FitTrackee/mpwo_api/mpwo_api/users/auth.py

import datetime
from flask import Blueprint, jsonify, request
from sqlalchemy import exc, or_

from mpwo_api import appLog, bcrypt, db

from .models import User
from .utils import authenticate, register_controls

auth_blueprint = Blueprint('auth', __name__)


@auth_blueprint.route('/auth/register', methods=['POST'])
def register_user():
    # get post data
    post_data = request.get_json()
    if not post_data or post_data.get('username') is None \
            or post_data.get('email') is None \
            or post_data.get('password') is None \
            or post_data.get('password_conf') is None:
        response_object = {
            'status': 'error',
            'message': 'Invalid payload.'
        }
        return jsonify(response_object), 400
    username = post_data.get('username')
    email = post_data.get('email')
    password = post_data.get('password')
    password_conf = post_data.get('password_conf')

    ret = register_controls(username, email, password, password_conf)
    if ret != '':
        response_object = {
            'status': 'error',
            'message': 'Errors: ' + ret
        }
        return jsonify(response_object), 400

    try:
        # check for existing user
        user = User.query.filter(
            or_(User.username == username, User.email == email)).first()
        if not user:
            # add new user to db
            new_user = User(
                username=username,
                email=email,
                password=password
            )
            db.session.add(new_user)
            db.session.commit()
            # generate auth token
            auth_token = new_user.encode_auth_token(new_user.id)
            response_object = {
                'status': 'success',
                'message': 'Successfully registered.',
                'auth_token': auth_token.decode()
            }
            return jsonify(response_object), 201
        else:
            response_object = {
                'status': 'error',
                'message': 'Sorry. That user already exists.'
            }
            return jsonify(response_object), 400
    # handler errors
    except (exc.IntegrityError, exc.OperationalError, ValueError) as e:
        db.session.rollback()
        appLog.error(e)

        response_object = {
            'status': 'error',
            'message': 'Error. Please try again or contact the administrator.'
        }
        return jsonify(response_object), 400


@auth_blueprint.route('/auth/login', methods=['POST'])
def login_user():
    # get post data
    post_data = request.get_json()
    if not post_data:
        response_object = {
            'status': 'error',
            'message': 'Invalid payload.'
        }
        return jsonify(response_object), 400
    email = post_data.get('email')
    password = post_data.get('password')
    try:
        # check for existing user
        user = User.query.filter(User.email == email).first()
        if user and bcrypt.check_password_hash(user.password, password):
            # generate auth token
            auth_token = user.encode_auth_token(user.id)
            response_object = {
                'status': 'success',
                'message': 'Successfully logged in.',
                'auth_token': auth_token.decode()
            }
            return jsonify(response_object), 200
        else:
            response_object = {
                'status': 'error',
                'message': 'Invalid credentials.'
            }
            return jsonify(response_object), 404
    # handler errors
    except (exc.IntegrityError, exc.OperationalError, ValueError) as e:
        db.session.rollback()
        appLog.error(e)
        response_object = {
            'status': 'error',
            'message': 'Error. Please try again or contact the administrator.'
        }
        return jsonify(response_object), 500


@auth_blueprint.route('/auth/logout', methods=['GET'])
@authenticate
def logout_user(user_id):
    # get auth token
    auth_header = request.headers.get('Authorization')
    if auth_header:
        auth_token = auth_header.split(" ")[1]
        resp = User.decode_auth_token(auth_token)
        if not isinstance(user_id, str):
            response_object = {
                'status': 'success',
                'message': 'Successfully logged out.'
            }
            return jsonify(response_object), 200
        else:
            response_object = {
                'status': 'error',
                'message': resp
            }
            return jsonify(response_object), 401
    else:
        response_object = {
            'status': 'error',
            'message': 'Provide a valid auth token.'
        }
        return jsonify(response_object), 403


@auth_blueprint.route('/auth/profile', methods=['GET'])
@authenticate
def get_user_status(user_id):
    user = User.query.filter_by(id=user_id).first()
    response_object = {
        'status': 'success',
        'data': {
            'id': user.id,
            'username': user.username,
            'email': user.email,
            'created_at': user.created_at,
            'admin': user.admin,
            'first_name': user.first_name,
            'last_name': user.last_name,
            'bio': user.bio,
            'location': user.location,
            'birth_date': user.birth_date,
        }
    }
    return jsonify(response_object), 200


