def getAll(**kwargs):
session = create_session()
token = kwargs.get("token_info").get("token")
user_q = decode_auth_token(session, token)
if not user_q.is_admin:
return "No autorizado", 401
user_schema = UserSchema(exclude=["password", "id"])
user_q_list = get_all_users_by_kwargs(session)
data = user_schema.dump(user_q_list, many=True)
return data, 200
def test_user_schema_deserialization_succeeds(self):
"""Test the user data deserialization."""
schema = UserSchema()
user = schema.load_into_schema(USER_DATA, partial=True)
user_deserialized = {
'last_name': USER_DATA['lastname'],
'password': USER_DATA['password'],
'email': USER_DATA['email'],
'first_name': USER_DATA['firstname']
}
assert user == user_deserialized
def post(self):
"""Post request for user registration"""
# instantiate the user schema
user_schema = UserSchema()
# get the request data in json format
request_json = request.get_json()
# serialize and validate the request
user_details = user_schema.load_into_schema(request_json, partial=True)
user_details['first_name'] = user_details['first_name'].strip()
user_details['last_name'] = user_details['last_name'].strip()
# check if the user already exist
found_user = User.query_(email=user_details['email']).first()
if found_user:
return {
'status': 'error',
'message': MESSAGES['DUPLICATES'].format(found_user.email)
}, 409
# hash password
user_details['password'] = Encryption.hash(user_details['password'])
# generate a random unique username
user_details['username'] = push_id.next_id()[8:]
link, user_details['token'] = generate_link(request, user_details)
# save to database and serialize the returned user data
saved_user = User(**user_details).save()
# if the save was successful, send out the verification email and
# return a success message.
if saved_user:
MailGun.with_api(
saved_user.email,
email_verification.format(style, link, 'Verification Link'),
'Email verification')
return {
'status': 'success',
'message': MESSAGES['REGISTER'],
}, 201
def post(self):
"""Post request to reset password"""
# instantiate the user schema
schema = UserSchema(only=['id', 'email', 'verified'])
# get the request data in json format
request_json = request.get_json()
# serialize and find the user data in the database
user = schema.load_into_schema(request_json, partial=True)
found_user = User.query_(email=user['email'], deleted=False).first()
# throw an error if not found
if not found_user:
return {'status': 'error', 'message': MESSAGES['NOT_FOUND']}, 404
# throw an error if user is found but not yet verified
if found_user and not found_user.verified:
return {
'status': 'error',
'message': MESSAGES['NOT_VERIFIED']
}, 401
else:
# generate a reset token and link
link, user['password_reset'] = generate_link(request,
user,
type='password_reset')
# send the link to the email provided
MailGun.with_api(
found_user.email,
email_verification.format(style, link, 'Reset your password'),
'Password Reset')
# update the user data
found_user.update_(**user)
# return success messages
return {
'status': 'success',
'message': MESSAGES['RESET_LINK'],
}, 200
def post(self):
"""Post request for user login"""
# initialize the schema
schema = UserSchema()
# get the request details as json
request_json = request.get_json()
# serialize and find the user data in the database
user_details = schema.load_into_schema(request_json, partial=True)
found_user = User.query_(email=user_details['email'], deleted=False)\
.first()
# throw an error if not found
if not found_user:
return {'status': 'error', 'message': MESSAGES['NOT_FOUND']}, 404
# deserialize the user data if found, and verify the password
user = schema.dump(found_user).data
is_match = Encryption.verify(user['password'],
user_details['password'])
# if password did not match throw an error
if not is_match:
return {
'status': 'error',
'message': MESSAGES['UNAUTHORIZED']
}, 401
else:
# format the data and generate a JWT token.
formatted_data = format_user(user)
token = Encryption.tokenize(
formatted_data, subject='User_Login', days=14)
return {
'status': 'success',
'message': MESSAGES['LOGIN'],
'data': {
'token': token,
}
}, 200
def get(self):
try:
# Get usernames.
usernames = [] if request.args.get(
'usernames') is None else request.args.get('usernames').split(
',')
# Get emails.
emails = [] if request.args.get(
'emails') is None else request.args.get('emails').split(',')
# Get start date.
start_date = datetime.strptime(request.args.get('start_date'),
'%d.%m.%Y')
# Get end date.
end_date = datetime.strptime(request.args.get('end_date'),
'%d.%m.%Y')
# Filter users by usernames, emails and range of date.
users = User.query\
.filter(User.username.in_(usernames))\
.filter(User.email.in_(emails))\
.filter(User.created.between(start_date, end_date))\
.all()
# Create user schema for serializing.
user_schema = UserSchema(many=True)
# Get json data
data, errors = user_schema.dump(users)
# Return json data from db.
return data
except Exception as why:
# Log the error.
logging.error(why)
# Return error.
return error.INVALID_INPUT_422
def test_get(self, new_user):
"""Test that we can get data from the model.
