def update(login): user = obj_or_404(User.by_login(login)) authz.require(user.id == current_user.id) user.update(request_data()) db.session.add(user) db.session.commit() return view(login)
def view(login): user = obj_or_404(User.by_login(login)) data = user.to_dict() if user.id == current_user.id: data['email'] = user.email return jsonify(data)