def create_admin():
"""Create admin user."""
config = flask.current_app.config
user = User(username=config["ADMIN_USERNAME"],
email=config["ADMIN_EMAIL"],
is_admin=True)
user.set_password(config["ADMIN_PASSWORD"])
database.session.add(user)
database.session.commit()
def create_user():
json = flask.request.get_json() or {}
try:
data = user_schema.load(json)
except ValidationError as error:
raise APIError(422, details=error.messages)
check_unique_on_create(User.query, data, ["username", "email"])
password = data.pop("password", None)
user = User(**data)
assert password is not None
user.set_password(password)
database.session.add(user)
database.session.commit()
data = user_schema.dump(user)
response = jsonify(data)
response.status_code = 201
response.headers["Location"] = flask.url_for("user.get_user", id=user.id)
return response
def verify_token(token):
flask.g.current_user = User.check_token(token) if token else None
return flask.g.current_user is not None
def test_check_token_succeeds_for_new_token_after_old_token_was_revoked(user):
token = user.get_token()
user.revoke_token()
token = user.get_token()
assert User.check_token(token) is not None
def test_check_token_returns_none_if_token_is_expired(user):
token = user.get_token()
user.revoke_token()
assert User.check_token(token) is None
def test_check_token_returns_none_if_user_has_no_token(user, token):
assert User.check_token(token) is None
def test_check_token_returns_none_if_token_is_invalid(user, token):
user.get_token()
assert User.check_token(token) is None
def test_check_token_returns_user_if_token_is_valid(user):
token = user.get_token()
dbuser = User.check_token(token)
assert user.id == dbuser.id
assert user.username == dbuser.username
assert user.email == dbuser.email