def put(self, id): '''Update User''' my_user = User.fetch_by_id(id) user = user_schema.dump(my_user) if len(user) == 0: abort(400, 'User does not exist') authorised_user = get_jwt_identity() if id != authorised_user['id']: abort( 400, 'You cannot modify this user! Please log in as this user to modify.' ) # 403 data = api.payload if not data: abort(400, 'No input data detected') email = data['email'].lower() db_user = User.fetch_by_email(email) user_to_check = user_schema.dump(db_user) if len(user_to_check) > 0: if email == user_to_check['email'] and id != user_to_check['id']: abort(400, 'Falied... A user with this email already exists') id_no = data['id_no'] db_user = User.fetch_by_id_no(id_no) user_to_check = user_schema.dump(db_user) if len(user_to_check) > 0: if id_no == user_to_check['email'] and id != user_to_check['id']: abort(400, 'Falied... A user with this email already exists') full_name = data['full_name'].lower() country_code = data['country_code'] phone = data['phone'] User.update_user(id=id, email=email, id_no=id_no, full_name=full_name, country_code=country_code, phone=phone) this_user = User.fetch_by_id_no(id_no) current_user = user_schema.dump(this_user) return {'message': 'User updated', 'user': current_user}, 200
def post(self): '''Register User''' data = api.payload if not data: abort(400, 'No input data detected') email = data['email'].lower() user = User.fetch_by_email(email) if user: abort(400, 'Falied... A user with this email already exists') id_no = data['id_no'] user = User.fetch_by_id_no(id_no) if user: abort(400, 'Falied... A user with this ID number already exists') full_name = data['full_name'].lower() hashed_password = generate_password_hash(data['password'], method='sha256') new_user = User(email=email, id_no=id_no, full_name=full_name, country_code=data['country_code'], phone=data['phone'], password=hashed_password) new_user.insert_record() user = user_schema.dump(data) this_user = User.fetch_by_email(email) UserPrivilege.generate_user_role(user_id=this_user.id) user_id = UserPrivilege.user_id role = UserPrivilege.role new_user_role = UserRole(user_id=user_id, role=role) new_user_role.insert_record() privileges = UserPrivilege.privileges expiry_time = timedelta(minutes=30) my_identity = {'id': this_user.id, 'privileges': privileges} access_token = create_access_token(identity=my_identity, expires_delta=expiry_time) refresh_token = create_refresh_token(my_identity) return { 'message': 'Success', 'access token': access_token, "refresh_token": refresh_token, 'user': user }, 201
def post(self): '''Log in user''' data = api.payload if not data: abort(400, 'No input data detected') id_no = data['id_no'] this_user = User.fetch_by_id_no(id_no) if this_user: if check_password_hash(this_user.password, data['password']): current_user = user_schema.dump(this_user) user_id = this_user.id user_role = UserRole.fetch_by_user_id(user_id) UserPrivilege.get_privileges(user_id = user_id, role= user_role.role) privileges = UserPrivilege.privileges expiry_time = timedelta(minutes=30) my_identity = {'id':this_user.id, 'privileges':privileges} access_token = create_access_token(identity=my_identity, expires_delta=expiry_time) refresh_token = create_refresh_token(my_identity) return {'message': 'User logged in', 'user': current_user, 'access_token': access_token, "refresh_token": refresh_token}, 200 if not this_user or not check_password_hash(this_user.password, data['password']): return {'message': 'Could not log in, please check your credentials'}, 400