def post(self):
parser = RequestParser(bundle_errors=True)
parser.add_argument('full_name', type=str, required=True, location='json')
parser.add_argument('password', type=inputs.regex('[A-Za-z0-9@#$%^&+=]{8,}'), required=True, location='json',
help='Password must have a minimum of eight characters.')
parser.add_argument('email_address', type=inputs.email(), required=True, location='json')
args = parser.parse_args(strict=True)
email = User.query.filter(User.email == args.email_address).first()
if email:
return {'message': 'Email address already exist'}, 400
try:
user = User()
user.full_name = args.full_name
user.email = args.email_address
user.username = f'{args.full_name.replace(" ", "").lower()}{random.randint(1, 9999)}'
user.password = generate_password_hash(args.password).decode()
user.role = 'CLIENT'
token = user.create_token()
user.save()
text = f"""Your Account has been created.
Confirm Your Account By Clicking on this link.
Link : <a href="{url_for('api.auth_confirm_account', token=token, _external=True)}"></a>
"""
send_mail_rq.queue(user.email, text, 'Register')
return {'message': 'Your account has been created, Check your email to confirm your account'}, 200
except Exception as e:
return jsonify(message=f'Unable to create account ::{e}'), 500
def signup(self, payload):
"""
signup function
:return:
"""
try:
check_email = email(check=True)
payload["email"] = check_email(payload["email"])
except Exception as ex:
abort(400, Message="Invalid email")
if payload.get('password') != payload.get('confirm_password'):
abort(400, Message="Password does not match")
count, records = base_obj.get(Collections.USERS,
{"email": payload['email']})
if count > 0:
abort(400, Message="Email ID Already Exists")
payload = custom_marshal(payload, user, 'create')
payload['password'] = sha256_crypt.encrypt(payload['password'])
_id = base_obj.insert(Collections.USERS, payload)
print(_id, type(_id))
link = ACTIVATION_MAIL.format(id=_id)
print(link)
send_mail([payload['email']], "Corona Location App Account Activation",
link, 'signup.html', {
'link': link,
'name': payload['first_name']
})
def test_bad_email(self):
emails = (
'someone@',
'@somewhere',
'email.somewhere.com',
'[invalid!email]',
'me.@somewhere',
'me..something@somewhere',
)
email = inputs.email()
self.assert_bad_emails(email, emails)
def test_bad_email(self):
emails = (
'someone@',
'@somewhere',
'email.somewhere.com',
'[invalid!email]',
'me.@somewhere',
'me..something@somewhere',
)
email = inputs.email()
self.assert_bad_emails(email, emails)
def test_valid_values_default(self):
emails = [
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
'Loïc.Accentué@voilà.fr',
]
invalids = [
'me@localhost',
'[email protected]',
'[email protected]',
'me@::1',
'[email protected]',
'me@2001:db8:85a3::8a2e:370:7334',
]
self.assert_values(inputs.email(), zip(emails, emails))
self.assert_bad_emails(inputs.email(), invalids)
def test_valid_values_default(self):
emails = [
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
'Loïc.Accentué@voilà.fr',
]
invalids = [
'me@localhost',
'[email protected]',
'[email protected]',
'me@::1',
'[email protected]',
'me@2001:db8:85a3::8a2e:370:7334',
]
self.assert_values(inputs.email(), zip(emails, emails))
self.assert_bad_emails(inputs.email(), invalids)
def test_valid_values_exclude(self):
emails = [
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
]
invalids = [
'*****@*****.**',
'*****@*****.**',
]
email = inputs.email(exclude=('somewhere.com', 'foo.bar'))
self.assert_values(email, zip(emails, emails))
self.assert_bad_emails(email, invalids, '{0} belongs to a forbidden domain')
def test_valid_values_exclude(self):
emails = [
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
]
invalids = [
'*****@*****.**',
'*****@*****.**',
]
