def login(email, password, **kwargs):
'''
Authenticate user credentials
---
tags:
- user
responses:
200:
description: OK
content:
application/json:
schema:
type: object
properties:
success:
type: boolean
message:
type: string
session:
type: object
properties:
token:
type: string
expires:
type: string
'''
try:
email_results = validate_email(email)
email = '{0}@{1}'.format(email_results.local_part.lower(),
email_results.domain)
except EmailNotValidError as ex:
# Treat verification failure as normal login failure
return jsonify({'success': False, 'message': 'Invalid login details'})
user = db.session.query(User).filter(User.email == email).limit(1).first()
if (user == None or not user.verify_password(password)):
return jsonify({'success': False, 'message': 'Invalid login details'})
session = Session(user_id=user.user_id,
expires=datetime.now() + timedelta(days=1))
db.session.add(session)
db.session.commit()
session_data = session.dump()
return jsonify({'success': True, 'message': '', 'session': session_data})
def signup(name, email, password, **kwargs):
'''
Creates a new user
---
tags:
- user
responses:
200:
description: OK
content:
application/json:
schema:
type: object
properties:
success:
type: boolean
message:
type: string
session:
type: object
properties:
token:
type: string
expires:
type: string
'''
# Validate name
min_length = 2
max_length = User.__table__.c['name'].type.length
if (len(name) < min_length):
return jsonify({
'success':
False,
'message':
'Name should be at least {0} characters long'.format(min_length)
})
if (len(name) > max_length):
return jsonify({
'success':
False,
'message':
'Name should be at most {0} characters long'.format(max_length)
})
# Validate email
try:
email_results = validate_email(email)
#email = email_results.email
email = '{0}@{1}'.format(email_results.local_part.lower(),
email_results.domain)
if email_results.domain != 'cpp.edu':
return jsonify({
'success':
False,
'message':
'A \'@cpp.edu\' email address is required'
})
except EmailNotValidError as ex:
return jsonify({'success': False, 'message': str(ex)})
# Ensure strong password
password_results = zxcvbn(password, user_inputs=[name, email])
if (password_results['score'] < 2):
suggestions = password_results['feedback']['suggestions']
response = {'success': False, 'message': 'Your password is too weak'}
if (len(suggestions) > 0):
response['message'] += ' - {0}'.format(suggestions[0])
return jsonify(response)
# Finally create user and session
try:
user = User(email=email, name=name, password=password)
db.session.add(user)
db.session.commit()
except IntegrityError as ex:
return jsonify({
'success': False,
'message': 'Email already registered'
})
session = Session(user_id=user.user_id,
expires=datetime.now() + timedelta(days=1))
db.session.add(session)
db.session.commit()
session_data = session.dump()
return jsonify({'success': True, 'message': '', 'session': session_data})