def post(self):
"""
"""
user_schema = UserSchema(only=("email", "password"))
token_schema = UserSchema()
login_data = request.get_json()
validated_user_data, errors = user_schema.load(login_data)
if errors:
return dict(status='fail', message=errors), 400
email = validated_user_data.get('email', None)
password = validated_user_data.get('password', None)
user = User.find_first(email=email)
admin_role = Role.find_first(name='administrator')
if not user or not admin_role or (admin_role not in user.roles):
return dict(status='fail', message="login failed"), 401
if not user.verified:
return dict(status='fail',
message='Email not verified',
data=dict(verified=user.verified)), 401
user_dict, errors = token_schema.dump(user)
if user and user.password_is_valid(password):
access_token = user.generate_token(user_dict)
if not access_token:
return dict(status="fail",
message="Internal Server Error"), 500
return dict(status='success',
data=dict(
access_token=access_token,
email=user.email,
username=user.username,
verified=user.verified,
id=str(user.id),
)), 200
return dict(status='fail', message="login failed"), 401
def get_user(id):
if current_user().id != id:
abort(403)
one_user = User.query.get_or_404(id)
user_schema = UserSchema()
output = user_schema.dump(one_user).data
return jsonify({'user' : output})
def patch(self, user_id):
"""
Update a single user
"""
# To do check if user is admin
schema = UserSchema(partial=True)
update_data = request.get_json()
validated_update_data, errors = schema.load(update_data)
if errors:
return dict(status="fail", message=errors), 400
user = User.get_by_id(user_id)
if not user:
return dict(status="fail",
message=f"User with id {user_id} not found"), 404
updated_user = User.update(user, **validated_update_data)
if not updated_user:
return dict(status='fail', message='Internal Server Error'), 500
return dict(status="success", message="User updated successfully"), 200
def patch(self, user_id):
"""
Update User
"""
user_schema = UserSchema()
update_data = request.get_json()
validated_update_data, errors = user_schema.load(update_data)
if errors:
return dict(status="fail", message=errors), 400
user = User.get_by_id(user_id)
if not user:
return dict(status="fail", message=f"User with id {user_id} not found"), 404
if 'username' in validated_update_data:
user.username = validated_update_data['username']
if 'email' in validated_update_data:
user.email = validated_update_data['email']
if 'password' in validated_update_data:
user.password = validated_update_data['password']
updated_user = user.save()
if not updated_user:
return dict(status='fail', message='Internal Server Error'), 500
return dict(status="success", message=f"User {user.username} updated successfully"), 200
def test_fdc_can_be_edited(self):
"""Test API can edit an existing DC. (PUT request)"""
user = User(username='******',
email='*****@*****.**',
password='******',
first_name='charlie',
last_name='fei',
role='fdcAdmin',
location='nashville')
schema = UserSchema()
#Register a new FDC Admin
register_response = self.client.post('/users/',
data=schema.dumps(user).data,
content_type='application/json')
registration_data = json.loads(register_response.data.decode())
self.assertTrue(registration_data['status'] == 'success')
self.assertTrue(
registration_data['message'] == 'Successfully registered.')
self.assertTrue(registration_data['auth_token'])
self.assertTrue(register_response.content_type == 'application/json')
self.assertEqual(register_response.status_code, 201)
#Login as FDC Admin
login_response = self.client.post('/users/login',
data=schema.dumps(user).data,
content_type='application/json')
login_data = json.loads(login_response.data.decode())
self.assertTrue(login_data['status'] == 'success')
self.assertTrue(login_data['message'] == 'Successfully logged in.')
self.assertTrue(login_data['auth_token'])
self.assertTrue(login_response.content_type == 'application/json')
self.assertEqual(login_response.status_code, 200)
fdc_schema = FDCSchema()
creation_response = self.client.post(
'/fdcs/',
data=fdc_schema.dumps(self.fdc).data,
headers=dict(Authorization='Bearer ' + login_data['auth_token']),
content_type='application/json')
creation_data = json.loads(creation_response.data.decode())
self.assertTrue(creation_data['status'] == 'success')
self.assertTrue(
creation_data['message'] == 'Successfully created FDC.')