email = inputs.email(exclude=('somewhere.com', 'foo.bar'))
self.assert_values(email, zip(emails, emails))
self.assert_bad_emails(email, invalids,
'{0} belongs to a forbidden domain')
def post(self):
parser = RequestParser(bundle_errors=True)
parser.add_argument('email_address',
type=inputs.email(),
required=True,
location='json')
args = parser.parse_args(strict=True)
user = User.query.filter(User.email == args.email_address).first()
if not user:
return jsonify(message='Please account is not found')
if user.status:
return jsonify(message='Your dont have access to this function')
token = user.create_token()
url = url_for('api.auth_confirm_account', token=token, _external=True)
send_mail_rq.queue(CONFIRM_ACC.format(url=url, name=user.full_name),
[user.email], 'Resend Account Activation')
return jsonify(message='Account confirmation has been sent')
def test_valid_values_check(self):
valids = [
'*****@*****.**',
'*****@*****.**',
]
invalids = [
'*****@*****.**',
'me@localhost',
'[email protected]',
'[email protected]',
'me@::1',
'[email protected]',
'me@2001:db8:85a3::8a2e:370:7334',
]
email = inputs.email(check=True)
self.assert_values(email, zip(valids, valids))
self.assert_bad_emails(email, invalids)
def test_valid_values_check(self):
valids = [
'*****@*****.**',
'*****@*****.**',
]
invalids = [
'*****@*****.**',
'me@localhost',
'[email protected]',
'[email protected]',
'me@::1',
'[email protected]',
'me@2001:db8:85a3::8a2e:370:7334',
]
email = inputs.email(check=True)
self.assert_values(email, zip(valids, valids))
self.assert_bad_emails(email, invalids)
def test_valid_values_ip_and_local(self):
emails = [
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
'coucou@localhost',
'*****@*****.**',
'*****@*****.**',
'[email protected]',
'me@2001:db8:85a3::8a2e:370:7334',
'me@localhost',
'[email protected]',
'[email protected]',
'me@::1',
]
email = inputs.email(ip=True, local=True)
self.assert_values(email, zip(emails, emails))
def test_valid_values_ip_and_local(self):
emails = [
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
'coucou@localhost',
'*****@*****.**',
'*****@*****.**',
'[email protected]',
'me@2001:db8:85a3::8a2e:370:7334',
'me@localhost',
'[email protected]',
'[email protected]',
'me@::1',
]
email = inputs.email(ip=True, local=True)
self.assert_values(email, zip(emails, emails))
def user_validation(create=True):
parser = reqparse.RequestParser(trim=True, bundle_errors=True)
parser.add_argument('user_name',
type=inputs.regex(r'^[0-9A-Za-z-]{3,50}$'),
required=create,
help='User alias unique name',
case_sensitive=False)
parser.add_argument('first_name',
type=inputs.regex(r'^[A-Za-z]{3,100}$'),
required=create,
help='First name',
case_sensitive=False)
parser.add_argument('last_name',
type=inputs.regex(r'^[A-Za-z]{3,100}$'),
required=create,
help='Last name',
case_sensitive=False)
parser.add_argument('gender',
type=str,
required=create,
choices=('male', 'Male', 'MALE'
'female', 'Female', 'FEMALE'),
help='Gender',
case_sensitive=False)
parser.add_argument('dob',
type=inputs.date,
required=create,
help='Date of Birth')
parser.add_argument('phone_no',
type=inputs.regex(r'^\+[0-9]{10,15}$'),
required=create,
help='Phone number')
parser.add_argument('email',
type=inputs.email(check=True),
required=create,
help='Email',
case_sensitive=False)
parser.add_argument(
'password',
type=inputs.regex(r'^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[a-zA-Z\d]{6,15}$'),
required=create,
help='Password')
return parser.parse_args(strict=True)
def test_valid_values_domains(self):
emails = [
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
]
invalids = [
'*****@*****.**',
'*****@*****.**',
'me@localhost',
'[email protected]',
'[email protected]',
'me@::1',
'[email protected]',
'me@2001:db8:85a3::8a2e:370:7334',
]
email = inputs.email(domains=('gmail.com', 'cmoi.fr'))
