User Registration

We have already defined a model and schema for the User. Additionally, we have several endpoints for reading user information.

Adding a User Registration Endpoint

In the resources/user.py file, we will add a new class UserRegister with a post method to allow users to register on our site. We specify the endpoint URL using the blueprint route decorator. For the post method, we use the blueprint arguments decorator that links the method to the UserSchema.

Username Existence Check

We write a condition to check for the existence of the same username in the database. If such a username already exists, we return an error. If the check passes and the username is unique, we create a new user with the data received in the user data dictionary.

Using Passlib for Password Hashing

We use the additional library passlib.hash from which we import pbkdf2_sha256 to ensure that plain passwords are not stored in the database. This way, even if our database is compromised, the attackers cannot easily read the passwords because they are encrypted when written to the database and cannot be decrypted back into a readable password.

We add the new user to the database and save the changes.

We also need to add a password field to our schemas, which will be mandatory and only for loading, not available for reading.

In the next chapters, we will write our next endpoints for login and logout.