def put(cls):
myId = get_jwt_identity()
data = cls.parser.parse_args()
user = UserModel.find_by_id(myId)
password = data["password"]
salt = urandom(32)
user.password = hashPassword(password, salt)
user.salt = base64.b64encode(salt)
user.save_to_db()
return {'message': 'Success'}, 200
def put(cls):
data = cls.parser.parse_args()
user = UserModel.find_by_id(get_jwt_identity())
password = data["password"]
salt = urandom(32)
data["password"] = hashPassword(password, salt)
data["salt"] = base64.b64encode(salt)
user.password = data['password']
user.salt = data['salt']
user.save_to_db()
return {'message': 'Pomyślnie zmieniono hasło'}, 200
def post(cls):
data = cls.parser.parse_args()
user = UserModel.find_by_username(data['username'])
if (user is None):
return {'message': "Invalid credentials"}, 401
salt = base64.b64decode(user.salt) # decoding base64 to bytes
password_hash = hashPassword(data['password'],
salt) # password hash is in base64 format
if safe_str_cmp(user.password, password_hash):
access_token = create_access_token(identity=user.id, fresh=True)
# refresh_token = create_refresh_token(user.id)
return {'access_token': access_token, 'user': user.json()}, 200
return {'message': "Invalid credentials"}, 401
def post(cls):
data = cls.parser.parse_args()
if UserModel.find_by_username(data["username"]):
return {"message": "User already exists"}, 400
password = data["password"]
salt = urandom(32)
data["password"] = hashPassword(password, salt)
# encoding random salt bytes to b64 format(db write)
data["salt"] = base64.b64encode(salt)
user = UserModel(**data)
user.save_to_db()
return {'message': 'User created successfully.'}, 201