def put(self, username):
data = UserInfo.parser.parse_args()
user = UserModel.find_by_username(username)
if user:
if data['password']:
data['password'] = UserModel.get_password_hash(
data['password'])
user.password = data['password']
if data['first_name']:
user.first_name = data['first_name']
if data['last_name']:
user.last_name = data['last_name']
if data['active']:
user.active = data['active']
else:
if data['password']:
data['password'] = UserModel.get_password_hash(
data['password'])
user = UserModel(username, data['password'], data['first_name'],
data['last_name'], data['active'])
user.save_to_db()
return user.json()
def signin():
"""Signin"""
form = SigninEmailForm()
from app.models.user import User as UserModel
if form.validate_on_submit():
email = form.email.data
password = form.password.data
user = User(email, email)
new_user = UserModel.query.filter_by(email=email).first()
if new_user is None:
new_user = UserModel(email=email)
new_user.set_password(password)
DB.session.add(new_user)
DB.session.commit()
if new_user.check_password(password) is False:
form.password.errors.append('Wrong password or you forgot it.')
return render_template('signin.html', form=form)
login_user(user, remember=True)
resp = make_response(redirect(url_for('chat'), code=307))
return resp
return render_template('signin.html', form=form)
def post(self):
parser = reqparse.RequestParser()
parser.add_argument('email', required=True)
parser.add_argument('password', required=True)
parser.add_argument('first_name')
parser.add_argument('last_name')
args = parser.parse_args()
user = UserModel(email=args['email'],
password=args['password'],
first_name=args['first_name'],
last_name=args['last_name'])
db.session.add(user)
try:
db.session.commit()
except Exception as e:
match = duplicate_pattern.search(e.message)
if match:
db.session.rollback()
groups = {
'value': match.group('value'),
'filed': match.group('filed')
}
abort(409,
message="duplicate value '{value}' for key '{filed}'".
format(**groups),
**groups)
_send_activate_email(user.email)
return {'id': user.id}, 201
def test_user_json(self):
with self.app_context():
# to test user we need to create user right
userright = UserRightModel('test right')
userright.save_to_db()
user = UserModel('*****@*****.**', 'abcd')
user.save_to_db()
expected = {
'id': 1,
'email': '*****@*****.**',
'right_id': 1,
'right': {
'id': 1,
'right': 'test right'
},
'username': '',
'position': '',
'hide': False
}
self.assertEqual(
user.json(), expected,
f"The JSON export of the user is incorrect. Received {user.json()}, expected {expected}"
)
def test_user(self):
u = UserModel(firstname="dodo",
lastname="duck",
username="******",
email="*****@*****.**",
password="******")
self.assertEqual(u.username, "dodo")
def login_by_google_callback():
"""Github OAuth 回调
"""
code, state, info = OAuthSignIn.get_provider('google').callback()
if code is None:
return 'google 授权失败'
if current_user.is_authenticated:
if _get_user_oauth_state('google') != state:
return '错误的用户,授权失败'
user = UserModel.query.filter_by(google_id=info.get('id')).first()
if user is not None and user.id != current_user.id:
return ' google 帐户已经被绑定过了'
current_user.google_id = info.get('id')
current_user.google_email = info.get('email')
current_user.google_name = info.get('name')
db.session.commit()
return '绑定成功'
else:
user = UserModel.query.filter_by(google_id=info.get('id')).first()
if user is None:
user = UserModel(
google_id=info.get('id'),
google_email=info.get('email'),
google_name=info.get('name'),
)
db.session.add(user)
_login_user(user)
return '登录成功'
def test_user_list(self):
with self.app() as c:
with self.app_context():
user = UserModel("*****@*****.**", "password")
user.save_to_db()
r = c.get('users')
expected = {
"users": [{
"id": 1,
"email": "*****@*****.**",
"right_id": 1,
"right": {
"id": 1,
"right": "blocked"
},
"username": "",
"position": "",
"hide": False
}]
}
self.assertEqual(r.status_code, 200)
self.assertDictEqual(d1=expected, d2=json.loads(r.data))
def create():
if not current_user.is_admin:
return 'forbidden access'
if request.method == 'GET':
return render_template('user/create.html')
else:
name = request.form['name']
email = request.form['email']
password = request.form['password']
raw_password = hashlib.sha256(password.encode()).hexdigest()
hashed_password = bcrypt.hashpw(raw_password.encode(),
