def post(self):
req_data = request.get_json()
req_data['created_user'] = current_user.id
role = req_data['roles']
req_data.pop('roles')
errors = user_schema.validate(req_data)
if errors:
return errors, 500
data = user_schema.load(req_data)
try:
if UserModel.find_by_username(data['username']):
return {
'message':
'El usuario {} ya existe'.format(data['username'])
}, 500
user = UserModel(data)
user.password = hash_password(user.password)
user.create()
ins = roles_users.insert().values(id_user=user.id_user,
id_role=role)
ins.compile().params
result = db.session.execute(ins)
db.session.commit()
return {'message': 'Usuario {} creado'.format(data['username'])}
except (sqlalchemy.exc.SQLAlchemyError,
sqlalchemy.exc.DBAPIError) as e:
return render_template('500.html', error=e), 500
def add_new_user():
fields = [
('email', str, True, None),
('password', str, True, None),
('password_repeat', str, True, None),
]
arguments = parse_request(fields)
UserModel.create(**arguments)
return response(dict(email=arguments['email']), 201)
class UserService:
def __init__(self):
self.model = UserModel()
def create(self, params):
return self.model.create(params)
def update(self, item_id, params):
return self.model.update(item_id, params)
def delete(self, item_id):
return self.model.delete(item_id)
def login(self, params):
return self.model.login(params)
def list(self):
response = self.model.list_items()
return response
class AuthService:
def __init__(self):
self.model = UserModel()
def login(self, email, password):
user = self.model.get_by_field('email', email)
if user is None:
raise UserNotFound
if not check_password_hash(user['password'], password):
raise InvalidCredentials
self._authorize(user)
def register(self, attributes: dict):
attributes['password'] = generate_password_hash(attributes['password'])
try:
user_id = self.model.create(attributes)
except sqlite3.IntegrityError as e:
raise EmailAlreadyExist from e
return self.get_user_profile(user_id)
def get_user_profile(self, user_id):
user = self.model.get_by_id(user_id)
if user is None:
raise UserNotFound
user.pop("password")
return user
@classmethod
def _authorize(cls, user):
session['user_id'] = user['id']
@staticmethod
def logout():
session.pop('user_id', None)
@staticmethod
def get_auth_user_id():
return session.get('user_id')
