def get_user(user_id):
user = db.session.query(User).filter(User.user_id == user_id).first()
if not user:
return jsonify({'message': f'User with id {user_id} not found'}), 404
return user_schema.jsonify(user)
def update_password():
data = request.json
if not bcrypt.check_password_hash(current_user.password,
data['oldPassword']):
return jsonify({
'message': 'Password incorrect',
'field': 'oldPassword'
}), 401
if data['password'] != data['repeatPassword']:
# Status Code might not be correct
return jsonify({
'message': 'Passwörter stimmen nicht überein',
'field': 'repeatPassword'
}), 400
hashed_password = bcrypt.generate_password_hash(
data['password']).decode('utf8')
current_user.password = hashed_password
db.session.commit()
return user_schema.jsonify(current_user)
def update_data():
data = request.json
current_user.name = data['name']
current_user.email = data['email']
db.session.commit()
return user_schema.jsonify(current_user)
def post_login():
auth = request.json
if not auth or not auth['email'] or not auth['password']:
return jsonify(message='Email or password incorrect'), 401
user = db.session.query(User).filter(User.email == auth['email']).first()
if not user:
return jsonify(message='Email not found'), 404
if not bcrypt.check_password_hash(user.password, auth['password']):
return jsonify(message='Email or password incorrect'), 401
access_token = create_access_token(identity=user.user_id)
refresh_token = create_refresh_token(identity=user.user_id)
response = user_schema.jsonify(user)
set_access_cookies(response, access_token)
set_refresh_cookies(response, refresh_token)
return response
def get_current_user():
return user_schema.jsonify(current_user)