Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- from werkzeug.security import generate_password_hash
- from flask import Flask
- from flask_restful import Api, Resource, request
- from flask_sqlalchemy import SQLAlchemy
- from marshmallow import Schema, fields, ValidationError, validate, validates
- from flask_migrate import Migrate
- from decouple import config
- from password_strength import PasswordPolicy
- app = Flask(__name__)
- db_user = config('DB_USER')
- db_pw = config('DB_PASSWORD')
- db_name = config('DB_NAME')
- db_port = config('DB_PORT')
- app.config['SQLALCHEMY_DATABASE_URI'] = f'postgresql://{db_user}:{db_pw}@localhost:{db_port}/{db_name}'
- db = SQLAlchemy(app)
- api = Api(app)
- migrate = Migrate(app, db)
- policy = PasswordPolicy.from_names(uppercase=1, numbers=1, special=1, nonletters=1)
- class Client(db.Model):
- id = db.Column(db.Integer, primary_key=True)
- username = db.Column(db.String, nullable=False)
- password = db.Column(db.String, nullable=False)
- role = db.Column(db.String, nullable=True, server_default="user")
- def validate_password(value):
- errors = policy.test(value)
- if errors:
- raise ValidationError(f"Not a valid password")
- def user_name_not_exist(value):
- if value not in [name.username for name in Client.query.all()]:
- raise ValidationError(f"User doesnt exists")
- def password_not_match(value):
- user = Client.query.filter_by(username=request.json["username"]).first()
- if user and user.password != generate_password_hash(value, method='sha256'):
- raise ValidationError(f"Wrong password! Try again.")
- class ClientValidation(Schema):
- username = fields.String(required=True)
- password = fields.String(required=True, validate=validate.And(validate.Length(min=8, max=20), validate_password))
- class LogInValidation(Schema):
- username = fields.String(required=True, validate=user_name_not_exist)
- password = fields.String(required=True, validate=password_not_match)
- class SignUp(Resource):
- def post(self):
- data = request.get_json()
- schema = ClientValidation()
- errors = schema.validate(data)
- if not errors:
- data["password"] = generate_password_hash(data["password"], method='sha256')
- client = Client(**data)
- db.session.add(client)
- db.session.commit()
- return 201
- return errors
- class LogIn(Resource):
- def post(self):
- data = request.get_json()
- schema = LogInValidation()
- errors = schema.validate(data)
- if not errors:
- return 201
- return errors
- api.add_resource(SignUp, "/sign_up")
- api.add_resource(LogIn, "/login")
- if __name__ == "__main__":
- app.run(debug=True)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement