From 82b3e784880155cf95dd4246e4acee1f4085b521 Mon Sep 17 00:00:00 2001
From: Tobias Kurze <tobias@hqt.fritz.box>
Date: Wed, 5 Aug 2020 16:36:14 +0200
Subject: [PATCH] improved register endpoint, etc.

---
 backend/__init__.py          |  3 +++
 backend/api/auth_api.py      | 33 +++++++++++++++++++--------------
 backend/api/recorder_api.py  |  2 +-
 backend/api/room_api.py      |  2 +-
 backend/models/user_model.py |  8 +++++++-
 5 files changed, 31 insertions(+), 17 deletions(-)

diff --git a/backend/__init__.py b/backend/__init__.py
index 51da985..bb500ff 100644
--- a/backend/__init__.py
+++ b/backend/__init__.py
@@ -175,6 +175,9 @@ app.register_blueprint(fe_bp)
 
 CORS(app)
 CORS(api_bp)
+CORS(auth_api_bp)
+
+logging.getLogger('flask_cors').level = logging.DEBUG
 
 # Fix jwt_extended by 'duck typing' error handlers
 # jwt_extended._set_error_handler_callbacks(api_v1)  # removed for the moment, might raise new (old) problems
diff --git a/backend/api/auth_api.py b/backend/api/auth_api.py
index 82ceff5..cbc41f7 100644
--- a/backend/api/auth_api.py
+++ b/backend/api/auth_api.py
@@ -22,11 +22,13 @@ from random import randint
 from flask_login import logout_user, login_user
 from typing import Iterable
 
-from flask_restx import Resource, fields
+from flask_restx import Resource, fields, abort, inputs
+from sqlalchemy.exc import IntegrityError
 from werkzeug.routing import BuildError
 
 from backend import db, app, jwt_extended
 from backend.api import auth_api_bp, auth_api_providers_ns, auth_api_register_ns
+from backend.api.models import user_model
 from backend.auth import AUTH_PROVIDERS, oidc_auth
 from backend.auth.oidc_config import PROVIDER_NAME
 from backend.models.user_model import User, Group, BlacklistToken
@@ -53,15 +55,6 @@ class AuthProviders(Resource):
         return get_auth_providers()
 
 
-@auth_api_bp.route('/register', methods=('POST',))
-def register():
-    data = request.get_json()
-    user = User(**data)
-    db.session.add(user)
-    db.session.commit()
-    return jsonify(user.to_dict()), 201
-
-
 @auth_api_register_ns.route('/')
 @auth_api_register_ns.expect(auth_api_register_ns.model('RegisterModel', {
     'nickname': fields.String(required=False, description='The user\'s nickname'),
@@ -69,12 +62,24 @@ def register():
     'last_name': fields.String(required=False, description='The user\'s last name'),
     'lang': fields.String(required=False, description='The user\'s preferred language'),
     'timezone': fields.String(required=False, description='The user\'s preferred timezone'),
-    'email': fields.String(required=True, description='The user\'s e-mail address'),
+    'email': fields.String(required=True, type=inputs.email(), description='The user\'s e-mail address'),
     'password': fields.String(required=False, description='The group\'s name')
 }))
-class AuthProviders(Resource):
-    def get(self):
-        return register()
+class Registration(Resource):
+    @auth_api_register_ns.marshal_list_with(user_model)
+    def post(self):
+        print("in registration")
+        data = request.get_json()
+        try:
+            user = User(**data)
+            db.session.add(user)
+            db.session.commit()
+            pprint(user.to_dict())
+            return user, 201
+        except IntegrityError as e:
+            abort(400, message=str(e).split('\n')[0].split(')')[1].strip())
+        except AssertionError as e:
+            abort(400, message=str(e))
 
 
 @auth_api_bp.route('/login', methods=('GET', 'POST',))
diff --git a/backend/api/recorder_api.py b/backend/api/recorder_api.py
index 2abd75c..3a8609b 100644
--- a/backend/api/recorder_api.py
+++ b/backend/api/recorder_api.py
@@ -125,7 +125,7 @@ class RecorderList(Resource):
             return recorder
         except LrcException as e:
             logger.error(e)
-            return api_recorder.abort(400, str(e))
+            return api_recorder.abort(400, message=str(e))
 
 
 @api_recorder.route('/model/<int:id>')
diff --git a/backend/api/room_api.py b/backend/api/room_api.py
index e80969e..1e9b30e 100644
--- a/backend/api/room_api.py
+++ b/backend/api/room_api.py
@@ -128,4 +128,4 @@ class RoomList(Resource):
                 return str(e.detail), 400
         except LrcException as e:
             logger.error(e)
-            return api_room.abort(400, str(e))
+            return api_room.abort(400, message=str(e))
diff --git a/backend/models/user_model.py b/backend/models/user_model.py
index 44f6c50..5f02ebe 100644
--- a/backend/models/user_model.py
+++ b/backend/models/user_model.py
@@ -5,7 +5,7 @@ Example user model and related models
 import json
 
 import sqlalchemy
-from sqlalchemy.orm import relation
+from sqlalchemy.orm import relation, validates
 from sqlalchemy import MetaData, any_
 
 from backend import db, app, login_manager
@@ -20,6 +20,7 @@ from datetime import datetime, timedelta
 from passlib.hash import sha256_crypt
 from hashlib import md5
 
+
 metadata = MetaData()
 
 followers = db.Table('followers',
@@ -137,6 +138,11 @@ class User(UserMixin, db.Model):
         if external_user is not None:
             self.external_user = external_user
 
+    @validates('email')
+    def validate_address(self, key, email):
+        assert re.match(r"[^@]+@[^@]+\.[^@]+", email), "email is invalid"
+        return email
+
     @staticmethod
     @login_manager.user_loader
     def get_by_identifier(identifier):