Exemplo n.º 1
0
    def post(cls, user_id: int):
        """Resend confirmation email."""
        user = UserModel.find_by_id(user_id)

        if not user:
            return {'message': getext("user_not_found")}, 404

        try:
            confirmation = user.most_recent_confirmation
            if confirmation:
                if confirmation.confirmed:
                    return {
                        'message': getext("confirmation_already_confirmed")
                    }, 400
                confirmation.force_to_expire()

            new_confirmation = ConfirmationModel(user_id)
            new_confirmation.save_to_db()
            user.send_confirmation_email()
            return {'message': getext("confirmation_resend_successful")}

        except MailgunException as e:
            return {'message': str(e)}, 500

        except:
            traceback.print_exc()
            return {'message': getext("confirmation_resend_fail")}, 500
Exemplo n.º 2
0
    def post(cls):

        user_json = request.get_json()
        user = user_schema.load(user_json)

        if UserModel.find_by_username(user.username):
            return {"message": getext("user_username_exists")}, 400

        if UserModel.find_by_email(user.email):
            return {"message": getext("user_email_exists")}, 400

        try:
            user.save_to_db()
            confirmation = ConfirmationModel(user.id)
            confirmation.save_to_db()
            user.send_confirmation_email()
            return {"message": getext("user_registered")}, 201

        except MailgunException as e:
            user.delete_from_db()
            return {'message': str(e)}, 500

        except:
            traceback.print_exc()
            user.delete_from_db()
            return {'message': getext("user_error_creating")}, 500
Exemplo n.º 3
0
    def put(cls):
        """All Avatars are named after user's ID.
           Something like this: user_{id}.{ext}
            """

        data = image_schema.load(request.files)
        filename = f"user_{get_jwt_identity()}"
        folder = 'avatars'
        avatar_path = image_helper.find_image_any_format(filename, folder)

        if avatar_path:
            try:
                os.remove(avatar_path)
            except:
                return {'message': getext('avatar_delete_failed')}, 500

        try:
            ext = image_helper.get_extension(data['image'].filename)
            avatar = filename + ext
            avatar_path = image_helper.save_image(data['image'],
                                                  folder=folder,
                                                  name=avatar)
            basename = image_helper.get_basename(avatar_path)

            return {'message': getext('avatar_uploaded').format(basename)}, 200

        except UploadNotAllowed:
            extension = image_helper.get_extension(data['image'])
            return {
                'message': getext('image_illegal_extension').format(extension)
            }, 400
Exemplo n.º 4
0
    def delete(cls, user_id: int):
        user = UserModel.find_by_id(user_id)

        if not user:
            return {"message": getext("user_not_found")}, 404

        user.delete_from_db()
        return {"message": getext("user_deleted")}, 200
Exemplo n.º 5
0
    def delete(cls, name: str):
        store = StoreModel.find_by_name(name)

        if not store:
            return {"message": getext("store_not_found")}, 404

        store.delete_from_db()
        return {"message": getext("store_deleted")}
Exemplo n.º 6
0
    def post(cls, name: str):
        if StoreModel.find_by_name(name):
            return (
                {"message": getext("store_name_exists".format(name))},
                400,
            )

        store = StoreModel(name=name)
        try:
            store.save_to_db()
        except:
            return {"message": getext("store_error_inserting")}, 500

        return store_schema.dump(store), 201
Exemplo n.º 7
0
    def post(cls):
        data = image_schema.load(request.files)  # {'image': FileStorage}
        user_id = get_jwt_identity()
        folder = f"user_{user_id}"

        try:
            image_path = image_helper.save_image(data['image'], folder=folder)
            basename = image_helper.get_basename(image_path)
            return {'message': getext('image_uploaded').format(basename)}, 201

        except UploadNotAllowed:
            extension = image_helper.get_extension(data['image'])
            return {
                'message': getext('image_illegal_extension').format(extension)
            }, 400
Exemplo n.º 8
0
    def get(cls, filename: str):
        """
            Returns the requested image if exists. Looks up into logged in user folder.
        """

        user_id = get_jwt_identity()
        folder = f"user_{user_id}"
        if not image_helper.is_filename_safe(filename):
            return {
                'message': getext('image_illegal_filename').format(filename)
            }, 400

        try:
            return send_file(image_helper.get_path(filename, folder))
        except FileNotFoundError:
            return {'message': getext('image_not_found').format(filename)}, 404
Exemplo n.º 9
0
    def get(cls, user_id: int):
        folder = 'avatars'
        filename = f"user_{user_id}"
        avatar = image_helper.find_image_any_format(filename, folder)

        if avatar:
            return send_file(avatar)
        return {'message': getext('avatar_not_found')}, 404
Exemplo n.º 10
0
    def delete(cls, filename: str):
        user_id = get_jwt_identity()
        folder = f"user_{user_id}"

