diff --git a/app/user/rest.py b/app/user/rest.py index b0966a0b8..325253fd0 100644 --- a/app/user/rest.py +++ b/app/user/rest.py @@ -7,7 +7,7 @@ from app.dao.users_dao import ( get_model_users, save_model_user, delete_model_user, create_user_code, get_user_code, use_user_code, increment_failed_login_count) from app.schemas import ( - user_schema, users_schema, service_schema, services_schema) + user_schema, users_schema, service_schema, services_schema, verify_code_schema) from app import db, notify_alpha_client from flask import Blueprint @@ -113,23 +113,24 @@ def send_user_code(user_id): except NoResultFound: return jsonify(result="error", message="User not found"), 404 - try: - verify_code = request.get_json() - except KeyError: - return jsonify(result='error', message='Malformed json'), 400 + request_json = request.get_json() + + verify_code, errors = verify_code_schema.load(request_json) + if errors: + return jsonify(result="error", message=errors), 400 from app.dao.users_dao import create_secret_code secret_code = create_secret_code() - create_user_code(user, secret_code, verify_code['code_type']) + create_user_code(user, secret_code, verify_code.code_type) # TODO this will need to fixed up when we stop using # notify_alpha_client - if verify_code['code_type'] == 'sms': - mobile = user.mobile_number if 'to' not in verify_code else verify_code['to'] + if verify_code.code_type == 'sms': + mobile = user.mobile_number if 'to' not in request_json else request_json['to'] notify_alpha_client.send_sms( mobile_number=mobile, message=secret_code) - elif verify_code['code_type'] == 'email': - email = user.email_address if 'to' not in verify_code else verify_code['to'] + elif verify_code.code_type == 'email': + email = user.email_address if 'to' not in request_json else request_json['to'] notify_alpha_client.send_email( email, secret_code,