def post(self):
        parser = RequestParser(bundle_errors=True)
        parser.add_argument('full_name', type=str, required=True, location='json')
        parser.add_argument('password', type=inputs.regex('[A-Za-z0-9@#$%^&+=]{8,}'), required=True, location='json',
                            help='Password must have a minimum of eight characters.')
        parser.add_argument('email_address', type=inputs.email(), required=True, location='json')
        args = parser.parse_args(strict=True)

        email = User.query.filter(User.email == args.email_address).first()
        if email:
            return {'message': 'Email address already exist'}, 400

        try:
            user = User()
            user.full_name = args.full_name
            user.email = args.email_address
            user.username = f'{args.full_name.replace(" ", "").lower()}{random.randint(1, 9999)}'
            user.password = generate_password_hash(args.password).decode()
            user.role = 'CLIENT'
            token = user.create_token()
            user.save()
            text = f"""Your Account has been created.
            Confirm Your Account By Clicking on this link.
            Link : <a href="{url_for('api.auth_confirm_account', token=token, _external=True)}"></a>
            """
            send_mail_rq.queue(user.email, text, 'Register')
            return {'message': 'Your account has been created, Check your email to confirm your account'}, 200
        except Exception as e:
            return jsonify(message=f'Unable to create account ::{e}'), 500
    def post(self):
        parser = RequestParser(bundle_errors=True)
        parser.add_argument('username', type=str, required=True, location='json', help='username is required')
        parser.add_argument('password', type=str, required=True, location='json', help='password is required')
        parser.add_argument('rem', type=inputs.boolean, default=False, required=False, location='json',
                            help='rem is required')
        args = parser.parse_args(strict=True)
        user = User.query.filter((User.username == args.username) | (User.email == args.username)).first()
        if not user:
            return {'message': 'Incorrect username or password'}, 401
        else:
            if not check_password_hash(user.password, args.password):
                return {'message': 'Incorrect username or password'}, 401
            else:
                if not user.status:
                    return {'message': 'Your account is currently inactive'}, 401
                else:
                    send_mail_rq.queue(LOGIN_NOTIFY.format(name=user.full_name, app_name='Ngsapps', email=user.email,
                                                           time=str(datetime.utcnow()), ip=request.remote_addr,
                                                           user_agent=request.user_agent), [user.email],
                                       'Ngsapp Support')
                    # create JWT
                    access_token = create_access_token(identity=str(user.uuid))
                    refresh_token = create_refresh_token(identity=str(user.uuid))
                    resp = jsonify({'login': True, 'role': user.role})

