def post(self): parser = RequestParser(bundle_errors=True) parser.add_argument('full_name', type=str, required=True, location='json') parser.add_argument('password', type=inputs.regex('[A-Za-z0-9@#$%^&+=]{8,}'), required=True, location='json', help='Password must have a minimum of eight characters.') parser.add_argument('email_address', type=inputs.email(), required=True, location='json') args = parser.parse_args(strict=True) email = User.query.filter(User.email == args.email_address).first() if email: return {'message': 'Email address already exist'}, 400 try: user = User() user.full_name = args.full_name user.email = args.email_address user.username = f'{args.full_name.replace(" ", "").lower()}{random.randint(1, 9999)}' user.password = generate_password_hash(args.password).decode() user.role = 'CLIENT' token = user.create_token() user.save() text = f"""Your Account has been created. Confirm Your Account By Clicking on this link. Link : <a href="{url_for('api.auth_confirm_account', token=token, _external=True)}"></a> """ send_mail_rq.queue(user.email, text, 'Register') return {'message': 'Your account has been created, Check your email to confirm your account'}, 200 except Exception as e: return jsonify(message=f'Unable to create account ::{e}'), 500
def post(self): parser = RequestParser(bundle_errors=True) parser.add_argument('username', type=str, required=True, location='json', help='username is required') parser.add_argument('password', type=str, required=True, location='json', help='password is required') parser.add_argument('rem', type=inputs.boolean, default=False, required=False, location='json', help='rem is required') args = parser.parse_args(strict=True) user = User.query.filter((User.username == args.username) | (User.email == args.username)).first() if not user: return {'message': 'Incorrect username or password'}, 401 else: if not check_password_hash(user.password, args.password): return {'message': 'Incorrect username or password'}, 401 else: if not user.status: return {'message': 'Your account is currently inactive'}, 401 else: send_mail_rq.queue(LOGIN_NOTIFY.format(name=user.full_name, app_name='Ngsapps', email=user.email, time=str(datetime.utcnow()), ip=request.remote_addr, user_agent=request.user_agent), [user.email], 'Ngsapp Support') # create JWT access_token = create_access_token(identity=str(user.uuid)) refresh_token = create_refresh_token(identity=str(user.uuid)) resp = jsonify({'login': True, 'role': user.role}) set_access_cookies(resp, access_token) set_refresh_cookies(resp, refresh_token) resp.set_cookie('access_token_cookie', access_token) # access_jti = get_jti(encoded_token=access_token) # refresh_jti = get_jti(encoded_token=refresh_token) # redis.set(access_jti, 'false', current_app.config['JWT_ACCESS_TOKEN_EXPIRES'] * 1.2) # redis.set(refresh_jti, 'false', current_app.config['JWT_REFRESH_TOKEN_EXPIRES'] * 1.2) return make_response(resp)
def post(self): args = parser.parse_args(strict=True) user = User(**args) pwd = secrets.token_hex(5) user.set_password(pwd) user.confirmed = True send_mail_rq.queue( NEW_ACC.format( username=user.username, password=pwd, ), [args.email], 'Welcome') return User.user_exist(args) if User.user_exist(args) else user.save( **args)
def post(self): parser = RequestParser(bundle_errors=True) parser.add_argument('email_address', type=inputs.email(), required=True, location='json') args = parser.parse_args(strict=True) user = User.query.filter(User.email == args.email_address).first() if not user: return jsonify(message='Please account is not found') if user.status: return jsonify(message='Your dont have access to this function') token = user.create_token() url = url_for('api.auth_confirm_account', token=token, _external=True) send_mail_rq.queue(CONFIRM_ACC.format(url=url, name=user.full_name), [user.email], 'Resend Account Activation') return jsonify(message='Account confirmation has been sent')
def post(self): parser = RequestParser() parser.add_argument('email_address', type=inputs.email(), required=True, location='json') args = parser.parse_args(strict=True) user = User.query.filter(User.email == args.email_address).first() if not user: return { 'message': 'Sorry, your email was not found', 'other': 'Check and try again' }, 400 token = user.create_token() send_mail_rq.queue( FORGOT_PWD.format(url=url_for('api.auth_reset_password', token=token, _external=True), name=user.full_name), [user.email], 'Forgot Password') print(token) return jsonify(message='A reset link has been sent to your email')
def put(self, option): profile_parser = RequestParser(trim=True, bundle_errors=True) if option == 'general': profile_parser.add_argument('username', required=True, type=string, location='json') profile_parser.add_argument('full_name', required=True, type=string, location='json') profile_parser.add_argument('gender', required=True, type=str, choices=['Male', 'Female', 'Others'], help='Gender is required', location='json') args = profile_parser.parse_args(strict=True) if User.query.filter(User.username == args.username, User.id != current_user.id).first(): return { 'message': 'Username already exist, please use different one' }, 400 current_user.full_name = args.full_name current_user.gender = args.gender return current_user.save(**args) if option == 'pwd': profile_parser.add_argument('old_pwd', required=True, type=str, location='json') profile_parser.add_argument( 'new_pwd', type=inputs.regex('[A-Za-z0-9@#$%^&+=]{8,}'), required=True, location='json', help='Password must have a minimum of eight characters.') profile_parser.add_argument( 'confirm_pwd', type=inputs.regex('[A-Za-z0-9@#$%^&+=]{8,}'), required=True, location='json', help='Password must have a minimum of eight characters.') args = profile_parser.parse_args(strict=True) if not bcrypt.check_password_hash(current_user.password, args.old_pwd): return { 'message': 'Old password doesnt match current password' }, 400 if not safe_str_cmp(args.confirm_pwd, args.new_pwd): return {"message": 'passwords dont match'} current_user.password = bcrypt.generate_password_hash( args.new_pwd).decode() current_user.save() send_mail_rq.queue('Your password was changed!', [current_user.email], 'Password Changed') return {'message': 'Your password has been updated successfully'} if option == 'email': profile_parser.add_argument('pwd', required=True, type=str, location='json') profile_parser.add_argument('old_email', required=True, type=inputs.email(), help='Email address is required', location='json') profile_parser.add_argument('new_email', required=True, type=inputs.email(), help='Email address is required', location='json') args = profile_parser.parse_args(strict=True) if not bcrypt.check_password_hash(current_user.password, args.pwd): return abort(401) token = current_user.create_token( payload={'email': args.new_email}) url = url_for('api.auth_change_email', token=token, _external=True) send_mail_rq.queue( CHANGE_EMAIL.format(name=current_user.full_name, url=url), [args.new_email], 'Change Email') return {'message': 'Email has been sent'} if option == 'img': profile_parser.add_argument( 'files', required=True, location='files', type=werkzeug.datastructures.FileStorage) args = profile_parser.parse_args(strict=True) file = img_upload(args.file) if file.get('message'): return file, 400 current_user.img = file.get('filename') file.get('upload').save(file.get('full_path')) return current_user.save(filename=current_user.img), 201 return abort(404)