        if not image_helper.is_filename_safe(filename):
            return {
                'message': getext('image_illegal_filename').format(filename)
            }, 400

        try:
            os.remove(image_helper.get_path(filename, folder=folder))
            return {'message': getext('image_deleted').format(filename)}, 200
        except FileNotFoundError:
            return {'message': getext('image_not_found').format(filename)}, 404
        except:
            traceback.print_exc()
            return {'message': getext('image_delete_failed')}, 500
Exemplo n.º 11
0
    def post(cls, name: str):
        if ItemModel.find_by_name(name):
            return (
                {
                    "message": getext("item_name_exists".format(name))
                },
                400,
            )

        item_json = request.get_json()
        item_json['name'] = name

        item = item_schema.load(item_json)

        try:
            item.save_to_db()
        except:
            return {"message": getext("item_error_inserting")}, 500

        return item_schema.dump(item), 201
Exemplo n.º 12
0
    def post(cls):

        user_json = request.get_json()
        user_data = user_schema.load(user_json, partial=('email', ))

        user = UserModel.find_by_username(user_data.username)

        if user and safe_str_cmp(user.password, user_data.password):
            confirmation = user.most_recent_confirmation
            if confirmation and confirmation.confirmed:
                access_token = create_access_token(identity=user.id,
                                                   fresh=True)
                refresh_token = create_refresh_token(user.id)
                return {
                    "access_token": access_token,
                    "refresh_token": refresh_token
                }, 200
            return {'message': getext("user_not_confirmed".format(user.email))}

        return {"message": getext("user_invalid_credentials")}, 401
Exemplo n.º 13
0
    def get(cls, confirmation_id: str):
        confirmation = ConfirmationModel.find_by_id(confirmation_id)

        if not confirmation:
            return {'message': getext("confirmation_not_found")}, 404

        if confirmation.expired:
            return {'message': getext("confirmation_link_expired")}, 400

        if confirmation.confirmed:
            return {'message': getext("confirmation_already_confirmed")}, 400

        confirmation.confirmed = True
        confirmation.save_to_db()

        headers = {'Content-Type': 'text/html'}

        return make_response(
            render_template('confirmation_page.html',
                            email=confirmation.user.email), 200, headers)
Exemplo n.º 14
0
    def send_email(cls, email: List[str], subject: str, text: str,
                   html: str) -> Response:
        if cls.MAILGUN_API_KEY is None:
            raise MailgunException(getext("mailgun_failed_load_api_key"))

        if cls.MAILGUN_DOMAIN is None:
            raise MailgunException(getext("mailgun_failed_load_domain"))

        response = post(
            f"https://api.mailgun.net/v3/{cls.MAILGUN_DOMAIN}/messages",
            auth=("api", cls.MAILGUN_API_KEY),
            data={
                'from': f"{cls.FROM_TITLE} <{cls.FROM_EMAIL}>",
                'to': email,
                'subject': subject,
                'text': text,
                'html': html,
            },
        )

        if response.status_code != 200:
            raise MailgunException(getext("mailgun_error_send_email"))

        return response
Exemplo n.º 15
0
    def get(cls, user_id: int):
        """Returns confirmation for a given user. Use for testing."""
        user = UserModel.find_by_id(user_id)

        if not user:
            return {'message': getext("user_not_found")}, 404

        return (
            {
                'current_time':
                int(time()),
                'confirmation': [
                    confirmation_schema.dump(each) for each in
                    user.confirmation.order_by(ConfirmationModel.expire_at)
                ],
            },
            200,
        )
Exemplo n.º 16
0
 def post(cls):
     jti = get_raw_jwt()["jti"]
     user_id = get_jwt_identity()
     Blacklist.add(jti)
     return {"message": getext("user_logged_out".format(user_id))}, 200
Exemplo n.º 17
0
 def get(cls, name: str):
     item = ItemModel.find_by_name(name)
     if item:
         return item_schema.dump(item)
     return {"message": getext("item_not_found")}, 404
Exemplo n.º 18
0
    def get(cls, user_id: int):
        user = UserModel.find_by_id(user_id)
        if not user:
            return {"message": getext("user_not_found")}, 404

        return user_schema.dump(user)
Exemplo n.º 19
0
 def delete(cls, name: str):
     item = ItemModel.find_by_name(name)
     if item:
         item.delete_from_db()
         return {"message": getext("item_deleted")}
     return {"message": getext("item_not_found")}, 404
Exemplo n.º 20
0
 def get(cls, name: str):
     store = StoreModel.find_by_name(name)
     if store:
         return store_schema.dump(store), 200
     return {"message": getext("store_not_found")}, 404