def signup():
form = SignupForm()
if form.validate_on_submit():
user = Users.query.filter_by(email=form.email.data).first()
if user:
return jsonify({'success': False, 'invalid_email': True})
else:
new_user = Users(username=form.username.data,
email=form.email.data,
password=Users.hash_password(form.password.data))
db.session.add(new_user)
db.session.commit()
return jsonify({
'success': True,
'token': new_user.generate_auth_token(),
'user': new_user.user_info()
})
else:
return jsonify({
'success': False,
'errors': {
'email': form.email.errors,
'password': form.password.errors,
'username': form.username.errors
}
})
def init_user():
users = Users.query.all()
if len(users) == 0:
user = Users(username="******",
email="*****@*****.**",
password=Users.hash_password('123456'))
db.session.add(user)
db.session.commit()
init_keeper(user)
def put(self, token, pin=1234, id=None):
user = Users.verify_auth_token(token)
if user and user.verify_keeper_key(pin):
password_data = user.keeper.filter_by(id=id).first()
if password_data:
data = row_data.parse_args()
password_data.label = data['label']
password_data.account = user.encrypt(data['account'], pin,
data['label'])
password_data.password = user.encrypt(data['password'], pin,
data['label'])
if data['password_original']:
password_data.password_original = user.encrypt(
data['password_original'], pin, data['label'])
password_data.link = data['link'],
password_data.modified_date = datetime.utcnow()
db.session.commit()
password_data.account = data['account']
password_data.password = data['password']
password_data.password_original = data['password_original']
return password_data
else:
abort(404, message='invalid user data')
else:
abort(404, message="invalid user token or pin")
def init_user():
users = Users.query.all()
if len(users) == 0:
user = Users(username="******", email="*****@*****.**", password=Users.hash_password('123456'))
db.session.add(user)
db.session.commit()
init_keeper(user)
def get(self, token, target=None):
user = Users.verify_auth_token(token)
if user:
return {'user': user.user_info()}
else:
abort(404,
message="user with token '{}' do not exist".format(token))
def get(self, token, length=20):
user = Users.verify_auth_token(token)
if user:
return {"random": ''.join(sample(ascii_letters + digits, length))}
else:
abort(404,
message="user with token '{}' do not exist".format(token))
def post(self, token, target):
user = Users.verify_auth_token(token)
if user:
if target in update_list:
data = row_data.parse_args()
if target == "username":
user.username = data["data"]
elif target == "password":
user.password = Users.hash_password(data["data"])
elif target == "verify":
return {"matched": user.verify_password(data["data"])}
else:
user.email = data["data"]
db.session.commit()
return {"user": user.user_info()}
else:
return abort(404, message="target error")
else:
abort(404, message="user with token '{}' do not exist".format(token))
def get(self, token, pin=1234, id=None):
user = Users.verify_auth_token(token)
if user and user.verify_keeper_key(pin):
passwords = user.keeper.all()
for each in passwords:
each.account = user.decrypt(each.account, pin, each.label)
each.password = user.decrypt(each.password, pin, each.label)
if each.password_original is not None:
each.password_original = user.decrypt(each.password_original, pin, each.label)
return passwords
else:
abort(404, message="invalid user token or pin")
def post(self, token, target):
user = Users.verify_auth_token(token)
if user:
if target in update_list:
data = row_data.parse_args()
if target == 'username':
user.username = data['data']
elif target == 'password':
user.password = Users.hash_password(data['data'])
elif target == 'verify':
return {'matched': user.verify_password(data['data'])}
else:
user.email = data['data']
db.session.commit()
return {'user': user.user_info()}
else:
return abort(404, message="target error")
else:
abort(404,
message="user with token '{}' do not exist".format(token))
def delete(self, token, pin=1234, id=None):
user = Users.verify_auth_token(token)
if user and user.verify_keeper_key(pin):
password_data = user.keeper.filter_by(id=id).first()
if password_data:
db.session.delete(password_data)
db.session.commit()
return {'state': 'done'}, 200
else:
return "None content found", 204
else:
abort(404, message="invalid user token or pin")