@auth_blueprint.route('/auth/profile/edit', methods=['POST'])
@authenticate
def edit_user(user_id):
    # get post data
    post_data = request.get_json()
    if not post_data:
        response_object = {
            'status': 'error',
            'message': 'Invalid payload.'
        }
        return jsonify(response_object), 400
    first_name = post_data.get('first_name')
    last_name = post_data.get('last_name')
    bio = post_data.get('bio')
    birth_date = post_data.get('birth_date')
    location = post_data.get('location')
    try:
        user = User.query.filter_by(id=user_id).first()
        user.first_name = first_name
        user.last_name = last_name
        user.bio = bio
        user.location = location
        user.birth_date = (
            datetime.datetime.strptime(birth_date, '%d/%m/%Y')
            if birth_date
            else None
        )
        db.session.commit()

        response_object = {
            'status': 'success',
            'message': 'User profile updated.'
        }
        return jsonify(response_object), 200

    # handler errors
    except (exc.IntegrityError, exc.OperationalError, ValueError) as e:
        db.session.rollback()
        appLog.error(e)
        response_object = {
            'status': 'error',
            'message': 'Error. Please try again or contact the administrator.'
        }
        return jsonify(response_object), 500
API & Client: Profile update 2018-01-01 16:59:46 +01:00			`import datetime`
API: init api w/ user management 2017-12-16 21:00:46 +01:00			`from flask import Blueprint, jsonify, request`
			`from sqlalchemy import exc, or_`

API: minor fixes & db update 2017-12-17 09:16:08 +01:00			`from mpwo_api import appLog, bcrypt, db`
API: init api w/ user management 2017-12-16 21:00:46 +01:00
			`from .models import User`
API & Client: registration controls 2018-01-01 11:10:39 +01:00			`from .utils import authenticate, register_controls`
API: init api w/ user management 2017-12-16 21:00:46 +01:00
			`auth_blueprint = Blueprint('auth', __name__)`


			`@auth_blueprint.route('/auth/register', methods=['POST'])`
			`def register_user():`
			`# get post data`
			`post_data = request.get_json()`
Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register 2017-12-25 17:45:28 +01:00			`if not post_data or post_data.get('username') is None \`
			`or post_data.get('email') is None \`
API & Client: registration controls 2018-01-01 11:10:39 +01:00			`or post_data.get('password') is None \`
			`or post_data.get('password_conf') is None:`
API: init api w/ user management 2017-12-16 21:00:46 +01:00			`response_object = {`
			`'status': 'error',`
			`'message': 'Invalid payload.'`
			`}`
			`return jsonify(response_object), 400`
			`username = post_data.get('username')`
			`email = post_data.get('email')`
			`password = post_data.get('password')`
API & Client: registration controls 2018-01-01 11:10:39 +01:00			`password_conf = post_data.get('password_conf')`

			`ret = register_controls(username, email, password, password_conf)`
			`if ret != '':`
			`response_object = {`
			`'status': 'error',`
			`'message': 'Errors: ' + ret`
			`}`
			`return jsonify(response_object), 400`

API: init api w/ user management 2017-12-16 21:00:46 +01:00			`try:`
			`# check for existing user`
			`user = User.query.filter(`
			`or_(User.username == username, User.email == email)).first()`
			`if not user:`
			`# add new user to db`
			`new_user = User(`
			`username=username,`
			`email=email,`
			`password=password`
			`)`
			`db.session.add(new_user)`
			`db.session.commit()`
			`# generate auth token`
			`auth_token = new_user.encode_auth_token(new_user.id)`
			`response_object = {`
			`'status': 'success',`
			`'message': 'Successfully registered.',`
			`'auth_token': auth_token.decode()`
			`}`
			`return jsonify(response_object), 201`
			`else:`
			`response_object = {`
			`'status': 'error',`
			`'message': 'Sorry. That user already exists.'`
			`}`
			`return jsonify(response_object), 400`
			`# handler errors`
			`except (exc.IntegrityError, exc.OperationalError, ValueError) as e:`
			`db.session.rollback()`
API: minor fixes & db update 2017-12-17 09:16:08 +01:00			`appLog.error(e)`
Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register 2017-12-25 17:45:28 +01:00
API: init api w/ user management 2017-12-16 21:00:46 +01:00			`response_object = {`
			`'status': 'error',`
Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register 2017-12-25 17:45:28 +01:00			`'message': 'Error. Please try again or contact the administrator.'`
API: init api w/ user management 2017-12-16 21:00:46 +01:00			`}`
			`return jsonify(response_object), 400`


