class UpdateUserSchema(ma.Schema, PublisherChecks):
name = fields.Str(validate=validate.Length(min=1, max=100), missing=None)
email = fields.Str(validate=validate.Email(), missing=None)
role = fields.Str(validate=validate.OneOf([r[0] for r in ROLES]), missing=None)
publisher_id = fields.Integer(missing=None)
@validates_schema
def check_all(self, data, **_): # noqa
if not any([v for v in data.values()]):
raise ValidationError('All fields are empty')
class RegisterAPI(MethodView):
@use_kwargs({'email': fields.Str(required=True, validate=validate.Email(error='邮件格式错误'))}, locations=('form',))
@use_kwargs(account_args, locations=('form',))
def post(self, email, username, password):
user = User.query.filter_by(email=email).first()
if user is not None:
return response(code=1, message=f'邮箱 {user.email} 已存在')
user = User.query.filter_by(username=username).first()
if user is not None:
return response(code=1, message=f'用户名 {user.username} 已存在')
user = User(username=username, email=email)
user.set_password(password)
db.session.add(user)
db.session.commit()
return response(message='注册成功')
class RoleUserListResource(TokenRequiredResource):
get_args = {
"name":
fields.String(allow_none=True, validate=lambda x: 0 <= len(x) <= 255),
"email":
fields.Email(allow_none=True, validate=validate.Email()),
"location":
fields.String(allow_none=True, validate=lambda x: 0 <= len(x) <= 255),
"confirmed":
fields.Boolean(),
"created_at":
fields.DateTime(allow_none=True, format="iso8601"),
}
@admin_required
@use_args(get_args)
def get(self, query_args, id):
filters = [User.role_id == id]
if "name" in query_args:
filters.append(
User.name.like("%{filter}%".format(filter=query_args["name"])))
if "email" in query_args:
filters.append(
User.email.like(
"%{filter}%".format(filter=query_args["email"])))
if "location" in query_args:
filters.append(
User.location.like(
"%{filter}%".format(filter=query_args["location"])))
if "confirmed" in query_args:
filters.append(User.confirmed == query_args["confirmed"])
if "created_at" in query_args:
filters.append(User.created_at == query_args["created_at"])
pagination_helper = PaginationHelper(
request,
query=User.query.filter(*filters),
resource_for_url="api.role_users",
key_name="results",
schema=user_schema,
url_parameters={"id": id},
)
result = pagination_helper.paginate_query()
return result
def post(self):
input_args = {
"email": fields.Str(required=True, validate=validate.Email()),
"title": fields.Str(required=True)
}
args = parser.parse(input_args, request)
user = User.query.filter_by(email=args["email"]).first_or_404()
book = Book.query.filter_by(title=args["title"]).first_or_404()
request_exists = db.session.query(
db.session.query(BookRequest).filter(
BookRequest.book == book and BookRequest.deleted_at is None
).exists()).scalar()
if not request_exists: # Book is available
new_request = BookRequest(
book=book,
user=user
)
db.session.add(new_request)
db.session.commit()
return jsonify(
{
"id": book.id,
"available": True,
"title": book.title,
"timestamp": new_request.created_at.strftime('%Y-%m-%dT%H:%M:%S.%f'),
}
), 201
else: # Book is not available
return jsonify(
{
"id": book.id,
"available": False,
"title": book.title,
"timestamp": datetime.now().strftime('%Y-%m-%dT%H:%M:%S.%f'),
}
), 400
from webargs import fields, validate
robot_put_args = {
"robot_id": fields.Str(required=True, location="view_args"),
"name": fields.Str(required=True, ),
"description": fields.Str(required=True, ),
"type": fields.Int(required=True, )
}
robot_post_args = {
"name": fields.Str(required=True, ),
"description": fields.Str(required=True, ),
"type": fields.Int(required=True, )
}
register_args = {
"name": fields.Str(required=True, validate=validate.Length(min=4)),
"email": fields.Str(required=True, validate=validate.Email()),
"password": fields.Str(required=True, validate=lambda p: len(p) >= 6),
"college": fields.Int(required=True)
}
login_args = {
"email": fields.Str(required=True, validate=validate.Length(min=4)),
"password": fields.Str(required=True, validate=lambda p: len(p) >= 6),
}
forget_args = {
"email": fields.Str(required=True, validate=validate.Email()),
}
data_args = {
"robot_id": fields.Str(required=True),
"position_x": fields.Str(required=True),
from server.token import generate_confirmation_token, confirm_token
from flask_jwt_extended import (
create_access_token,
get_jti,
get_jwt_identity,
jwt_required,
get_raw_jwt,
)
from server.helpers.blacklist_tokens import BlacklistTokens
bp = Blueprint("auth", __name__, url_prefix="/api")
@bp.route("/session/auth", methods=["POST"])
@use_kwargs({
"email": fields.Str(required=True, validate=validate.Email()),
"password": fields.Str(required=True),
})
def login(**payload):
db_user = User.auth(email=payload["email"], password=payload["password"])
if not db_user or not db_user.confirmed:
return (
jsonify({