self.assert_values(email, zip(emails, emails))
self.assert_bad_emails(email, invalids, '{0} does not belong to the authorized domains')
def signup_parser():
parser = base_parser.copy()
parser.add_argument(
'name', type=str, help='nickname (required for not social)')
parser.add_argument(
'email', type=inputs.email(check=True),
help='email (required for not social)')
parser.add_argument(
'password', type=str, help='password (required for not social)')
parser.add_argument(
'social_provider', type=Inputs.enum(SocialProvider),
choices=list(SocialProvider),
help='social provider name (required for social)')
parser.add_argument(
'social_id', type=str,
help='id of social account (required for social)')
parser.add_argument(
'social_access_token', type=str,
help='access token of social account (required for social)')
return parser
def test_valid_values_domains(self):
emails = [
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
'*****@*****.**',
]
invalids = [
'*****@*****.**',
'*****@*****.**',
'me@localhost',
'[email protected]',
'[email protected]',
'me@::1',
'[email protected]',
'me@2001:db8:85a3::8a2e:370:7334',
]
email = inputs.email(domains=('gmail.com', 'cmoi.fr'))
self.assert_values(email, zip(emails, emails))
self.assert_bad_emails(
email, invalids, '{0} does not belong to the authorized domains')
def post(self):
parser = RequestParser()
parser.add_argument('email_address',
type=inputs.email(),
required=True,
location='json')
args = parser.parse_args(strict=True)
user = User.query.filter(User.email == args.email_address).first()
if not user:
return {
'message': 'Sorry, your email was not found',
'other': 'Check and try again'
}, 400
token = user.create_token()
send_mail_rq.queue(
FORGOT_PWD.format(url=url_for('api.auth_reset_password',
token=token,
_external=True),
name=user.full_name), [user.email],
'Forgot Password')
print(token)
return jsonify(message='A reset link has been sent to your email')
api = Namespace('user', description='User profile/account')
user_fields = api.model("User", {
"username": fields.String(example="JoeMama69"),
"email": fields.String(example="*****@*****.**"),
"created": fields.DateTime(attribute="created_on"),
"permission": fields.Integer(attribute="permission_level", description="0 = User; 1 = Moderator; 2 = Admin")
})
invite_fields = api.model("Invite", {
"invite": fields.String(example="a4b2c0")
})
email_validator = inputs.email(check=True)
@api.route("")
class UserResource(Resource):
user_parser = api.parser()
user_parser.add_argument('username', type=str, help='Users name', required=True, location='form')
user_parser.add_argument('email', type=email_validator, help='Users email', required=True, location='form')
user_parser.add_argument('password', type=str, help='Users password', required=True, location='form')
user_parser.add_argument('invite_code', type=str, help='Users invite code', required=True, location='form')
@api.marshal_with(user_fields)
@api.expect(user_parser)
def post(self):
args = self.user_parser.parse_args()
def test_valid_value_exclude(self, value):
email = inputs.email(exclude=('somewhere.com', 'foo.bar'))
assert email(value) == value
def test_valid_value_domains(self, value):
email = inputs.email(domains=('gmail.com', 'cmoi.fr'))
assert email(value) == value
def test_invalid_value_local(self, value):
email = inputs.email(local=True)
self.assert_bad_email(email, value)
def test_invalid_value_ip(self, value):
email = inputs.email(ip=True)
self.assert_bad_email(email, value)
def test_invalid_values_check(self, value):
email = inputs.email(check=True)
self.assert_bad_email(email, value)
def test_valid_value_exclude(self, value):
email = inputs.email(exclude=('somewhere.com', 'foo.bar'))
assert email(value) == value
help='Updated settings object.')