			`@auth_blueprint.route('/auth/login', methods=['POST'])`
			`def login_user():`
			`# get post data`
			`post_data = request.get_json()`
			`if not post_data:`
			`response_object = {`
			`'status': 'error',`
			`'message': 'Invalid payload.'`
			`}`
			`return jsonify(response_object), 400`
			`email = post_data.get('email')`
			`password = post_data.get('password')`
			`try:`
			`# check for existing user`
			`user = User.query.filter(User.email == email).first()`
			`if user and bcrypt.check_password_hash(user.password, password):`
			`# generate auth token`
			`auth_token = user.encode_auth_token(user.id)`
			`response_object = {`
			`'status': 'success',`
			`'message': 'Successfully logged in.',`
			`'auth_token': auth_token.decode()`
			`}`
			`return jsonify(response_object), 200`
			`else:`
			`response_object = {`
			`'status': 'error',`
API & Client: registration controls 2018-01-01 11:10:39 +01:00			`'message': 'Invalid credentials.'`
API: init api w/ user management 2017-12-16 21:00:46 +01:00			`}`
			`return jsonify(response_object), 404`
			`# handler errors`
			`except (exc.IntegrityError, exc.OperationalError, ValueError) as e:`
			`db.session.rollback()`
API: minor fixes & db update 2017-12-17 09:16:08 +01:00			`appLog.error(e)`
API: init api w/ user management 2017-12-16 21:00:46 +01:00			`response_object = {`
			`'status': 'error',`
Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register 2017-12-25 17:45:28 +01:00			`'message': 'Error. Please try again or contact the administrator.'`
API: init api w/ user management 2017-12-16 21:00:46 +01:00			`}`
			`return jsonify(response_object), 500`


			`@auth_blueprint.route('/auth/logout', methods=['GET'])`
Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register 2017-12-25 17:45:28 +01:00			`@authenticate`
			`def logout_user(user_id):`
API: init api w/ user management 2017-12-16 21:00:46 +01:00			`# get auth token`
			`auth_header = request.headers.get('Authorization')`
			`if auth_header:`
			`auth_token = auth_header.split(" ")[1]`
			`resp = User.decode_auth_token(auth_token)`
Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register 2017-12-25 17:45:28 +01:00			`if not isinstance(user_id, str):`
API: init api w/ user management 2017-12-16 21:00:46 +01:00			`response_object = {`
			`'status': 'success',`
			`'message': 'Successfully logged out.'`
			`}`
			`return jsonify(response_object), 200`
			`else:`
			`response_object = {`
			`'status': 'error',`
			`'message': resp`
			`}`
			`return jsonify(response_object), 401`
			`else:`
			`response_object = {`
			`'status': 'error',`
			`'message': 'Provide a valid auth token.'`
			`}`
			`return jsonify(response_object), 403`
Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register 2017-12-25 17:45:28 +01:00

			`@auth_blueprint.route('/auth/profile', methods=['GET'])`
			`@authenticate`
			`def get_user_status(user_id):`
			`user = User.query.filter_by(id=user_id).first()`
			`response_object = {`
			`'status': 'success',`
			`'data': {`
			`'id': user.id,`
			`'username': user.username,`
			`'email': user.email,`
			`'created_at': user.created_at,`
			`'admin': user.admin,`
API & Client: Profile update 2018-01-01 16:59:46 +01:00			`'first_name': user.first_name,`
			`'last_name': user.last_name,`
			`'bio': user.bio,`
			`'location': user.location,`
			`'birth_date': user.birth_date,`
Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register 2017-12-25 17:45:28 +01:00			`}`
			`}`
			`return jsonify(response_object), 200`
API & Client: Profile update 2018-01-01 16:59:46 +01:00

			`@auth_blueprint.route('/auth/profile/edit', methods=['POST'])`
			`@authenticate`
			`def edit_user(user_id):`
			`# get post data`
			`post_data = request.get_json()`
			`if not post_data:`
			`response_object = {`
			`'status': 'error',`
			`'message': 'Invalid payload.'`
			`}`
			`return jsonify(response_object), 400`
			`first_name = post_data.get('first_name')`
			`last_name = post_data.get('last_name')`
			`bio = post_data.get('bio')`
			`birth_date = post_data.get('birth_date')`
			`location = post_data.get('location')`
			`try:`
			`user = User.query.filter_by(id=user_id).first()`
			`user.first_name = first_name`
			`user.last_name = last_name`
			`user.bio = bio`
			`user.location = location`
			`user.birth_date = (`
			`datetime.datetime.strptime(birth_date, '%d/%m/%Y')`
			`if birth_date`
			`else None`
			`)`
			`db.session.commit()`

			`response_object = {`
			`'status': 'success',`
			`'message': 'User profile updated.'`
			`}`
			`return jsonify(response_object), 200`

			`# handler errors`
			`except (exc.IntegrityError, exc.OperationalError, ValueError) as e:`
			`db.session.rollback()`
			`appLog.error(e)`
			`response_object = {`
			`'status': 'error',`
			`'message': 'Error. Please try again or contact the administrator.'`
			`}`
			`return jsonify(response_object), 500`