def create_user(): try: data = get_request_data( request, required_params=["email", "password"], ) except (ValueError, TypeError) as e: return handle_error( message="%s: %s" % (request.url, str(e)), logger=logger, status_code=422, ) email = data["email"] password = data["password"] firstName = data.get("firstName", None) lastName = data.get("lastName", None) userType = data.get("userType", None) db = DatabaseService() try: db.save_user( email=email, password=password, firstName=firstName, lastName=lastName, userType=userType, ) except SQLIntegrityError: return make_response("User %s already exists" % data["email"], 409) return make_response("OK", 200)
def reset_password(): try: data = get_request_data( request, required_params=["token", "password", "passwordCheck"], ) except (ValueError, TypeError) as e: return handle_error( message="%s: %s" % (request.url, str(e)), logger=logger, status_code=422, ) token = data["token"] password = data["password"] password_check = data["passwordCheck"] if password != password_check: return make_response("Passwords do not match", 422) db = DatabaseService() user_email = db.validate_reset_token(token=token) if not user_email: return make_response("Invalid token", 422) db.update_password(email=user_email, password=password) return make_response("OK", 200)
def forgot_password(): try: data = get_request_data( request, required_params=["email", "resetURL"], ) except (ValueError, TypeError) as e: return handle_error( message="%s: %s" % (request.url, str(e)), logger=logger, status_code=422, ) token = uuid.uuid4().hex mailgun_response = send_reset_link( email=data["email"], token=token, url=data["resetURL"], ) if mailgun_response.status_code != 200: return make_response( '''There was an error sending your reset link, please email [email protected] with this error: %s''' % mailgun_response.text, mailgun_response.status_code) db = DatabaseService() db.save_reset_token( email=data["email"], token=token, ) return make_response("OK", 200)
def login(): try: data = get_request_data(request, ["email", "password"]) except (ValueError, TypeError) as e: return handle_error(message="Invalid parameters: %s" % str(e), logger=logger, status_code=422) db = DatabaseService() userType = db.authenticate_user( email=data["email"], password=data["password"], ) if not userType: return make_response("Error: invalid credentials", 401) token = jwt.encode( { "subject": data["email"], "userType": userType }, app.config["SECRET_KEY"], algorithm="HS256", ) return jsonify({"token": token})
def create_validation_token(): try: data = get_request_data( request, required_params=["email"], ) except (ValueError, TypeError) as e: return handle_error( message="%s: %s" % (request.url, str(e)), logger=logger, status_code=422, ) token = DatabaseService().create_validation_token(email=data["email"]) if token is None: return make_response("Could not generate unique token", 500) return jsonify({"token": token})
def confirm_validation_token(): try: data = get_request_data( request, required_params=["token"], ) except (ValueError, TypeError) as e: return handle_error( message="%s: %s" % (request.url, str(e)), logger=logger, status_code=422, ) try: email = DatabaseService().confirm_validation_token(data["token"]) if email is not None: return jsonify({"email": email}) except TypeError: logger.error("Could not get email for token %s" % data["token"]) return make_response("Invalid token", 401)