"message": "Invalid credentials",
"authenticated": False,
"confirmed": False,
}),
401,
)
fields.Int(required=True, validate=[validate.Range(min=1000, max=9999)]),
"leading_digits":
fields.Int(required=False, validate=[validate.Range(min=1000, max=9999)]),
"card_type":
fields.Str(required=False),
"end_date":
fields.DateTime(required=False, format='%m.%Y'),
"start_date":
fields.DateTime(required=False, format='%m.%Y')
}
put_args = {
"first_name":
fields.Str(required=True),
"email":
fields.Email(required=True, validate=validate.Email()),
"trailing_digits":
fields.Int(required=True, validate=[validate.Range(min=1000, max=9999)]),
"leading_digits":
fields.Int(required=False, validate=[validate.Range(min=1000, max=9999)]),
"card_type":
fields.Str(required=False),
"end_date":
fields.DateTime(required=False, format='%m.%Y'),
"start_date":
fields.DateTime(required=False, format='%m.%Y')
}
class Customer(Resource):
@use_kwargs(get_args)
from webargs import fields, validate
from flask import make_response, jsonify
from functools import wraps
from .models import User
blogs_args = {
#required arguments and their validations
'title': fields.Str(required=True, validate=validate.Length(3)),
'blog': fields.Str(required=True, validate=validate.Length(3))
}
blogs_id_arg = {'id': fields.Int()}
user_args = {
'username': fields.Str(required=True, validate=validate.Length(5)),
'email': fields.Str(required=True, validate=validate.Email()),
'password': fields.Str(required=True, validate=validate.Length(7))
}
login_args = {
'email': fields.Str(required=True, validate=validate.Email()),
'password': fields.Str(required=True, validate=validate.Length(7))
}
email_args = {
'email': fields.Str(required=True, validate=validate.Email()),
}
reset_password = {
'username': fields.Str(required=True, validate=validate.Length(5)),
'email': fields.Str(required=True, validate=validate.Email()),
'password': fields.Str(required=True, validate=validate.Length(7)),
'retyped_password': fields.Str(required=True, validate=validate.Length(7))
}
:param password: Input password
"""
# Validation rules
xp = re.compile(r'^(?=.*?\d)(?=.*?[A-Z])(?=.*?[a-z])[\S]{6,}$')
# Match password
if not xp.match(password):
raise ValidationError('Enter a combination of at least 6 numbers,'
'(upper and lowercase) letters.')
# Reusable args
user_email_arg = fields.String(validate=[
validate.Email(),
validate.Length(max=255), validate_user_email_exist
],
required=True)
user_password_arg = fields.String(
validate=[validate.Length(max=255), validate_strong_password],
required=True)
user_secret_code_arg = fields.String(validate=[validate.Length(min=6)],
required=True)
user_name_arg = fields.String(validate=[validate.Length(max=55)],
required=True)
# User create args
class LoginUserSchema(ma.Schema):
email = fields.Str(validate=validate.Email(), required=True)
password = fields.Str(validate=validate.Length(max=100), required=True)
class AddUserSchema(ma.Schema, PublisherChecks):
name = fields.Str(validate=validate.Length(min=1, max=100), required=True)
email = fields.Str(validate=validate.Email(), required=True)
password = fields.Str(validate=validate.Length(min=6, max=100), required=True)
role = fields.Str(validate=validate.OneOf([r[0] for r in ROLES]), missing=ROLE_USER)
publisher_id = fields.Integer(missing=None)
class UserListResource(TokenRequiredResource):
get_args = {
"search": fields.String(allow_none=True, validate=lambda x: 0 <= len(x) <= 255),
"sort": fields.String(allow_none=True, validate=lambda x: 0 <= len(x) <= 255),
"name": fields.String(allow_none=True, validate=lambda x: 0 <= len(x) <= 255),
"email": fields.Email(allow_none=True, validate=validate.Email()),
"location": fields.String(allow_none=True, validate=lambda x: 0 <= len(x) <= 255),
"confirmed": fields.Boolean(allow_none=True),
"role_id": fields.Integer(allow_none=True, validate=lambda x: x > 0),
"created_at": fields.DateTime(allow_none=True, format="iso8601"),
}
@staff_required
@use_args(get_args)
def get(self, query_args):
query = User.query
# Apply filters
filters = []
if "search" in query_args and query_args["search"]:
filters.append(
or_(
User.name.like("%{filter}%".format(filter=query_args["search"])),
User.email.like("%{filter}%".format(filter=query_args["search"])),
)
)
if "name" in query_args and query_args["name"]:
filters.append(User.name.like("%{filter}%".format(filter=query_args["name"])))
if "email" in query_args and query_args["email"]:
filters.append(User.email.like("%{filter}%".format(filter=query_args["email"])))
if "location" in query_args and query_args["location"]:
filters.append(User.location.like("%{filter}%".format(filter=query_args["location"])))
if "confirmed" in query_args:
filters.append(User.confirmed == query_args["confirmed"])
if "role_id" in query_args and query_args["role_id"]:
filters.append(User.role_id == query_args["role_id"])
