exists().where(Snippet.snippet_id == snippet_id)).scalar()
def does_user_exist(email=None, username=None): if email is not None: # Email is given return db.session.query( db.exists().where(User.email == email)).scalar() if username is not None: # Username is given return db.session.query( db.exists().where(User.username == username)).scalar()
def login_api(): json = request.get_json() email = json.get('email') user_exists = db.session.query( db.exists().where(User.email == email)).scalar() if not user_exists: return {"error": "User doesn't exist"} user = User.query.filter_by(email=email).first() password = json.get('password') if bcrypt.check_password_hash(user.password, password): access_token = create_access_token(identity=user.username, expires_delta=EXPIRY_DELTA) return {"success": access_token} return {"error": "invalid credentials"}
def reset_request(): if request.method == 'POST': if current_user.is_authenticated: return redirect(url_for('auth_view.profile')) email = request.form['email'] email_exists = db.session.query( db.exists().where(User.email == email)).scalar() if email_exists: send_email(User.query.filter_by(email=email).first()) return render_template("request_reset.html", success="An email has been sent to " + email) else: return render_template( "request_reset.html", error="No users have registered with this email address") return render_template("request_reset.html")
def login(): if current_user.is_authenticated: return redirect(url_for("auth_view.profile")) if request.method == "POST": user = db.session.query( db.exists().where(User.email == request.form['email'])).scalar() if user: user = User.query.filter_by(email=request.form['email']).first() password = request.form['password'] if bcrypt.check_password_hash(user.password, password): remember = False if 'remember' in request.form: remember = True login_user(user, remember=remember) return redirect(url_for("auth_view.profile")) return render_template('login.html', error='sdf') return render_template("login.html")
def callback(): # Get authorization code Google sent back to you code = request.args.get("code") # Find out what URL to hit to get tokens that allow you to ask for # things on behalf of a user google_provider_cfg = get_google_provider_cfg() token_endpoint = google_provider_cfg["token_endpoint"] # Prepare and send a request to get tokens! Yay tokens! token_url, headers, body = client.prepare_token_request( token_endpoint, authorization_response=request.url, redirect_url=request.base_url, code=code) token_response = requests.post( token_url, headers=headers, data=body, auth=(GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET), ) # Parse the tokens! client.parse_request_body_response(json.dumps(token_response.json())) # Now that you have tokens (yay) let's find and hit the URL # from Google that gives you the user's profile information, # including their Google profile image and email userinfo_endpoint = google_provider_cfg["userinfo_endpoint"] uri, headers, body = client.add_token(userinfo_endpoint) userinfo_response = requests.get(uri, headers=headers, data=body) # You want to make sure their email is verified. # The user authenticated with Google, authorized your # app, and now you've verified their email through Google! if userinfo_response.json().get("email_verified"): unique_id = userinfo_response.json()["sub"] users_email = userinfo_response.json()["email"] picture = userinfo_response.json()["picture"] users_name = userinfo_response.json()["given_name"] # Juicy part email_exists = db.session.query( db.exists().where(User.email == users_email)).scalar() if email_exists: # User log in user = User.query.filter_by(email=users_email).first() if user.google_login == GOOGLE_LOGIN: login_user(user, remember=True) return redirect(url_for('profile')) else: # TODO add a custom screen return "LOGIN WITH PASSWORD" else: user = User(email=users_email, username=users_name, password=bcrypt.generate_password_hash('getcode'), google_login=GOOGLE_LOGIN) db.session.add(user) db.session.commit() login_user(user) return redirect(url_for('profile')) else: return "User email not available or not verified by Google.", 400