self.assertTrue(creation_response.content_type == 'application/json')
self.assertEqual(creation_response.status_code, 201)
put_response = self.client.put('/fdcs/1',
headers=dict(Authorization='Bearer ' +
login_data['auth_token']),
data={'name': 'Wendys'},
content_type='application/json')
print(put_response.data)
self.assertEqual(put_response.status_code, 200)
results = self.client().get('/fdcs/1')
self.assertIn('Wendys', str(results.data))
def test_user_login(self):
user = User(username='******',
email='*****@*****.**',
password='******',
first_name='charlie',
last_name='fei',
role='volunteer',
location='nashville')
schema = UserSchema()
register_response = self.client.post('/users/',
data=schema.dumps(user).data,
content_type='application/json')
registration_data = json.loads(register_response.data.decode())
self.assertTrue(registration_data['status'] == 'success')
self.assertTrue(
registration_data['message'] == 'Successfully registered.')
self.assertTrue(registration_data['auth_token'])
self.assertTrue(register_response.content_type == 'application/json')
self.assertEqual(register_response.status_code, 201)
login_response = self.client.post('/users/login',
data=schema.dumps(user).data,
content_type='application/json')
login_data = json.loads(login_response.data.decode())
self.assertTrue(login_data['status'] == 'success')
self.assertTrue(login_data['message'] == 'Successfully logged in.')
self.assertTrue(login_data['auth_token'])
self.assertTrue(login_response.content_type == 'application/json')
self.assertEqual(login_response.status_code, 200)
class UserResource(Resource):
def get(self, id):
user = User.query.get(id)
if user is None:
return error_object('User not found', 404)
return UserSchema().dump(user).data, 200
@use_args(UserSchema())
def put(self, user_args, id):
user = User.query.get(id)
if user is None:
return error_object('User not found', 404)
for key, value in user_args.items():
setattr(user, key, value)
try:
db.session.add(user)
db.session.commit()
except IntegrityError:
return error_object('Email already registered', 422)
return UserSchema().dump(user).data, 200
def delete(self, id):
user = User.query.get(id)
if user is None:
return error_object('User not found', 404)
db.session.delete(user)
db.session.commit()
return '', 204
def test_user_get_info(self):
user = User(username='******',
email='*****@*****.**',
password='******',
first_name='charlie',
last_name='fei',
role='volunteer',
location='nashville')
schema = UserSchema()
register_response = self.client.post('/users/',
data=schema.dumps(user).data,
content_type='application/json')
register_data = json.loads(register_response.data.decode())
get_response = self.client.get(
'/users/' + user.username,
headers=dict(Authorization='Bearer ' +
register_data['auth_token']))
data = json.loads(get_response.data.decode())
self.assertTrue(data['status'] == 'success')
self.assertTrue(data['data'] is not None)
self.assertTrue(data['data']['username'] == 'charlie')
self.assertTrue(data['data']['email'] == '*****@*****.**')
self.assertTrue(data['data']['first_name'] == 'charlie')
self.assertTrue(data['data']['last_name'] == 'fei')
self.assertTrue(data['data']['role'] == 'volunteer')
def get(self):
users = User.query.all()
result = []
schema = UserSchema()
for user in users:
result.append(schema.dump(user))
return {"data": result}
def auth():
try:
auth = request.authorization
if not auth or not auth.username or not auth.password:
return Response(json.dumps(AuthExceptions.AUTH_NOT_FOUND.value),
mimetype='application/json')
user = User.query.filter_by(username=auth.username).first()
if not user:
return Response(json.dumps(AuthExceptions.USER_NOT_FOUND.value),
mimetype='application/json')
if not check_password_hash(user.password, auth.password):
return Response(json.dumps(
AuthExceptions.PASSWORD_NOT_MATCH.value),
mimetype='application/json')
response = {
"token":
jwt.encode(UserSchema().dump(user), app.config['SECRET_KEY'],
'HS256'),
"expired":
datetime.timestamp(datetime.now() + timedelta(hours=12))
}
return Response(json.dumps(response), mimetype='application/json')
except Exception as e:
print(f"Error: {e}")
return Response(json.dumps(AuthExceptions.ERROR.value),
mimetype='application/json')
def post(self):
"""
Create New User
"""
user_schema = UserSchema()
user_data = request.get_json()
# Validate user data
validated_user_data, errors = user_schema.load(user_data)
if errors:
return dict(status="fail", message=errors), 400
email = validated_user_data.get('email', None)
