def post(self):
parser = RequestParser(bundle_errors=True)
parser.add_argument('full_name', type=str, required=True, location='json')
parser.add_argument('password', type=inputs.regex('[A-Za-z0-9@#$%^&+=]{8,}'), required=True, location='json',
help='Password must have a minimum of eight characters.')
parser.add_argument('email_address', type=inputs.email(), required=True, location='json')
args = parser.parse_args(strict=True)
email = User.query.filter(User.email == args.email_address).first()
if email:
return {'message': 'Email address already exist'}, 400
try:
user = User()
user.full_name = args.full_name
user.email = args.email_address
user.username = f'{args.full_name.replace(" ", "").lower()}{random.randint(1, 9999)}'
user.password = generate_password_hash(args.password).decode()
user.role = 'CLIENT'
token = user.create_token()
user.save()
text = f"""Your Account has been created.
Confirm Your Account By Clicking on this link.
Link : <a href="{url_for('api.auth_confirm_account', token=token, _external=True)}"></a>
"""
send_mail_rq.queue(user.email, text, 'Register')
return {'message': 'Your account has been created, Check your email to confirm your account'}, 200
except Exception as e:
return jsonify(message=f'Unable to create account ::{e}'), 500
def post(self):
parser = RequestParser(bundle_errors=True)
parser.add_argument('username', type=str, required=True, location='json', help='username is required')
parser.add_argument('password', type=str, required=True, location='json', help='password is required')
parser.add_argument('rem', type=inputs.boolean, default=False, required=False, location='json',
help='rem is required')
args = parser.parse_args(strict=True)
user = User.query.filter((User.username == args.username) | (User.email == args.username)).first()
if not user:
return {'message': 'Incorrect username or password'}, 401
else:
if not check_password_hash(user.password, args.password):
return {'message': 'Incorrect username or password'}, 401
else:
if not user.status:
return {'message': 'Your account is currently inactive'}, 401
else:
send_mail_rq.queue(LOGIN_NOTIFY.format(name=user.full_name, app_name='Ngsapps', email=user.email,
time=str(datetime.utcnow()), ip=request.remote_addr,
user_agent=request.user_agent), [user.email],
'Ngsapp Support')
# create JWT
access_token = create_access_token(identity=str(user.uuid))
refresh_token = create_refresh_token(identity=str(user.uuid))
resp = jsonify({'login': True, 'role': user.role})
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
resp.set_cookie('access_token_cookie', access_token)
# access_jti = get_jti(encoded_token=access_token)
# refresh_jti = get_jti(encoded_token=refresh_token)
# redis.set(access_jti, 'false', current_app.config['JWT_ACCESS_TOKEN_EXPIRES'] * 1.2)
# redis.set(refresh_jti, 'false', current_app.config['JWT_REFRESH_TOKEN_EXPIRES'] * 1.2)
return make_response(resp)
def post(self):
args = parser.parse_args(strict=True)
user = User(**args)
pwd = secrets.token_hex(5)
user.set_password(pwd)
user.confirmed = True
send_mail_rq.queue(
NEW_ACC.format(
username=user.username,
password=pwd,
), [args.email], 'Welcome')
return User.user_exist(args) if User.user_exist(args) else user.save(
**args)
def post(self):
parser = RequestParser(bundle_errors=True)
parser.add_argument('email_address',
type=inputs.email(),
required=True,
location='json')
args = parser.parse_args(strict=True)
user = User.query.filter(User.email == args.email_address).first()
if not user:
return jsonify(message='Please account is not found')
if user.status:
return jsonify(message='Your dont have access to this function')
token = user.create_token()
url = url_for('api.auth_confirm_account', token=token, _external=True)
send_mail_rq.queue(CONFIRM_ACC.format(url=url, name=user.full_name),
[user.email], 'Resend Account Activation')
return jsonify(message='Account confirmation has been sent')
def post(self):
parser = RequestParser()
parser.add_argument('email_address',
type=inputs.email(),
required=True,
location='json')
args = parser.parse_args(strict=True)
user = User.query.filter(User.email == args.email_address).first()
if not user:
return {
'message': 'Sorry, your email was not found',
'other': 'Check and try again'
}, 400
token = user.create_token()
send_mail_rq.queue(
FORGOT_PWD.format(url=url_for('api.auth_reset_password',
token=token,
_external=True),
name=user.full_name), [user.email],
'Forgot Password')
print(token)
return jsonify(message='A reset link has been sent to your email')
def put(self, option):
profile_parser = RequestParser(trim=True, bundle_errors=True)
if option == 'general':
profile_parser.add_argument('username',
required=True,
type=string,
location='json')
profile_parser.add_argument('full_name',
required=True,
type=string,
location='json')
profile_parser.add_argument('gender',
required=True,
type=str,
choices=['Male', 'Female', 'Others'],
help='Gender is required',
location='json')
args = profile_parser.parse_args(strict=True)
if User.query.filter(User.username == args.username,
User.id != current_user.id).first():
return {
'message':
'Username already exist, please use different one'
}, 400
current_user.full_name = args.full_name
current_user.gender = args.gender
return current_user.save(**args)
if option == 'pwd':
profile_parser.add_argument('old_pwd',
required=True,
type=str,
location='json')
profile_parser.add_argument(
'new_pwd',
type=inputs.regex('[A-Za-z0-9@#$%^&+=]{8,}'),
required=True,
location='json',
help='Password must have a minimum of eight characters.')
profile_parser.add_argument(
'confirm_pwd',
type=inputs.regex('[A-Za-z0-9@#$%^&+=]{8,}'),
required=True,
location='json',
help='Password must have a minimum of eight characters.')
args = profile_parser.parse_args(strict=True)
if not bcrypt.check_password_hash(current_user.password,
args.old_pwd):
return {
'message': 'Old password doesnt match current password'
}, 400
if not safe_str_cmp(args.confirm_pwd, args.new_pwd):
return {"message": 'passwords dont match'}
current_user.password = bcrypt.generate_password_hash(
args.new_pwd).decode()
current_user.save()
send_mail_rq.queue('Your password was changed!',
[current_user.email], 'Password Changed')
return {'message': 'Your password has been updated successfully'}
if option == 'email':
profile_parser.add_argument('pwd',
required=True,
type=str,
location='json')
profile_parser.add_argument('old_email',
required=True,
type=inputs.email(),
help='Email address is required',
location='json')
profile_parser.add_argument('new_email',
required=True,
type=inputs.email(),
help='Email address is required',
location='json')
args = profile_parser.parse_args(strict=True)
if not bcrypt.check_password_hash(current_user.password, args.pwd):
return abort(401)
token = current_user.create_token(
payload={'email': args.new_email})
url = url_for('api.auth_change_email', token=token, _external=True)
send_mail_rq.queue(
CHANGE_EMAIL.format(name=current_user.full_name, url=url),
[args.new_email], 'Change Email')
return {'message': 'Email has been sent'}
if option == 'img':
profile_parser.add_argument(
'files',
required=True,
location='files',
type=werkzeug.datastructures.FileStorage)
args = profile_parser.parse_args(strict=True)
file = img_upload(args.file)
if file.get('message'):
return file, 400
current_user.img = file.get('filename')
file.get('upload').save(file.get('full_path'))
return current_user.save(filename=current_user.img), 201
return abort(404)