# Group team modification request
group_modify_team_req = reqparse.RequestParser()
group_modify_team_req.add_argument('team_id',
required=True,
location='json',
type=str,
help='ID of the team to modify.',
error='Team ID is required')
# Group invite request
group_invite_req = reqparse.RequestParser()
group_invite_req.add_argument('email',
required=True,
type=inputs.email(),
location='json',
help='Email address to invite to the classroom.',
error='Must be a valid email address')
group_invite_req.add_argument(
'as_teacher',
required=True,
type=inputs.boolean,
location='json',
default=False,
help='Invite this user to be a teacher in the classroom, ' +
'rather than a regular member.',
error='as_teacher must be a boolean value')
# Join group request
join_group_req = reqparse.RequestParser()
def put(self, option):
profile_parser = RequestParser(trim=True, bundle_errors=True)
if option == 'general':
profile_parser.add_argument('username',
required=True,
type=string,
location='json')
profile_parser.add_argument('full_name',
required=True,
type=string,
location='json')
profile_parser.add_argument('gender',
required=True,
type=str,
choices=['Male', 'Female', 'Others'],
help='Gender is required',
location='json')
args = profile_parser.parse_args(strict=True)
if User.query.filter(User.username == args.username,
User.id != current_user.id).first():
return {
'message':
'Username already exist, please use different one'
}, 400
current_user.full_name = args.full_name
current_user.gender = args.gender
return current_user.save(**args)
if option == 'pwd':
profile_parser.add_argument('old_pwd',
required=True,
type=str,
location='json')
profile_parser.add_argument(
'new_pwd',
type=inputs.regex('[A-Za-z0-9@#$%^&+=]{8,}'),
required=True,
location='json',
help='Password must have a minimum of eight characters.')
profile_parser.add_argument(
'confirm_pwd',
type=inputs.regex('[A-Za-z0-9@#$%^&+=]{8,}'),
required=True,
location='json',
help='Password must have a minimum of eight characters.')
args = profile_parser.parse_args(strict=True)
if not bcrypt.check_password_hash(current_user.password,
args.old_pwd):
return {
'message': 'Old password doesnt match current password'
}, 400
if not safe_str_cmp(args.confirm_pwd, args.new_pwd):
return {"message": 'passwords dont match'}
current_user.password = bcrypt.generate_password_hash(
args.new_pwd).decode()
current_user.save()
send_mail_rq.queue('Your password was changed!',
[current_user.email], 'Password Changed')
return {'message': 'Your password has been updated successfully'}
if option == 'email':
profile_parser.add_argument('pwd',
required=True,
type=str,
location='json')
profile_parser.add_argument('old_email',
required=True,
type=inputs.email(),
help='Email address is required',
location='json')
profile_parser.add_argument('new_email',
required=True,
type=inputs.email(),
help='Email address is required',
location='json')
args = profile_parser.parse_args(strict=True)
if not bcrypt.check_password_hash(current_user.password, args.pwd):
return abort(401)
token = current_user.create_token(
payload={'email': args.new_email})
url = url_for('api.auth_change_email', token=token, _external=True)
send_mail_rq.queue(
CHANGE_EMAIL.format(name=current_user.full_name, url=url),
[args.new_email], 'Change Email')
return {'message': 'Email has been sent'}
if option == 'img':
profile_parser.add_argument(
'files',
required=True,
location='files',
type=werkzeug.datastructures.FileStorage)
args = profile_parser.parse_args(strict=True)
file = img_upload(args.file)
if file.get('message'):
return file, 400
current_user.img = file.get('filename')
file.get('upload').save(file.get('full_path'))
return current_user.save(filename=current_user.img), 201
return abort(404)
def test_schema(self):
self.assert_schema(inputs.email(), {
'type': 'string',
'format': 'email'
})
def test_valid_value_domains(self, value):
email = inputs.email(domains=('gmail.com', 'cmoi.fr'))
assert email(value) == value
def test_invalid_value_domains(self, value):
email = inputs.email(domains=('gmail.com', 'cmoi.fr'))
self.assert_bad_email(email, value, '{0} does not belong to the authorized domains')
def test_bad_email(self, value):
email = inputs.email()
self.assert_bad_email(email, value)
'settings', required=False, type=object_type, location='json',
help='Updated settings object.'