# Check if user email exists
user_existant = User.query.filter_by(email=email).first()
if user_existant:
return dict(status="fail", message=f"Email {validated_user_data['email']} already in use."), 400
# add validated data to user object
user = User(**validated_user_data)
saved_user = user.save()
if not saved_user:
return dict(status='fail', message=f'Internal Server Error'), 500
# for returning to user
new_user_data, errors = user_schema.dumps(user)
return dict(status='success', data=dict(user=json.loads(new_user_data))), 201
def get(self, user_id: int):
user = User.query.get(user_id)
if not user:
abort(404, "User was not found")
return jsonify(UserSchema().dump(user))
def test_user_email_validation(email):
data = {"name": "marco", "email": email}
try:
UserSchema().load(data)
except ValidationError as exc:
assert exc.messages == {"email": ["Not a valid email address."]}
class UserResourceFlaskAccepts(Resource):
@responds(schema=UserSchema(many=True), api=api)
@roles_required("admin")
def get(self):
users = User.query.all()
return users
def create_account():
json_data = request.get_json(silent=True) or {}
ts = URLSafeTimedSerializer(current_app.config["SECRET_KEY"])
token = json_data.get("emailToken")
try:
email = ts.loads(
token, salt=current_app.config["EMAIL_CONFIRM_SALT"] # max_age=86400
)
except:
abort(400)
name = json_data.get("name")
password = json_data.get("password")
new_user_data = {"name": name, "email": email, "password": password}
print(new_user_data)
try:
data = UserSchema().load(new_user_data)
except:
abort(400)
new_user = User(email=data["email"], name=data["name"])
new_user.set_password(data["password"])
db.session.add(new_user)
try:
db.session.commit()
except:
abort(500)
return "", 200
def patch(self, user_id):
"""
"""
try:
user_schema = UserSchema(only=("name", ))
user_data = request.get_json()
validate_user_data, errors = user_schema.load(user_data)
if errors:
return dict(status='fail', message=errors), 400
user = User.get_by_id(user_id)
if not user:
return dict(status='fail',
message=f'User {user_id} not found'), 404
updated = User.update(user, **validate_user_data)
if not updated:
return dict(status='fail',
message='Internal Server Error'), 500
return dict(status='success',
message=f'User {user_id} updated successfully'), 200
except Exception as e:
return dict(status='fail', message=str(e)), 500
def get(self, _id: str):
user = UserModel.get_user_by_id(_id)
if user:
user_schema = UserSchema()
result: dict = user_schema.dump(user)
return result, 200
return {"msg": "User Not found"}, 404
def get(self):
schema = UserSchema(many=True)
args = parser.parse_args()
search = args["search"]
data = self.user.search_user(search=search)
return schema.dump(data)
class UserCreateResource(Resource):
@use_args(UserSchema(strict=True), locations=("json", ))
def post(self, args):
user = args
db.session.add(user)
db.session.commit()
return make_response(default_return(user), http.HTTPStatus.CREATED)
def test_dc_deletion(self):
"""Test API can delete an existing fdc. (DELETE request)."""
user = User(username='******',
email='*****@*****.**',
password='******',
first_name='charlie',
last_name='fei',
role='fdcAdmin',
location='nashville')
schema = UserSchema()
#Register a new FDC Admin
register_response = self.client.post('/users/',
data=schema.dumps(user).data,
content_type='application/json')
registration_data = json.loads(register_response.data.decode())
self.assertTrue(registration_data['status'] == 'success')
self.assertTrue(
registration_data['message'] == 'Successfully registered.')
self.assertTrue(registration_data['auth_token'])
self.assertTrue(register_response.content_type == 'application/json')
self.assertEqual(register_response.status_code, 201)
#Login as FDC Admin
login_response = self.client.post('/users/login',
data=schema.dumps(user).data,
content_type='application/json')
login_data = json.loads(login_response.data.decode())
self.assertTrue(login_data['status'] == 'success')
self.assertTrue(login_data['message'] == 'Successfully logged in.')
self.assertTrue(login_data['auth_token'])
self.assertTrue(login_response.content_type == 'application/json')
self.assertEqual(login_response.status_code, 200)
fdc_schema = FDCSchema()
creation_response = self.client.post(
'/fdcs/',
data=fdc_schema.dumps(self.fdc).data,
headers=dict(Authorization='Bearer ' + login_data['auth_token']),
content_type='application/json')
creation_data = json.loads(creation_response.data.decode())
self.assertTrue(creation_data['status'] == 'success')
self.assertTrue(
creation_data['message'] == 'Successfully created FDC.')
