def post(cls, user_id: int): """Resend confirmation email.""" user = UserModel.find_by_id(user_id) if not user: return {'message': getext("user_not_found")}, 404 try: confirmation = user.most_recent_confirmation if confirmation: if confirmation.confirmed: return { 'message': getext("confirmation_already_confirmed") }, 400 confirmation.force_to_expire() new_confirmation = ConfirmationModel(user_id) new_confirmation.save_to_db() user.send_confirmation_email() return {'message': getext("confirmation_resend_successful")} except MailgunException as e: return {'message': str(e)}, 500 except: traceback.print_exc() return {'message': getext("confirmation_resend_fail")}, 500
def post(cls): user_json = request.get_json() user = user_schema.load(user_json) if UserModel.find_by_username(user.username): return {"message": getext("user_username_exists")}, 400 if UserModel.find_by_email(user.email): return {"message": getext("user_email_exists")}, 400 try: user.save_to_db() confirmation = ConfirmationModel(user.id) confirmation.save_to_db() user.send_confirmation_email() return {"message": getext("user_registered")}, 201 except MailgunException as e: user.delete_from_db() return {'message': str(e)}, 500 except: traceback.print_exc() user.delete_from_db() return {'message': getext("user_error_creating")}, 500
def put(cls): """All Avatars are named after user's ID. Something like this: user_{id}.{ext} """ data = image_schema.load(request.files) filename = f"user_{get_jwt_identity()}" folder = 'avatars' avatar_path = image_helper.find_image_any_format(filename, folder) if avatar_path: try: os.remove(avatar_path) except: return {'message': getext('avatar_delete_failed')}, 500 try: ext = image_helper.get_extension(data['image'].filename) avatar = filename + ext avatar_path = image_helper.save_image(data['image'], folder=folder, name=avatar) basename = image_helper.get_basename(avatar_path) return {'message': getext('avatar_uploaded').format(basename)}, 200 except UploadNotAllowed: extension = image_helper.get_extension(data['image']) return { 'message': getext('image_illegal_extension').format(extension) }, 400
def delete(cls, user_id: int): user = UserModel.find_by_id(user_id) if not user: return {"message": getext("user_not_found")}, 404 user.delete_from_db() return {"message": getext("user_deleted")}, 200
def delete(cls, name: str): store = StoreModel.find_by_name(name) if not store: return {"message": getext("store_not_found")}, 404 store.delete_from_db() return {"message": getext("store_deleted")}
def post(cls, name: str): if StoreModel.find_by_name(name): return ( {"message": getext("store_name_exists".format(name))}, 400, ) store = StoreModel(name=name) try: store.save_to_db() except: return {"message": getext("store_error_inserting")}, 500 return store_schema.dump(store), 201
def post(cls): data = image_schema.load(request.files) # {'image': FileStorage} user_id = get_jwt_identity() folder = f"user_{user_id}" try: image_path = image_helper.save_image(data['image'], folder=folder) basename = image_helper.get_basename(image_path) return {'message': getext('image_uploaded').format(basename)}, 201 except UploadNotAllowed: extension = image_helper.get_extension(data['image']) return { 'message': getext('image_illegal_extension').format(extension) }, 400
def get(cls, filename: str): """ Returns the requested image if exists. Looks up into logged in user folder. """ user_id = get_jwt_identity() folder = f"user_{user_id}" if not image_helper.is_filename_safe(filename): return { 'message': getext('image_illegal_filename').format(filename) }, 400 try: return send_file(image_helper.get_path(filename, folder)) except FileNotFoundError: return {'message': getext('image_not_found').format(filename)}, 404
def get(cls, user_id: int): folder = 'avatars' filename = f"user_{user_id}" avatar = image_helper.find_image_any_format(filename, folder) if avatar: return send_file(avatar) return {'message': getext('avatar_not_found')}, 404
def delete(cls, filename: str): user_id = get_jwt_identity() folder = f"user_{user_id}" if not image_helper.is_filename_safe(filename): return { 'message': getext('image_illegal_filename').format(filename) }, 400 try: os.remove(image_helper.get_path(filename, folder=folder)) return {'message': getext('image_deleted').format(filename)}, 200 except FileNotFoundError: return {'message': getext('image_not_found').format(filename)}, 404 except: traceback.print_exc() return {'message': getext('image_delete_failed')}, 500
def post(cls, name: str): if ItemModel.find_by_name(name): return ( { "message": getext("item_name_exists".format(name)) }, 400, ) item_json = request.get_json() item_json['name'] = name item = item_schema.load(item_json) try: item.save_to_db() except: return {"message": getext("item_error_inserting")}, 500 return item_schema.dump(item), 201
def post(cls): user_json = request.get_json() user_data = user_schema.load(user_json, partial=('email', )) user = UserModel.find_by_username(user_data.username) if user and safe_str_cmp(user.password, user_data.password): confirmation = user.most_recent_confirmation if confirmation and confirmation.confirmed: access_token = create_access_token(identity=user.id, fresh=True) refresh_token = create_refresh_token(user.id) return { "access_token": access_token, "refresh_token": refresh_token }, 200 return {'message': getext("user_not_confirmed".format(user.email))} return {"message": getext("user_invalid_credentials")}, 401
def get(cls, confirmation_id: str): confirmation = ConfirmationModel.find_by_id(confirmation_id) if not confirmation: return {'message': getext("confirmation_not_found")}, 404 if confirmation.expired: return {'message': getext("confirmation_link_expired")}, 400 if confirmation.confirmed: return {'message': getext("confirmation_already_confirmed")}, 400 confirmation.confirmed = True confirmation.save_to_db() headers = {'Content-Type': 'text/html'} return make_response( render_template('confirmation_page.html', email=confirmation.user.email), 200, headers)
def send_email(cls, email: List[str], subject: str, text: str, html: str) -> Response: if cls.MAILGUN_API_KEY is None: raise MailgunException(getext("mailgun_failed_load_api_key")) if cls.MAILGUN_DOMAIN is None: raise MailgunException(getext("mailgun_failed_load_domain")) response = post( f"https://api.mailgun.net/v3/{cls.MAILGUN_DOMAIN}/messages", auth=("api", cls.MAILGUN_API_KEY), data={ 'from': f"{cls.FROM_TITLE} <{cls.FROM_EMAIL}>", 'to': email, 'subject': subject, 'text': text, 'html': html, }, ) if response.status_code != 200: raise MailgunException(getext("mailgun_error_send_email")) return response
def get(cls, user_id: int): """Returns confirmation for a given user. Use for testing.""" user = UserModel.find_by_id(user_id) if not user: return {'message': getext("user_not_found")}, 404 return ( { 'current_time': int(time()), 'confirmation': [ confirmation_schema.dump(each) for each in user.confirmation.order_by(ConfirmationModel.expire_at) ], }, 200, )
def post(cls): jti = get_raw_jwt()["jti"] user_id = get_jwt_identity() Blacklist.add(jti) return {"message": getext("user_logged_out".format(user_id))}, 200
def get(cls, name: str): item = ItemModel.find_by_name(name) if item: return item_schema.dump(item) return {"message": getext("item_not_found")}, 404
def get(cls, user_id: int): user = UserModel.find_by_id(user_id) if not user: return {"message": getext("user_not_found")}, 404 return user_schema.dump(user)
def delete(cls, name: str): item = ItemModel.find_by_name(name) if item: item.delete_from_db() return {"message": getext("item_deleted")} return {"message": getext("item_not_found")}, 404
def get(cls, name: str): store = StoreModel.find_by_name(name) if store: return store_schema.dump(store), 200 return {"message": getext("store_not_found")}, 404