def test_encode_auth_token(self):
user = User(
email='*****@*****.**',
password='******',
registered_on=datetime.datetime.utcnow()
)
db.session.add(user)
db.session.commit()
auth_token = user.encode_access_token()
self.assertTrue(isinstance(auth_token, bytes))
def test_decode_auth_token(self):
user = User(
email='*****@*****.**',
password='******',
registered_on=datetime.datetime.utcnow()
)
db.session.add(user)
db.session.commit()
auth_token = user.encode_access_token()
self.assertTrue(isinstance(auth_token, bytes))
self.assertTrue(User.decode_access_token(auth_token.decode("utf-8")).value.get('public_id') == user.public_id)
def add_user_from_cli(data):
if User.find_by_email(data["email"]):
error = f"Error: {data['email']} is already registered"
click.secho(f"{error}\n", fg="red", bold=True)
return 1
new_user = User(email=data['email'],
username=data['username'],
password=data['password'],
admin=data['admin'])
db.session.add(new_user)
db.session.commit()
user_type = "admin user" if data["admin"] else "user"
message = f"Successfully added new {user_type}:\n {new_user}"
click.secho(message, fg="blue", bold=True)
def save_new_user(data):
user = User.find_by_email(data['email'])
if user:
response_object = {
'status': 'fail',
'message': f"{data['email']} is already registered",
}
return response_object, HTTPStatus.CONFLICT
new_user = User(public_id=str(uuid.uuid4()),
email=data['email'],
username=data['username'],
password=data['password'],
registered_on=datetime.datetime.utcnow(),
admin=data['admin'])
save_changes(new_user)
return generate_token(new_user)
def get_logged_in_user():
_data = Auth.check_access_token()
public_id = _data.get('public_id')
user = User.find_by_public_id(public_id)
if not user:
response_object = {'status': 'fail', 'message': 'Try again'}
return response_object, HTTPStatus.UNAUTHORIZED
expires_at = _data.get('expires_at')
user.token_expires_in = format_timespan_digits(
remaining_fromtimestamp(expires_at))
return user
def check_access_token(admin_only=False):
token = request.headers.get("Authorization")
if not token:
raise ApiUnauthorized(description="Unauthorized",
admin_only=admin_only)
result = User.decode_access_token(token)
if result.failure:
raise ApiUnauthorized(
description=result.error,
admin_only=admin_only,
error="invalid_token",
error_description=result.error,
)
return result.value
def admin_access_token(self):
_data = dict(email='*****@*****.**',
username='******',
password='******',
admin=True)
user = User.find_by_email(_data['email'])
if not user:
response = register_admin_user(data=_data)
data = json.loads(response.data.decode())
if response.status_code == 201 and data['access_token']:
return data['access_token']
response = login_admin_user(self, data=_data)
data = json.loads(response.data.decode())
if response.status_code == 200 and data['access_token']:
return data['access_token']
return None
def login_user():
try:
# fetch the user data
data = request.json
user = User.find_by_email(data.get('email'))
if not user or not user.check_password(data.get('password')):
response_object = {
'status': 'fail',
'message': 'email or password does not match.'
}
return response_object, HTTPStatus.UNAUTHORIZED
access_token = user.encode_access_token()
return create_auth_successful_response(
token=access_token.decode(),
status_code=HTTPStatus.OK,
message="Successfully logged in.",
)
except Exception as e:
response_object = {'status': 'fail', 'message': 'Try again'}
return response_object, HTTPStatus.UNPROCESSABLE_ENTITY
def get_a_user(public_id):
return User.find_by_public_id(public_id)