self.assertTrue(creation_response.content_type == 'application/json')
self.assertEqual(creation_response.status_code, 201)
res = self.client.delete('/fdcs/1',
headers=dict(Authorization='Bearer ' +
login_data['auth_token']))
self.assertEqual(res.status_code, 200)
# Test to see if it exists, should return a 404
result = self.client().get('/fdcs/1')
self.assertEqual(result.status_code, 404)
def post(self, user_args):
try:
user = User(user_args['name'], user_args['email'],
user_args['password'])
db.session.add(user)
db.session.commit()
except IntegrityError:
db.session.rollback()
return error_object('User already exists', 422)
return UserSchema().dump(user).data, 201
def test_api_can_get_all_fdc(self):
"""Test API can get a FDC (GET request)."""
user = User(username='******',
email='*****@*****.**',
password='******',
first_name='charlie',
last_name='fei',
role='fdcAdmin',
location='nashville')
schema = UserSchema()
#Register a new FDC Admin
register_response = self.client.post('/users/',
data=schema.dumps(user).data,
content_type='application/json')
registration_data = json.loads(register_response.data.decode())
self.assertTrue(registration_data['status'] == 'success')
self.assertTrue(
registration_data['message'] == 'Successfully registered.')
self.assertTrue(registration_data['auth_token'])
self.assertTrue(register_response.content_type == 'application/json')
self.assertEqual(register_response.status_code, 201)
#Login as FDC Admin
login_response = self.client.post('/users/login',
data=schema.dumps(user).data,
content_type='application/json')
login_data = json.loads(login_response.data.decode())
self.assertTrue(login_data['status'] == 'success')
self.assertTrue(login_data['message'] == 'Successfully logged in.')
self.assertTrue(login_data['auth_token'])
self.assertTrue(login_response.content_type == 'application/json')
self.assertEqual(login_response.status_code, 200)
fdc_schema = FDCSchema()
creation_response = self.client.post(
'/fdcs/',
data=fdc_schema.dumps(self.fdc).data,
headers=dict(Authorization='Bearer ' + login_data['auth_token']),
content_type='application/json')
creation_data = json.loads(creation_response.data.decode())
self.assertTrue(creation_data['status'] == 'success')
self.assertTrue(
creation_data['message'] == 'Successfully created FDC.')
self.assertTrue(creation_response.content_type == 'application/json')
self.assertEqual(creation_response.status_code, 201)
get_response = self.client.get('/fdcs/')
data = json.loads(get_response.data.decode())
self.assertTrue(data['status'] == 'success')
self.assertIn('Nashville Food Project', str(data['fdcs']))
self.assertEqual(get_response.status_code, 200)
def post(self):
"""
"""
user_schema = UserSchema()
user_data = request.get_json()
validated_user_data, errors = user_schema.load(user_data)
email = validated_user_data.get('email', None)
client_base_url = os.getenv('CLIENT_BASE_URL',
f'https://{request.host}/users')
# To do change to a frontend url
verification_url = f"{client_base_url}/verify/"
secret_key = current_app.config["SECRET_KEY"]
password_salt = current_app.config["VERIFICATION_SALT"]
sender = current_app.config["MAIL_DEFAULT_SENDER"]
template = "user/verify.html"
subject = "Please confirm your email"
if errors:
return dict(status="fail", message=errors), 400
# get the customer role
user_role = Role.find_first(name='customer')
user_existant = User.query.filter_by(email=email).first()
if user_existant:
return dict(
status="fail",
message=f"Email {validated_user_data['email']} already in use."
