def post(self):
payload = request.form or request.json
# logged in
current_user = get_jwt_identity()
if current_user:
q = select([accounts.c.id,
accounts.c.email,
accounts.c.activated_at])\
.where(accounts.c.id == current_user)
acc = repo(q).fetchone()
else:
try:
q = select([
accounts.c.id,
accounts.c.email,
accounts.c.activated_at
]).where(accounts.c.email == payload['email'])
acc = repo(q).fetchone()
except KeyError:
return abort(400)
if not acc:
return abort(400)
elif acc and acc.activated_at:
return abort(400)
else:
try:
cl_mail_ctx_sch = ClientMailContextSchema()
mail_ctx = cl_mail_ctx_sch.load(payload)
_send_activation_mail(acc, mail_ctx)
return {}, 202
except ValidationError as e:
return {'errors': e.messages}, 400
def store_refresh_token(token, identity_claim):
decoded_token = decode_token(token)
q = insert(tokens).values(jti=decoded_token["jti"],
token_type=decoded_token["type"],
user_identity=decoded_token[identity_claim],
revoked=False,
expired_at=datetime.fromtimestamp(
decoded_token['exp']))
repo(q)
def me() -> ResponseType:
current_user = get_jwt_identity()
fields = ["id", "username", "email"]
q = select([accounts.c[field]
for field in fields]).where(accounts.c.id == current_user)
acc = repo(q).fetchone()
return jsonify(dict(acc))
def all(columns=[]):
if not columns:
selection = [accounts]
else:
selection = [accounts.c[col] for col in columns]
query = select(selection)
return repo(query).fetchall()
def revoke_refresh_token(jti, uuid):
stmt = tokens.update().values(
revoked=True).where((tokens.c.jti == jti)
& (tokens.c.user_identity == uuid)
& (tokens.c.revoked.is_(False))).returning(
tokens.c.id)
return repo(stmt).fetchone()
def is_token_revoked(decoded_token):
jti = decoded_token['jti']
stmt = select([tokens.c.id, tokens.c.revoked]).where((tokens.c.jti == jti))
token = repo(stmt).fetchone()
if not token:
return True
return token.revoked
def get(self, uid=None):
s = AccountSchema()
q = select([accounts.c[field] for field in s.fields.keys()])\
.where(accounts.c.id == (str(uid) if uid else g.account_id))
acc = repo(q).fetchone()
if not acc:
return abort(404)
else:
return s.dump(acc), 200
def unique(table, field, value):
'''
unique(Account, 'username', 'john')
'''
q = select([table.c.id])\
.where(text('{0}=:{0}'.format(field))).params({field: value})
if repo(q).fetchone():
raise ValidationError('{} already exists'.format(field.capitalize()),
field)
def self_verify(payload):
if payload.get('sub') == 'activation':
query = select([accounts.c.id, accounts.c.activated_at])\
.where(accounts.c.id == payload['account_id'])
acc = repo(query).fetchone()
if acc:
if acc.activated_at:
return False, 'Account already activated', payload
return True, '', payload
return False, 'Invalid token', payload
def persist_record(self, data):
return repo(
insert(answers).values(**data).returning(answers.c.id)
).fetchone()
def activate_account(data):
stmt = update(accounts)\
.returning(accounts.c.id)\
.where(accounts.c.id == data['uuid'])\
.values(activated_at=data['activated_at'])
return repo(stmt).fetchall()[0]
def regist_account(data):
ins = insert(accounts).values(**data)\
.returning(accounts.c.id, accounts.c.email)
return repo(ins).fetchone()
def retrieve_account(username_or_email):
stmt = select([accounts]).where(
or_(accounts.c.email == username_or_email,
accounts.c.username == username_or_email))
return repo(stmt).fetchone()