bcrypt.gensalt())
admin = UserModel(name=name,
email=email,
password=hashed_password,
is_admin=False)
try:
admin.insert()
db.session.commit()
except:
db.session.rollback()
message = 'Error while inserting user'
message = 'User successfully created'
return render_template('user/create.html', message=message)
def post(self):
data = User.parser.parse_args()
first_name = data['first_name']
last_name = data['last_name']
email = data['email']
password = data['password']
if UserModel.find_by_email(email):
return {
'result': 'Email {} is already registered'.format(email)
}, 400
user = UserModel(userid=str(uuid.uuid1()),
first_name=first_name,
last_name=last_name,
email=email,
password=password)
user.set_password()
try:
user.save_to_db()
return user.json()
except Exception as err:
return {
'result':
'There was an error while registering your email {}'.format(
email)
}, 500
def post(self):
data = EmployeeController.parser.parse_args()
username = data['username']
email = data['email']
if (UserModel.find_by_username(username)
or UserModel.find_by_email(email)):
return {'message': "User already exists."}, 400
# Because only admin can create employee
admin_user = AdminModel.find_by_user_id(current_identity.id)
if not admin_user:
abort(403,
message="Please use admin or ask admin to crete company.")
# Create a new Employee user
employee = EmployeeModel(isAdmin=data['isAdmin'])
user_data = data
del user_data['isAdmin']
user = UserModel(**user_data)
user = user.hash_password()
user.employee_id = employee
employee.user_id = user
# save the database
try:
db.session.add(user)
db.session.add(employee)
db.session.commit()
except (ArgumentError, DataError):
abort(500,
message="Server internal error due to invalid argument.")
return employee.get_employee(user), 201
def check_session(*args, **kwargs):
from app.models.session import Session
from app.models.user import UserModel
g.user = None
header = current_app.config.get("SESSION_HEADER")
session_id = request.headers.get(header)
session = Session()
session_data = session.read(session_id)
if session_data:
g.user = UserModel(session_id)
g.user.load()
if request.endpoint in ["session", "status"]:
pass
elif request.method == "POST" and request.endpoint == "user":
if not validate_session(session_id):
abort(403)
else:
if not validate_session(session_id):
abort(403)
if request.method in ["POST", "PUT", "PATCH", "DELETE"]:
if request.endpoint == "auth":
pass
elif not g.user or not g.user.get_id():
print("Request denied (no auth)", request.endpoint)
abort(403)
g.session_id = session_id
def create_user(self, first_name, last_name, email_address, password):
user = UserModel(first_name=first_name,
last_name=last_name,
email_address=email_address,
password=password)
user.save()
return user
def put(cls, user_id):
data = request.get_json()
create_error = UserSchema().validate(data)
update_error = UserUpdateSchema().validate(data)
if update_error:
return {'message': update_error}, 400
if data.get('password', None):
data['password'] = bcrypt.generate_password_hash(
data['password'], 10)
user_by_id = UserModel.get_by_id(user_id)
if user_by_id:
try:
UserModel.update_by_id(user_id, data)
return {'message': 'user was updated'}, 200
except IntegrityError as err:
return {'message': err.args}, 400
if create_error:
return {'message': create_error}, 400
user = UserModel(**data)
if UserModel.get_by_email(user.email):
return {
'message': f'User with email {user.email} already exist'
}, 400
user.password = bcrypt.generate_password_hash(user.password)
user.save()
return {'message': 'User was created'}, 201
def post(self):
'''
유저 회원가입
'''
id = request.json['id']
pw = request.json['pw']
pw_check = request.json['pw_check']
name = request.json['name']
if not pw == pw_check:
abort(406)
user = UserModel.objects(id=id).first()
if user is not None:
abort(409)
UserModel(
id=id,
pw=pw,
name=name,
level=1,
exp=0,
).save()
return '', 201
def test_create_user(self):
user = UserModel('*****@*****.**', 'abcd')
self.assertEqual(user.email, '*****@*****.**',
"The name of the user after creation does not equal the constructor argument")
self.assertEqual(user.password, 'abcd',
"The password of the user after creation does not equal the constructor argument")
def user_loader(_login):
from app.models.user import User as UserModel