), 400
user = User(**validated_user_data)
if user_role:
user.roles.append(user_role)
saved_user = user.save()
if not saved_user:
return dict(status='fail', message=f'Internal Server Error'), 500
# send verification
send_verification(email, user.name, verification_url, secret_key,
password_salt, sender,
current_app._get_current_object(), template, subject)
new_user_data, errors = user_schema.dumps(user)
return dict(status='success',
data=dict(user=json.loads(new_user_data))), 201
def get_user_by_firebase_id():
user_schema = UserSchema()
fb_id = request.args['firebase_id']
user = db.session.query(User).filter(User.firebase_id == fb_id).first()
if user:
return user_schema.dumps(user)
else:
raise NotFound(
"Could not find user with firebase_id of '{}'".format(fb_id))
def post(self, **kwargs):
# print(kwargs)
result = UserSchema().dump(kwargs)
collection_users = mongo.db.users
name = result.data.get('name')
age = result.data.get('age')
status = result.data.get('status')
user_id = collection_users.insert(
{'name': name, 'age': age, 'status': status})
new_user = collection_users.find_one({'_id': user_id})
output = {'name': new_user['name'],
'age': new_user['age'], 'status': new_user['status']}
return jsonify({'result': output})
def post(self):
candidate = request.get_json()
schema = UserSchema()
errors = schema.validate(candidate)
if errors:
return {'massage': errors}, 400
data = schema.dump(candidate)
if UserModel.find_by_email(data['email']):
return {'massage': 'this mail already exist'}, 400
user = UserModel(**data)
user.save_to_db()
return {'massage': 'User has been created'}, 201
def post(self):
try:
requested_data = request.get_json()
if UserModel.get_user_by_username(requested_data["username"]):
return {"msg": "Username already exists"}, 400
if UserModel.get_user_by_email(requested_data["email"]):
return {"msg": "Email already exists"}, 400
user_schema = UserSchema()
result: dict = user_schema.load(requested_data)
UserModel.register_user(**result)
return {"msg": "Registration successful"}, 201
except ValidationError as err:
return jsonify(err.messages, 400)
def test_pickup_accept:
#User we're using
user = User(username='******', email='*****@*****.**', password='******', first_name='charlie', last_name='fei', role='donor', location='nashville')
volunteer = User(username='******', email='*****@*****.**', password='******', first_name='vol', last_name='fei', role='volunteer', location='nashville')
schema = UserSchema()
#Register User
register_response = self.client.post('/users/',
data = schema.dumps(user).data,
content_type = 'application/json'
)
registration_data = json.loads(register_response.data.decode())
self.assertTrue(registration_data['status'] == 'success')
self.assertTrue(
registration_data['message'] == 'Successfully registered.'
)
self.assertTrue(registration_data['auth_token'])
self.assertTrue(register_response.content_type == 'application/json')
self.assertEqual(register_response.status_code, 201)
#Login User
login_response = self.client.post('/users/login',
data = schema.dumps(user).data,
content_type = 'application/json'
)
login_data = json.loads(login_response.data.decode())
self.assertTrue(login_data['status'] == 'success')
self.assertTrue(login_data['message'] == 'Successfully logged in.')
self.assertTrue(login_data['auth_token'])
self.assertTrue(login_response.content_type == 'application/json')
self.assertEqual(login_response.status_code, 200)
pickup_schema = PickupSchema()
pickup = Pickup(description="My Pickup", donor=user)
creation_response = self.client.post('/users/charlie/pickups/',
data = pickup_schema.dumps(pickup).data,
headers=dict(
Authorization='Bearer ' + login_data['auth_token']
),
content_type = 'application/json'
)
creation_data = json.loads(creation_response.data.decode())
self.assertTrue(creation_data['status'] == 'success')
self.assertTrue(creation_data['message'] == 'Successfully created pickup.')
self.assertTrue(creation_response.content_type == 'application/json')
self.assertEqual(creation_response.status_code, 201)
def update_user(id):
if current_user().id != id:
abort(403)
user = User.query.get_or_404(id)
data = request.get_json() or {}
if 'username' in data and data['username'] != user.username and User.query.filter_by(username=data['username']).first():
return bad_request('please use a different username')
if 'email' in data and data['email'] != user.email and User.query.filter_by(email=data['email']).first():
return bad_request('please use a different email address')
user.from_dict(data, new_user=False)
db.session.commit()
user_schema = UserSchema()
output = user_schema.dump(user).data
return jsonify({'user': output})
def make_shell_context():
from app.schemas import UserSchema, BattleSchema, ImageSchema, VoteSchema
return dict(app=app,
db=db,
Vote=Vote,
User=User,
Role=Role,
Image=Image,
Permission=Permission,
Battle=Battle,
US=UserSchema(),
IS=ImageSchema(),
VS=VoteSchema(),
BS=BattleSchema())
