Add user endpoint to pull users

Signed-off-by: Sachin S. Kamath <sskamath96@gmail.com>

Add user endpoint to pull users
8e7c16dc · Sachin Kamath · a187ac33 · 8e7c16dc · 8e7c16dc
Verified Commit 8e7c16dc authored 7 years ago by Sachin Kamath
--- a/hodor/controllers/user.py
+++ b/hodor/controllers/user.py
@@ -8,18 +8,29 @@ from sqlalchemy.exc import IntegrityError
 # Get all Users
 @app.route('/users', methods=['GET', 'POST'])
 def get_all_users():
-    response = {}
-    response['status'] = 200
-    response ['data'] = []
+    # TODO: Authentication for calling this API endpoint. Admin only.
    """
    This function iterates the database to find all users and returns it as JSON.
    :return: Response Code
    """
+    response = dict()
+    response['status'] = 200
+    response['data'] = []
+
+    for user in User.get_all():
+        current_user = dict()
+        '''
+        This can be done by directly dumping the dictionary but there's always a risk of data leak.
+        So, we pick what we need to give out out of the API.
+        '''
+        current_user['username'] = user.username
+        current_user['first_name'] = user.first_name
+        current_user['last_name'] = user.last_name
+        current_user['email'] = user.email
+        current_user['verified_account'] = user.verified_account
+        response['data'].append(current_user)

-    for ele in User.get_all():
-        user = ele.__dict__
-        print user
-    return 'Work in Progress'
+    return response


 @app.route('/users/new', methods=['GET', 'POST'])
@@ -37,11 +48,10 @@ def add_new_user():
            newuser['last_name'] = str(request.data.get('last_name').strip())
            newuser['email'] = str(request.data.get('email').strip())
            newuser['password'] = str(request.data.get('password').strip())
-            newuser['verification_code'] = str(request.data.get('verification_code').strip()) or newuser['verification_code']
+            newuser['verification_code'] = str(request.data.get('verification_code').strip())
        except Exception as e:
            print(e)
            abort(500)
-        print newuser
        user = User(**newuser)
        user.save()
    return make_response(jsonify(status=201, msg="User {} successfully added to database".format(user.username)), 201)

--- a/hodor/models/user.py
+++ b/hodor/models/user.py
@@ -12,6 +12,7 @@ class User(db.Model):
    first_name = db.Column(db.String(32), nullable=False)
    last_name = db.Column(db.String(32), nullable=False)
    email = db.Column(db.String(64), unique=True, nullable=False)
+    country = db.Column(db.String(64))
    '''PasswordType is an awesome function. To check for passwords later, 
        you can just do user['password'] == 'plaintext' for a boolean response.'''
    password = db.Column(PasswordType(