                    set_access_cookies(resp, access_token)
                    set_refresh_cookies(resp, refresh_token)
                    resp.set_cookie('access_token_cookie', access_token)
                    # access_jti = get_jti(encoded_token=access_token)
                    # refresh_jti = get_jti(encoded_token=refresh_token)
                    # redis.set(access_jti, 'false', current_app.config['JWT_ACCESS_TOKEN_EXPIRES'] * 1.2)
                    # redis.set(refresh_jti, 'false', current_app.config['JWT_REFRESH_TOKEN_EXPIRES'] * 1.2)
                    return make_response(resp)
 def post(self):
     args = parser.parse_args(strict=True)
     user = User(**args)
     pwd = secrets.token_hex(5)
     user.set_password(pwd)
     user.confirmed = True
     send_mail_rq.queue(
         NEW_ACC.format(
             username=user.username,
             password=pwd,
         ), [args.email], 'Welcome')
     return User.user_exist(args) if User.user_exist(args) else user.save(
         **args)
 def post(self):
     parser = RequestParser(bundle_errors=True)
     parser.add_argument('email_address',
                         type=inputs.email(),
                         required=True,
                         location='json')
     args = parser.parse_args(strict=True)
     user = User.query.filter(User.email == args.email_address).first()
     if not user:
         return jsonify(message='Please account is not found')
     if user.status:
         return jsonify(message='Your dont have access to this function')
     token = user.create_token()
     url = url_for('api.auth_confirm_account', token=token, _external=True)
     send_mail_rq.queue(CONFIRM_ACC.format(url=url, name=user.full_name),
                        [user.email], 'Resend Account Activation')
     return jsonify(message='Account confirmation has been sent')
示例#5
0
 def post(self):
     parser = RequestParser()
     parser.add_argument('email_address',
                         type=inputs.email(),
                         required=True,
                         location='json')
     args = parser.parse_args(strict=True)
     user = User.query.filter(User.email == args.email_address).first()
     if not user:
         return {
             'message': 'Sorry, your email was not found',
             'other': 'Check and try again'
         }, 400
     token = user.create_token()
     send_mail_rq.queue(
         FORGOT_PWD.format(url=url_for('api.auth_reset_password',
                                       token=token,
                                       _external=True),
                           name=user.full_name), [user.email],
         'Forgot Password')
     print(token)
     return jsonify(message='A reset link has been sent to your email')
    def put(self, option):
        profile_parser = RequestParser(trim=True, bundle_errors=True)
        if option == 'general':
            profile_parser.add_argument('username',
                                        required=True,
                                        type=string,
                                        location='json')
            profile_parser.add_argument('full_name',
                                        required=True,
                                        type=string,
                                        location='json')
            profile_parser.add_argument('gender',
                                        required=True,
                                        type=str,
                                        choices=['Male', 'Female', 'Others'],
                                        help='Gender is required',
                                        location='json')
            args = profile_parser.parse_args(strict=True)
            if User.query.filter(User.username == args.username,
                                 User.id != current_user.id).first():
                return {
                    'message':
                    'Username already exist, please use different one'
                }, 400
            current_user.full_name = args.full_name
            current_user.gender = args.gender
            return current_user.save(**args)

        if option == 'pwd':
            profile_parser.add_argument('old_pwd',
                                        required=True,
                                        type=str,
                                        location='json')
            profile_parser.add_argument(
                'new_pwd',
                type=inputs.regex('[A-Za-z0-9@#$%^&+=]{8,}'),
                required=True,
                location='json',
                help='Password must have a minimum of eight characters.')
            profile_parser.add_argument(
                'confirm_pwd',
                type=inputs.regex('[A-Za-z0-9@#$%^&+=]{8,}'),
                required=True,
                location='json',
                help='Password must have a minimum of eight characters.')
            args = profile_parser.parse_args(strict=True)
            if not bcrypt.check_password_hash(current_user.password,
                                              args.old_pwd):
                return {
                    'message': 'Old password doesnt match current password'
                }, 400
            if not safe_str_cmp(args.confirm_pwd, args.new_pwd):
                return {"message": 'passwords dont match'}
            current_user.password = bcrypt.generate_password_hash(
                args.new_pwd).decode()
            current_user.save()
            send_mail_rq.queue('Your password was changed!',
                               [current_user.email], 'Password Changed')
            return {'message': 'Your password has been updated successfully'}
        if option == 'email':
            profile_parser.add_argument('pwd',
                                        required=True,
                                        type=str,
                                        location='json')
            profile_parser.add_argument('old_email',
                                        required=True,
                                        type=inputs.email(),
                                        help='Email address is required',
                                        location='json')
            profile_parser.add_argument('new_email',
                                        required=True,
                                        type=inputs.email(),
                                        help='Email address is required',
                                        location='json')
            args = profile_parser.parse_args(strict=True)
            if not bcrypt.check_password_hash(current_user.password, args.pwd):
                return abort(401)
            token = current_user.create_token(
                payload={'email': args.new_email})
            url = url_for('api.auth_change_email', token=token, _external=True)
            send_mail_rq.queue(
                CHANGE_EMAIL.format(name=current_user.full_name, url=url),
                [args.new_email], 'Change Email')
            return {'message': 'Email has been sent'}
        if option == 'img':
            profile_parser.add_argument(
                'files',
                required=True,
                location='files',
                type=werkzeug.datastructures.FileStorage)
            args = profile_parser.parse_args(strict=True)
            file = img_upload(args.file)
            if file.get('message'):
                return file, 400
            current_user.img = file.get('filename')
            file.get('upload').save(file.get('full_path'))
            return current_user.save(filename=current_user.img), 201
        return abort(404)