API - refacto + remove unused endpoint for now

fittrackee/users/auth.py

@@ -227,67 +227,6 @@ def login_user() -> Union[Dict, HttpResponse]:
         return handle_error_and_return_response(e, db=db)
 
 
-@auth_blueprint.route('/auth/logout', methods=['GET'])
-@authenticate
-def logout_user(auth_user: User) -> Union[Dict, HttpResponse]:
-    """
-    user logout
-
-    **Example request**:
-
-    .. sourcecode:: http
-
-      GET /api/auth/logout HTTP/1.1
-      Content-Type: application/json
-
-    **Example responses**:
-
-    - successful logout
-
-    .. sourcecode:: http
-
-      HTTP/1.1 200 OK
-      Content-Type: application/json
-
-      {
-        "message": "successfully logged out",
-        "status": "success"
-      }
-
-    - error on login
-
-    .. sourcecode:: http
-
-      HTTP/1.1 401 UNAUTHORIZED
-      Content-Type: application/json
-
-      {
-        "message": "provide a valid auth token",
-        "status": "error"
-      }
-
-    :reqheader Authorization: OAuth 2.0 Bearer Token
-
-    :statuscode 200: successfully logged out
-    :statuscode 401: provide a valid auth token
-
-    """
-    # get auth token
-    auth_header = request.headers.get('Authorization')
-    if not auth_header:
-        return UnauthorizedErrorResponse('provide a valid auth token')
-
-    auth_token = auth_header.split(' ')[1]
-    resp = User.decode_auth_token(auth_token)
-    if isinstance(resp, str):
-        return UnauthorizedErrorResponse(resp)
-
-    return {
-        'status': 'success',
-        'message': 'successfully logged out',
-    }
-
-
 @auth_blueprint.route('/auth/profile', methods=['GET'])
 @authenticate
 def get_authenticated_user_profile(

fittrackee/users/users.py

@@ -31,7 +31,6 @@ from .decorators import authenticate, authenticate_as_admin
 from .exceptions import UserNotFoundException
 from .models import User, UserSportPreference
 from .utils.admin import set_admin_rights
-from .utils.random import random_string
 
 users_blueprint = Blueprint('users', __name__)
 
@@ -514,7 +513,7 @@ def update_user(auth_user: User, user_name: str) -> Union[Dict, HttpResponse]:
             'reset_password' in user_data
             and user_data['reset_password'] is True
         ):
-            new_password = random_string(length=random.randint(10, 20))
+            new_password = secrets.token_urlsafe(random.randint(16, 20))
             user.password = bcrypt.generate_password_hash(
                 new_password, current_app.config.get('BCRYPT_LOG_ROUNDS')
             ).decode()

fittrackee/users/utils/random.py

@@ -1,12 +0,0 @@
-import random
-import string
-from typing import Optional
-
-
-def random_string(length: Optional[int] = None) -> str:
-    if length is None:
-        length = 10
-    return ''.join(
-        random.choice(string.ascii_letters + string.digits)
-        for _ in range(length)
-    )