)
# Group team removal request
group_remove_team_req = reqparse.RequestParser()
group_remove_team_req.add_argument(
'team_id', required=True, location='json', type=str,
help='ID of the team to remove.',
error='Team ID is required'
)
# Group invite request
group_invite_req = reqparse.RequestParser()
group_invite_req.add_argument(
'email', required=True, type=inputs.email(), location='json',
help='Email address to invite to the group.',
error='Must be a valid email address'
)
group_invite_req.add_argument(
'as_teacher', required=True, type=inputs.boolean, location='json',
default=False, help='Invite this user to be a teacher in the group, ' +
'rather than a regular member.',
error='as_teacher must be a boolean value'
)
# Join group request
join_group_req = reqparse.RequestParser()
join_group_req.add_argument(
'group_name', required=True, type=length_restricted(3, 100, str),
location='json', help='Name of the group to join.',
def test_invalid_value_default(self, value):
self.assert_bad_email(inputs.email(), value)
def test_invalid_value_exclude(self, value):
email = inputs.email(exclude=('somewhere.com', 'foo.bar'))
self.assert_bad_email(email, value, '{0} belongs to a forbidden domain')
def test_invalid_value_ip(self, value):
email = inputs.email(ip=True)
self.assert_bad_email(email, value)
def test_valid_value_ip_and_local(self, value):
email = inputs.email(ip=True, local=True)
assert email(value) == value
def test_valid_value_default(self, value):
validator = inputs.email()
assert validator(value) == value
def test_bad_email(self, value):
email = inputs.email()
self.assert_bad_email(email, value)
def test_valid_value_check(self, value):
email = inputs.email(check=True)
assert email(value) == value
def test_valid_value_ip(self, value):
email = inputs.email(ip=True)
assert email(value) == value
def test_valid_value_ip(self, value):
email = inputs.email(ip=True)
assert email(value) == value
def test_invalid_value_local(self, value):
email = inputs.email(local=True)
self.assert_bad_email(email, value)
def test_valid_value_local(self, value):
email = inputs.email(local=True)
assert email(value) == value
def test_valid_value_local(self, value):
email = inputs.email(local=True)
assert email(value) == value
def test_valid_value_ip_and_local(self, value):
email = inputs.email(ip=True, local=True)
assert email(value) == value
def test_schema(self):
self.assert_schema(inputs.email(), {'type': 'string', 'format': 'email'})
def test_invalid_value_domains(self, value):
email = inputs.email(domains=('gmail.com', 'cmoi.fr'))
self.assert_bad_email(email, value, '{0} does not belong to the authorized domains')
)
secure_reqparser.add_argument(
name="iv",
type=base64_standard,
required=True,
nullable=False,
help="Initialization vector.",
)
secure_reqparser.add_argument(
name="ct", type=base64_standard, required=True, nullable=False, help="Ciphertext"
)
auth_reqparser = reqparse.RequestParser(bundle_errors=True)
auth_reqparser.add_argument(
name="email",
type=email(),
location="form",
required=True,
nullable=False,
help="User email address.",
)
auth_reqparser.add_argument(
name="password",
type=str,
location="form",
required=True,
nullable=False,
help="User password.",
)
user_model = auth_ns.model(
def test_invalid_value_exclude(self, value):
email = inputs.email(exclude=('somewhere.com', 'foo.bar'))
self.assert_bad_email(email, value, '{0} belongs to a forbidden domain')
def test_schema(self):
assert inputs.email().__schema__ == {'type': 'string', 'format': 'email'}
def test_schema(self):
assert inputs.email().__schema__ == {'type': 'string', 'format': 'email'}
def test_invalid_values_check(self, value):
email = inputs.email(check=True)
self.assert_bad_email(email, value)