def register():
body = should_look_like({
'username': str,
'password': str,
})
if not RegisteredUser.find_by_username(body['username']):
pw_hash = pbkdf2_sha256.hash(body['password'])
new_user = RegisteredUser(username=body['username'], pw_hash=pw_hash)
new_user.save_to_db()
user_profile = UserProfile(user_id=new_user.id,
username=new_user.username,
role_id=1)
user_profile.save_to_db()
id_token = make_token(new_user.id, 1, user_profile)
res = make_response()
res.set_cookie('id_token', id_token, httponly=True)
return res, 201
return 'Username: "******" has already been taken'.format(
body['username']), 403
def user(user_id):
'''admin endpoint for actions releated to specific user'''
if request.method == "GET":
user = RegisteredUser.get_profile_admin(user_id)
return jsonify({'user': user})
elif request.method == "PUT":
user = RegisteredUser.query.get(user_id)
def google_login():
GOOGLE_DISCOVERY_DOCUMENT = 'https://accounts.google.com/.well-known/openid-configuration'
try:
body = request.get_json()
discovery_document = requests.get(GOOGLE_DISCOVERY_DOCUMENT).json()
token_payload = {
'code': body.get('code'),
'redirect_uri': body.get('redirect_uri'),
'client_id': os.environ.get('GOOGLE_CLIENT_ID'),
'client_secret': os.environ.get('GOOGLE_CLIENT_SECRET'),
'grant_type': 'authorization_code',
}
google_user = requests.post(url=discovery_document['token_endpoint'],
data=token_payload).json()
decoded_id_token = jwt.decode(google_user['id_token'], verify=False)
app_user = RegisteredUser.query.filter_by(
oauth_openid=decoded_id_token['sub']).first()
if app_user:
return app_user
app_user = RegisteredUser(oauth_openid=decoded_id_token['sub'],
username=decoded_id_token['given_name'],
email=decoded_id_token['email'],
role_id=1) # deault role is 'contributer'
app_user.save_to_db()
return app_user
except BaseException as e:
print('ERROR IN GOOGLE HELPER', e)
abort(500)
def register():
res = ApiResponse()
body = should_look_like({
'username': str,
'password': str,
})
if not RegisteredUser.find_by_username(body['username']):
pw_hash = pbkdf2_sha256.hash(body['password'])
new_user = RegisteredUser(username=body['username'], pw_hash=pw_hash)
new_user.save_to_db()
user_profile = UserProfile(user_id=new_user.id,
username=new_user.username,
role_id=1)
user_profile.save_to_db()
id_token = make_token(new_user.id, user_profile, expires_hours=1)
res.set_cookie('id_token', id_token, httponly=True, secure=True)
res.status = 201
return res
res.message = 'Username: "******" has already been taken'.format(
body['username'])
res.status = 400
return res
def login():
body = should_look_like({
'username': str,
'password': str,
})
user = RegisteredUser.find_by_username(body['username'])
if user and pbkdf2_sha256.verify(body['password'], user.pw_hash):
user_profile = UserProfile.query.get(user.id)
id_token = make_token(user.id, 1, user_profile)
res = make_response()
res.set_cookie('id_token', id_token, httponly=True)
return res, 201
abort(403)
def profile():
user_id = get_jwt_identity()
user = RegisteredUser.get_profile_user(user_id)
if user:
return jsonify(user)
abort(404)