tmp = db.find_one("USERS", "login", _login)
if tmp:
return UserModel(tmp)
return None
def _handle_regular_user(self, data):
session_model = Session()
session_id = g.get("session_id", None)
model = UserModel(session_id)
user = model.create(data)
if user:
session_model.update(session_id, user_id=user.id)
return user
return None
def post(self):
data = UserRegister.parser.parse_args()
if UserModel.find_by_username(data["username"]):
return {"message": "Error: username already exists"}, 409
user = UserModel(**data)
user.save()
return {"message": "User registered successfully"}, 201
def insert_test_data():
for data in user_data:
UserModel(**data).save()
for data in category_data:
CategoryModel(**data).save()
for data in item_data:
ItemModel(**data).save()
def validate_username(self, data):
username = data.get("username")
if username and len(username) < 2:
raise ValidationError(
"Username must be at least 2 characters long", "username")
model = UserModel(None)
if not data.get("social_uid") and model.username_exists(username):
raise ValidationError("Username already taken", "username")
def post(self):
data = UserRegister.parser.parse_args()
if UserModel.find_by_username(data['username']):
return {"message": "User with that username already exists."}, 400
user = UserModel(**data) ## unpack the data, because its a dictionary
user.save_to_db()
return {"message": "User created successfully."}, 201
def post(self):
"""
정보 등록
"""
payload = request.json
uuid = str(uuid4())
user = UserModel(uuid=uuid, **payload).save()
FriendModel(user=user).save()
return self.unicode_safe_json_dumps({'user_id': uuid}, 201)
def create_tables():
db.create_all()
db.session.commit()
from app.models.user import UserModel
if not UserModel.find_by_username("admin"):
UserModel(username="******",
password="******",
firstName="admin",
lastName="admin",
phoneNumber="123467890").save_to_db()
def post(self):
data = UserRegister.parser.parse_args()
if UserModel.find_by_username(data['username']):
return {'message': 'This username already exists'}, 400
user = UserModel(**data)
user.save_to_db()
return {'message': 'User created successfully'}, 201
def init_db():
user1 = UserModel('Test User1', 'testuser1', 'testpassword123',
'*****@*****.**')
user2 = UserModel('Test User2', 'testuser2', 'testpassword123',
'*****@*****.**')
category1 = CategoryModel('Category 1', 'Test category number 1')
category2 = CategoryModel('Category 2', 'Test category number 2')
item1 = ItemModel('Item 1', 'Test item number 1', 10, 1, 1)
item2 = ItemModel('Item 2', 'Test item number 2', 20, 1, 1)
user1.save_to_db()
user2.save_to_db()
category1.save_to_db()
category2.save_to_db()
item1.save_to_db()
item2.save_to_db()
yield db
db.session.close()
db.drop_all()
def test_crud(self):
with self.app_context():
user = UserModel('test', 'abcd')
self.assertIsNone(UserModel.find_by_username('test'))
self.assertIsNone(UserModel.find_by_id(1))
user.save_to_db()
self.assertIsNotNone(UserModel.find_by_username('test'))
self.assertIsNotNone(UserModel.find_by_id(1))
def register(data):
"""A new user sends username & password to register."""
# check if username exists
if UserModel.query.filter_by(username=data['username']).first():
raise BadRequest('Username existed.')
# save user's data & response a successful message
user = UserModel(**data)
user.save_to_db()
return jsonify(UserSchema(exclude=("password",)).dump(user)), 201
def test_create_user(self):
user = UserModel(USER_NAME, PASSWORD)
self.assertEqual(
user.username, USER_NAME,
"The name of the user after creation does not equal the constructor argument."
)
self.assertEqual(
user.password, PASSWORD,
"The password of the user after creation does not equal the constructor argument."
)
def post(self):
body = RequestParser().get_body_users_args()
user = UserModel.find_user_by_login(body['login'])
if user:
return {'message': 'User %s already exists' % body['login']}, 422
new_user = UserModel(**body)
try:
new_user.save_user()
except:
return {'message': 'cannot save user, internal server error'}, 500
return new_user.json(), 201
def post(self):
data = _user_parser.parse_args()
if UserModel.find_by_email(data['email']):
return {
'message': 'A user with that username already exists.'
}, 400
user = UserModel(data['email'], data['password'])
user.save_to_db()
return {"message": "User created successfully."}, 201
