Пример #1
0
    def post(self):
        data = parser.parse_args()
        current_user = UserModel.find_by_login(data['login'])
        if not current_user:
            return {'message': 'User {} doesnt exists'.format(data['login'])}, 401

        if UserModel.verify_hash(data['password'], current_user.password):
            expires = datetime.timedelta(days=1)
            access_token = create_access_token(identity=current_user, expires_delta=expires)
            return {
                'id_token': access_token
            }
        else:
            return {'message', 'Wrong credentials'}, 401
Пример #2
0
    def post(self):
        data = parser.parse_args()
        current_user = UserModel.find_by_username(data['username'])
        if not current_user:
            return {
                'message': 'User {} doesn\'t exists'.format(data['username'])
            }, 401

        if UserModel.verify_hash(data['password'], current_user.password):
            access_token = create_access_token(identity=current_user)
            refresh_token = create_refresh_token(identity=current_user)
            return {
                'message': 'Logged in as {}'.format(current_user.username),
                'access_token': access_token,
                'refresh_token': refresh_token
            }
        else:
            return {'message': 'Wrong credentials'}, 401
Пример #3
0
    def post(self):

        data = parser.parse_args()

        if not data['username'] or not data['password'] or not data[
                'old_password']:
            return {
                'message':
                'Imposible to perform operation... missing parameters'
            }, 400

        current_username = get_jwt_identity()

        if current_username != data['username']:
            return {'message': 'Not matching username'}, 400

        user = UserModel.find_by_username(current_username)

        if not user:
            return {
                'message': 'User {} doesn\'t exists'.format(current_username)
            }, 401

        if not UserModel.verify_hash(data['old_password'], user.password):
            return {'message': 'Current password doesn\'t match'}, 403

        user.password = UserModel.generate_hash(data['password'])

        try:
            user.save_to_db()
            return {
                'message':
                'Password for user {} successfully changed'.format(
                    user.username)
            }
        except:
            return {'message': 'Something went wrong'}, 500