Notice: This page requires JavaScript to function properly.
Please enable JavaScript in your browser settings or update your browser.学ぶ User Registration | Authentication with JWT
Professional Web API with Flask

bookUser Registration

メニューを表示するにはスワイプしてください

We have already defined a model and schema for the User. Additionally, we have several endpoints for reading user information.

Adding a User Registration Endpoint

In the resources/user.py file, we will add a new class UserRegister with a post method to allow users to register on our site. We specify the endpoint URL using the blueprint route decorator. For the post method, we use the blueprint arguments decorator that links the method to the UserSchema.

@blp.route("/register")
class UserRegister(MethodView):
   @blp.arguments(UserSchema)
   def post(self, user_data):
        ...

Username Existence Check

We write a condition to check for the existence of the same username in the database. If such a username already exists, we return an error. If the check passes and the username is unique, we create a new user with the data received in the user data dictionary.

@blp.route("/register")
class UserRegister(MethodView):
   @blp.arguments(UserSchema)
   def post(self, user_data):
       if UserModel.query.filter_by(username=user_data["username"]).first():
           abort(409, message="A user with that username already exists.")
        ...

Using Passlib for Password Hashing

We use the additional library passlib.hash from which we import pbkdf2_sha256 to ensure that plain passwords are not stored in the database. This way, even if our database is compromised, the attackers cannot easily read the passwords because they are encrypted when written to the database and cannot be decrypted back into a readable password.

We add the new user to the database and save the changes.

@blp.route("/register")
class UserRegister(MethodView):
   @blp.arguments(UserSchema)
   def post(self, user_data):
       if UserModel.query.filter_by(username=user_data["username"]).first():
           abort(409, message="A user with that username already exists.")
       user = UserModel(
           username=user_data["username"],
           password=pbkdf2_sha256.hash(user_data["password"]),
       )
       db.session.add(user)
       db.session.commit()
       return {"message": "User created successfully."}

We also need to add a password field to our schemas, which will be mandatory and only for loading, not available for reading.

class UserSchema(PlainUserSchema):
    id = fields.Int(dump_only=True)
    username = fields.Str(required=True)
    password = fields.Str(required=True, load_only=True)
    teams = fields.List(fields.Nested(PlainTeamSchema()), dump_only=True)

In the next chapters, we will write our next endpoints for login and logout.

1. What does the blueprint route decorator @blp.route specify in Flask?

2. What happens if a user tries to register with a username that already exists in the database?

3. If a registration attempt is made with a duplicate username, what HTTP status code should the error response ideally have?

question mark

What does the blueprint route decorator @blp.route specify in Flask?

正しい答えを選んでください

question mark

What happens if a user tries to register with a username that already exists in the database?

正しい答えを選んでください

question mark

If a registration attempt is made with a duplicate username, what HTTP status code should the error response ideally have?

正しい答えを選んでください

すべて明確でしたか?

どのように改善できますか?

フィードバックありがとうございます!

セクション 5.  3

AIに質問する

expand

AIに質問する

ChatGPT

何でも質問するか、提案された質問の1つを試してチャットを始めてください

セクション 5.  3
some-alt