Exemplo n.º 1
0
 def put(self):
     password_parser = reqparse.RequestParser()
     password_parser.add_argument('old_password', help='This field cannot be blank', required=True, type=str)
     password_parser.add_argument('new_password', help='This field cannot be blank', required=True, type=str)
     data = password_parser.parse_args()
     user = UserModel.find_by_username(get_jwt_identity())
     if UserModel.verify_hash(data['old_password'], user.password):
         if len(data['new_password']) < 8:
             abort(400, message=PASSWORD_TOO_SHORT)
         user.password = UserModel.generate_hash(data['new_password'])
         user.persist()
         return SimpleMessage(PASSWORD_CHANGED), 201
     else:
         abort(401, message=OLD_PASSWORD_INCORRECT)
Exemplo n.º 2
0
    def post(self):
        parser = reqparse.RequestParser()
        parser.add_argument('username', help='This field cannot be blank', required=True, type=str)
        parser.add_argument('password', help='This field cannot be blank', required=True, type=str)
        data = parser.parse_args()
        current_user = UserModel.find_by_username(data['username'])

        if not current_user:
            abort(400, message=USER_DOESNT_EXIST)

        if UserModel.verify_hash(data['password'], current_user.password):
            access_token = create_access_token(identity=data['username'])
            refresh_token = create_refresh_token(identity=data['username'])
            return AuthResponse(LOGIN_SUCCESS,
                                current_user,
                                access_token=access_token,
                                refresh_token=refresh_token), 202
        else:
            abort(400, message=WRONG_CREDENTIALS)
Exemplo n.º 3
0
def authenticate(email, password):
    user = UserModel.find_by_email(email)
    if user and UserModel.verify_hash(password, user.password):
        return user