if "created_at" in query_args and query_args["created_at"]:
filters.append(User.created_at == query_args["created_at"])
if filters:
query = query.filter(*filters)
# Apply sorting
order_by = User.id
if "sort" in query_args and query_args["sort"]:
column, direction = PaginationHelper.decode_sort(query_args["sort"])
if column == "role.name":
query = query.join(Role, User.role)
order_by = Role.name
elif column in set(User.__table__.columns.keys()):
order_by = getattr(User, column)
order_by = collate(order_by, "NOCASE")
if direction == PaginationHelper.SORT_DESCENDING:
order_by = desc(order_by)
query = query.order_by(order_by)
pagination_helper = PaginationHelper(
request,
query=query,
resource_for_url="api.users",
key_name="results",
schema=user_schema,
query_args=query_args,
)
result = pagination_helper.paginate_query()
return result
@staff_required
def post(self):
request_dict = request.get_json()
if not request_dict:
resp = {"message": "No input data provided"}
return resp, status.HTTP_400_BAD_REQUEST
errors = user_schema.validate(request_dict)
if errors:
return errors, status.HTTP_400_BAD_REQUEST
user_email = request_dict["email"]
if not User.is_unique(id=0, email=user_email):
response = {"message": "A user with the same e-mail address already exists"}
return response, status.HTTP_409_CONFLICT
try:
user = User(
name=request_dict["name"],
email=request_dict["email"],
password=request_dict["password"],
confirmed=request_dict["confirmed"] if "confirmed" in request_dict else False,
location=request_dict["location"] if "location" in request_dict else "",
about_me=request_dict["about_me"] if "about_me" in request_dict else "",
)
user.add(user)
query = User.query.get(user.id)
result = user_schema.dump(query).data
return result, status.HTTP_201_CREATED
except SQLAlchemyError as e:
db.session.rollback()
resp = {"message": str(e)}
return resp, status.HTTP_400_BAD_REQUEST
@staff_required
def delete(self):
""" Bulk delete """
request_dict = request.get_json()
if not request_dict:
response = {"message": "No input data provided"}
return response, status.HTTP_400_BAD_REQUEST
if "ids" in request_dict and (isinstance(request_dict["ids"], List) or isinstance(request_dict["ids"], Tuple)):
ids = list(map(int, request_dict["ids"]))
try:
for id_ in ids:
user = User.query.get(id_)
if user:
db.session.delete(user)
db.session.commit()
return {}, status.HTTP_204_NO_CONTENT
except SQLAlchemyError as e:
db.session.rollback()
resp = {"message": str(e)}
return resp, status.HTTP_400_BAD_REQUEST
class UserAPI(MethodView):
# class constant for web field validation
WEBARGS = {
"username": fields.Str(required=True),
"email": fields.Str(required=True, validate=validate.Email())
}
# curl -i -X GET http://localhost:5000/api/v1/users/
# curl -i -X GET http://localhost:5000/api/v1/users/2
def get(self, user_id):
if user_id is None:
# return a list of users
user_list = [user.to_dict() for user in User.query.all()]
if user_list:
return make_response(jsonify(user_list), 200)
else:
abort(404, description="No Users found")
else:
# return a single user
user = User.query.get(user_id)
if user:
return make_response(jsonify(user.to_dict()), 200)
else:
abort(404,
description="User not found, id: {}".format(user_id))
# curl -i -X POST -H 'Content-Type: application/json' -d '{"username": "******", "email": "*****@*****.**"}' http://localhost:5000/api/v1/users/
def post(self):
args = parser.parse(UserAPI.WEBARGS, request)
try:
user = User.create(args["username"], args["email"])
return make_response(jsonify(user.to_dict()), 200)
except exc.IntegrityError as e:
errorInfo = e.orig.args
error_message = errorInfo[0]
raise exceptions.APIException(
message='Unable to create user, duplicates found: {}'.format(
error_message))
# curl -i -X DELETE http://localhost:5000/api/v1/users/6
def delete(self, user_id):
user = User.query.get(user_id)
if user:
deleted = user.delete()
if deleted:
return make_response(jsonify({user.username: "******"}), 200)
else:
raise exceptions.APIException(
message='Unable to delete user: {}'.format(user.username))
else:
abort(404, description="User not found, id: {}".format(user_id))
# curl -i -X PUT -H 'Content-Type: application/json' -d '{"username": "******", "email": "*****@*****.**"}' http://localhost:5000/api/v1/users/3
def put(self, user_id):
# update a single user
user = User.query.get(user_id)
if user:
args = parser.parse(UserAPI.WEBARGS, request)
try:
updated_user = user.update(args["username"], args["email"])
if updated_user:
return make_response(jsonify(user.to_dict()), 200)
else:
return make_response(
jsonify({user.username: "******"}), 200)
except exc.IntegrityError as e:
errorInfo = e.orig.args
error_message = errorInfo[0]
raise exceptions.APIException(
message='Unable to update user, duplicates found: {}'.
format(error_message))
else:
abort(404, description="User not found, id: {}".format(user_id))
