Merge branch 'master' into email-templates

Conflicts: app/user/rest.py tests/app/user/test_rest.py
2025-12-18 08:02:31 -05:00 · 2016-02-22 13:12:24 +00:00
parent cc720b137f 4516dc4331
commit 886b206d63
10 changed files with 527 additions and 89 deletions
--- a/app/user/rest.py
+++ b/app/user/rest.py
@@ -1,7 +1,5 @@
 from datetime import datetime
 from flask import (jsonify, request, abort, Blueprint, current_app)
-from sqlalchemy.exc import DataError
-from sqlalchemy.orm.exc import NoResultFound
 from app import encryption

 from app.dao.users_dao import (
@@ -14,11 +12,13 @@ from app.dao.users_dao import (
    reset_failed_login_count
 )
 from app.schemas import (
+    old_request_verify_code_schema,
    user_schema,
    users_schema,
    request_verify_code_schema,
    user_schema_load_json
 )
+
 from app.celery.tasks import (send_sms_code, send_email_code)
 from app.errors import register_errors

@@ -45,6 +45,7 @@ def update_user(user_id):
    user = get_model_users(user_id=user_id)
    if not user:
        return jsonify(result="error", message="User not found"), 404
+
    req_json = request.get_json()
    update_dct, errors = user_schema_load_json.load(req_json)
    pwd = req_json.get('password', None)
@@ -55,18 +56,14 @@ def update_user(user_id):
    if errors:
        return jsonify(result="error", message=errors), 400
    status_code = 200
-    save_model_user(user, update_dict=update_dct, pwd=pwd)
-    return jsonify(data=user_schema.dump(user).data), status_code
+    save_model_user(user_to_update, update_dict=update_dct, pwd=pwd)
+    return jsonify(data=user_schema.dump(user_to_update).data), status_code


@user.route('/<int:user_id>/verify/password', methods=['POST'])
 def verify_user_password(user_id):
-    try:
-        user = get_model_users(user_id=user_id)
-    except DataError:
-        return jsonify(result="error", message="Invalid user id"), 400
-    except NoResultFound:
-        return jsonify(result="error", message="User not found"), 404
+    user_to_verify = get_model_users(user_id=user_id)
+
    txt_pwd = None
    try:
        txt_pwd = request.get_json()['password']
@@ -74,22 +71,18 @@ def verify_user_password(user_id):
        return jsonify(
            result="error",
            message={'password': ['Required field missing data']}), 400
-    if user.check_password(txt_pwd):
-        reset_failed_login_count(user)
+    if user_to_verify.check_password(txt_pwd):
+        reset_failed_login_count(user_to_verify)
        return jsonify({}), 204
    else:
-        increment_failed_login_count(user)
+        increment_failed_login_count(user_to_verify)
        return jsonify(result='error', message={'password': ['Incorrect password']}), 400


@user.route('/<int:user_id>/verify/code', methods=['POST'])
 def verify_user_code(user_id):
-    try:
-        user = get_model_users(user_id=user_id)
-    except DataError:
-        return jsonify(result="error", message="Invalid user id"), 400
-    except NoResultFound:
-        return jsonify(result="error", message="User not found"), 404
+    user_to_verify = get_model_users(user_id=user_id)
+
    txt_code = None
    resp_json = request.get_json()
    txt_type = None
@@ -104,7 +97,7 @@ def verify_user_code(user_id):
        errors.update({'code_type': ['Required field missing data']})
    if errors:
        return jsonify(result="error", message=errors), 400
-    code = get_user_code(user, txt_code, txt_type)
+    code = get_user_code(user_to_verify, txt_code, txt_type)
    if not code:
        return jsonify(result="error", message="Code not found"), 404
    if datetime.now() > code.expiry_datetime or code.code_used:
@@ -113,14 +106,9 @@ def verify_user_code(user_id):
    return jsonify({}), 204


-@user.route('/<int:user_id>/code', methods=['POST'])
-def send_user_code(user_id):
-    try:
-        user = get_model_users(user_id=user_id)
-    except DataError:
-        return jsonify(result="error", message="Invalid user id"), 400
-    except NoResultFound:
-        return jsonify(result="error", message="User not found"), 404
+@user.route('/<int:user_id>/sms-code', methods=['POST'])
+def send_user_sms_code(user_id):
+    user_to_send_to = get_model_users(user_id=user_id)

    verify_code, errors = request_verify_code_schema.load(request.get_json())
    if errors:
@@ -128,13 +116,54 @@ def send_user_code(user_id):

    from app.dao.users_dao import create_secret_code
    secret_code = create_secret_code()
-    create_user_code(user, secret_code, verify_code.get('code_type'))
+    create_user_code(user_to_send_to, secret_code, 'sms')
+
+    mobile = user_to_send_to.mobile_number if verify_code.get('to', None) is None else verify_code.get('to')
+    verification_message = {'to': mobile, 'secret_code': secret_code}
+
+    send_sms_code.apply_async([encryption.encrypt(verification_message)], queue='sms-code')
+
+    return jsonify({}), 204
+
+
+@user.route('/<int:user_id>/email-code', methods=['POST'])
+def send_user_email_code(user_id):
+    user_to_send_to = get_model_users(user_id=user_id)
+    print(user_to_send_to)
+    verify_code, errors = request_verify_code_schema.load(request.get_json())
+    if errors:
+        return jsonify(result="error", message=errors), 400
+
+    from app.dao.users_dao import create_secret_code
+    secret_code = create_secret_code()
+    create_user_code(user_to_send_to, secret_code, 'email')
+
+    email = user_to_send_to.email_address if verify_code.get('to', None) is None else verify_code.get('to')
+    verification_message = {'to': email, 'secret_code': secret_code}
+
+    send_email_code.apply_async([encryption.encrypt(verification_message)], queue='email-code')
+
+    return jsonify({}), 204
+
+
+# TODO: Remove this method once the admin app has stopped using it.
+@user.route('/<int:user_id>/code', methods=['POST'])
+def send_user_code(user_id):
+    user_to_send_to = get_model_users(user_id=user_id)
+
+    verify_code, errors = old_request_verify_code_schema.load(request.get_json())
+    if errors:
+        return jsonify(result="error", message=errors), 400
+
+    from app.dao.users_dao import create_secret_code
+    secret_code = create_secret_code()
+    create_user_code(user_to_send_to, secret_code, verify_code.get('code_type'))
    if verify_code.get('code_type') == 'sms':
-        mobile = user.mobile_number if verify_code.get('to', None) is None else verify_code.get('to')
+        mobile = user_to_send_to.mobile_number if verify_code.get('to', None) is None else verify_code.get('to')
        verification_message = {'to': mobile, 'secret_code': secret_code}
        send_sms_code.apply_async([encryption.encrypt(verification_message)], queue='sms-code')
    elif verify_code.get('code_type') == 'email':
-        email = user.email_address if verify_code.get('to', None) is None else verify_code.get('to')
+        email = user_to_send_to.email_address if verify_code.get('to', None) is None else verify_code.get('to')
        verification_message = {
            'to_address': email,
            'from_address': current_app.config['VERIFY_CODE_FROM_EMAIL_ADDRESS'],