Args:
new_user (func): Creates new user to the database.
Returns:
None
"""
new_user.save()
schema = UserSchema(many=True)
user = schema.dump(User.query_()).data[0]
assert user['firstName'] == FIXTURE_NEW_USER['first_name']
assert user['lastName'] == FIXTURE_NEW_USER['last_name']
assert user['email'] == FIXTURE_NEW_USER['email']
def get(self, email):
"""Get request to resend the user's verification link.
Args:
email (str): The email to send the verification link to
Returns:
JSON: The json response
"""
# initialize the schema
user_schema = UserSchema(only=['token', 'email', 'verified'])
# find the email
found_user = User.query_(email=email).first()
# throw an error if not found
if not found_user:
return {'status': 'error', 'message': MESSAGES['NOT_FOUND']}, 404
# throw an error if the user is not verified
if found_user.verified:
return {'status': 'error', 'message': MESSAGES['VERIFIED']}, 409
# deserialize the user data and generate the verification link
user_details = user_schema.dump(found_user).data
link, user_details['token'] = generate_link(request, user_details)
# updates the user in the database
found_user.update_(**user_details)
# sends out the email verification link
MailGun.with_api(
found_user.email,
email_verification.format(style, link, 'Click to Verify'),
'Email verification')
# return a success message upon completion
return {
'status': 'success',
'message': MESSAGES['RESEND_EMAIL'],
}, 200
def patch(self):
"""patch request to reset the user's password"""
# instantiate the user schema
user_schema = UserSchema()
# get the verification_token from the request params
reset_token = request.args.get('token')
# get the request data in json format
request_json = request.get_json()
# check if the token is valid
# serialize the request data and
# look for the token in the database
Encryption.detokenize(reset_token)
user_details = user_schema.load_into_schema(request_json, partial=True)
found_token = User.query_(password_reset=reset_token).first()
# throw an error if not found
if not found_token:
return {
'status': 'error',
'message': MESSAGES['RESET_LINK_RESEND']
}, 404
else:
# set the password reset column to none
user_details['password_reset'] = None
# hash the new password and update the password
user_details['password'] = Encryption.hash(
user_details['password'])
found_token.update_(**user_details)
return {
'status':
'success',
'message':
MESSAGES['PROCEED_TO_LOGIN'].format(
'Your password has been changed')
}, 200
def test_user_schema_serialization_succeeds(self, new_user):
"""Test the user data deserialization.
Args:
new_user (func): Creates new user to the database.
Returns:
None
"""
schema = UserSchema(exclude=EXCLUDES)
user = new_user.save()
user_data_object = schema.dump(user).data
assert FIXTURE_NEW_USER['first_name'] == user_data_object['firstName']
assert FIXTURE_NEW_USER['last_name'] == user_data_object['lastName']
assert FIXTURE_NEW_USER['email'] == user_data_object['email']
def post(body):
try:
user_schema = UserSchema()
errors = user_schema.validate(body)
if errors:
return errors, 400
session = create_session()
user_q = check_user_by_username_or_email(session, body.get('username'),
body.get('email'))
if user_q is not None:
if user_q.email == body.get(
'email') and user_q.username == body.get('username'):
session.close()
return "Usuario ya existente"
if user_q.email == body.get('email'):
session.close()
return "Correo ya esta assignado", 404
elif user_q.username == body.get('username'):
session.close()
return "Nombre usuario ya esta assignado", 404
data = {
'username': body.get('username'),
'password': body.get('password'),
'email': body.get('email')
}
user = create_user(session, data)
created = user is not None
if created:
role_q = get_role_by_name(session, "user")
user_role = {'user_id': user.id, 'role_id': role_q.id}
insert_into_user_role(session, user_role)
user_q = get_user_by_query(session, **data)
session.close()
send_activate_user(user_q.email, user_q.public_id)
return "Usuario creado", 204
else:
session.close()
return "Bad Request", 400
except Exception as err:
print(err)
return "Bad Request", 400
def test_user_schema_raises_exception(self):
"""Test the user schema validation exception."""
schema = UserSchema()
with pytest.raises(ValidationError):
schema.load_into_schema(USER_DATA)