API tools faq
paste
Advertisement
KNenov96

Untitled

KNenov96
Mar 12th, 2023
90
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 2.69 KB | None | 0 0
raw download clone embed print report
  1. from werkzeug.security import generate_password_hash
  2. from flask import Flask
  3. from flask_restful import Api, Resource, request
  4. from flask_sqlalchemy import SQLAlchemy
  5. from marshmallow import Schema, fields, ValidationError, validate, validates
  6. from flask_migrate import Migrate
  7. from decouple import config
  8. from password_strength import PasswordPolicy
  9.  
  10. app = Flask(__name__)
  11. db_user = config('DB_USER')
  12. db_pw = config('DB_PASSWORD')
  13. db_name = config('DB_NAME')
  14. db_port = config('DB_PORT')
  15. app.config['SQLALCHEMY_DATABASE_URI'] = f'postgresql://{db_user}:{db_pw}@localhost:{db_port}/{db_name}'
  16.  
  17. db = SQLAlchemy(app)
  18. api = Api(app)
  19. migrate = Migrate(app, db)
  20. policy = PasswordPolicy.from_names(uppercase=1, numbers=1, special=1, nonletters=1)
  21.  
  22.  
  23. class Client(db.Model):
  24.     id = db.Column(db.Integer, primary_key=True)
  25.     username = db.Column(db.String, nullable=False)
  26.     password = db.Column(db.String, nullable=False)
  27.     role = db.Column(db.String, nullable=True, server_default="user")
  28.  
  29.  
  30. def validate_password(value):
  31.     errors = policy.test(value)
  32.     if errors:
  33.         raise ValidationError(f"Not a valid password")
  34.  
  35.  
  36. def user_name_not_exist(value):
  37.     if value not in [name.username for name in Client.query.all()]:
  38.         raise ValidationError(f"User doesnt exists")
  39.  
  40.  
  41. def password_not_match(value):
  42.     user = Client.query.filter_by(username=request.json["username"]).first()
  43.     if user and user.password != generate_password_hash(value, method='sha256'):
  44.         raise ValidationError(f"Wrong password! Try again.")
  45.  
  46.  
  47. class ClientValidation(Schema):
  48.     username = fields.String(required=True)
  49.     password = fields.String(required=True, validate=validate.And(validate.Length(min=8, max=20), validate_password))
  50.  
  51.  
  52. class LogInValidation(Schema):
  53.     username = fields.String(required=True, validate=user_name_not_exist)
  54.     password = fields.String(required=True, validate=password_not_match)
  55.  
  56.  
  57. class SignUp(Resource):
  58.     def post(self):
  59.         data = request.get_json()
  60.         schema = ClientValidation()
  61.         errors = schema.validate(data)
  62.  
  63.         if not errors:
  64.             data["password"] = generate_password_hash(data["password"], method='sha256')
  65.             client = Client(**data)
  66.             db.session.add(client)
  67.             db.session.commit()
  68.             return 201
  69.  
  70.         return errors
  71.  
  72.  
  73. class LogIn(Resource):
  74.     def post(self):
  75.         data = request.get_json()
  76.         schema = LogInValidation()
  77.         errors = schema.validate(data)
  78.  
  79.         if not errors:
  80.             return 201
  81.         return errors
  82.  
  83.  
  84. api.add_resource(SignUp, "/sign_up")
  85. api.add_resource(LogIn, "/login")
  86.  
  87. if __name__ == "__main__":
  88.     app.run(debug=True)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!