def delete(self, token, pin=1234, id=None):
user = Users.verify_auth_token(token)
if user and user.verify_keeper_key(pin):
password_data = user.keeper.filter_by(id=id).first()
if password_data:
db.session.delete(password_data)
db.session.commit()
return {'state': 'done'}, 200
else:
return "None content found", 204
else:
abort(404, message="invalid user token or pin")
def get(self, token, target, item, new_value, old_value=None):
user = Users.verify_auth_token(token)
if user:
if target == "keeper":
if item == "pin":
if not user.keeper_active:
user.keeper_key = user.generate_keeper_key(new_value)
user.keeper_active = True
db.session.commit()
return 'initialized', 200
else:
if user.verify_keeper_key(old_value):
data = user.keeper.all()
for each in data:
each.account = user.encrypt(
user.decrypt(each.account, old_value,
each.label), new_value,
each.label)
each.password = user.encrypt(
user.decrypt(each.password, old_value,
each.label), new_value,
each.label)
if each.password_original:
each.password_original = user.encrypt(
user.decrypt(each.password_original,
old_value, each.label),
new_value, each.label)
user.keeper_key = user.generate_keeper_key(
new_value)
db.session.commit()
return 'done', 200
else:
return 'valid pin', 404
elif item == "length":
user.keeper_length = new_value
db.session.commit()
return 'done', 200
else:
abort(404,
message='invalid item:{} for target:{}'.format(
item, target))
elif target == "verify":
if item == "pin":
return {'valid': user.verify_keeper_key(new_value)}, 200
else:
abort(404,
message='invalid item:{} for target:{}'.format(
item, target))
else:
abort(404, message='invalid target: {}'.format(target))
else:
abort(404, message='invalid user token: {}'.format(token))
def get(self, token, pin=1234, id=None):
user = Users.verify_auth_token(token)
if user and user.verify_keeper_key(pin):
passwords = user.keeper.all()
for each in passwords:
each.account = user.decrypt(each.account, pin, each.label)
each.password = user.decrypt(each.password, pin, each.label)
if each.password_original is not None:
each.password_original = user.decrypt(
each.password_original, pin, each.label)
return passwords
else:
abort(404, message="invalid user token or pin")
def signup():
form = SignupForm()
if form.validate_on_submit():
user = Users.query.filter_by(email=form.email.data).first()
if user:
return jsonify({'success': False, 'invalid_email': True})
else:
new_user = Users(
username=form.username.data,
email=form.email.data,
password=Users.hash_password(form.password.data))
db.session.add(new_user)
db.session.commit()
return jsonify({
'success': True,
'token': new_user.generate_auth_token(),
'user': new_user.user_info()
})
else:
return jsonify({'success': False, 'errors': {
'email': form.email.errors,
'password': form.password.errors,
'username': form.username.errors}})
def post(self, token, pin=1234, id=None):
user = Users.verify_auth_token(token)
if user and user.verify_keeper_key(pin):
data = row_data.parse_args()
password_data = Keeper(
owner=user,
label=data['label'],
account=user.encrypt(data['account'], pin, data['label']),
password=user.encrypt(data['password'], pin, data['label']),
link=data['link'])
db.session.add(password_data)
db.session.commit()
return Keeper(owner=user,
label=data['label'],
account=data['account'],
password=data['password'],
link=data['link'])
else:
abort(404, message="invalid user token or pin")
def post(self, token, pin=1234, id=None):
user = Users.verify_auth_token(token)
if user and user.verify_keeper_key(pin):
data = row_data.parse_args()
password_data = Keeper(
owner=user,
label=data['label'],
account=user.encrypt(data['account'], pin, data['label']),
password=user.encrypt(data['password'], pin, data['label']),
link=data['link']
)
db.session.add(password_data)
db.session.commit()
return Keeper(
owner=user,
label=data['label'],
account=data['account'],
password=data['password'],
link=data['link']
)
else:
abort(404, message="invalid user token or pin")
def get(self, token, target, item, new_value, old_value=None):
user = Users.verify_auth_token(token)
if user:
if target == "keeper":
if item == "pin":
if not user.keeper_active:
user.keeper_key = user.generate_keeper_key(new_value)
user.keeper_active = True
db.session.commit()
return 'initialized', 200
else:
if user.verify_keeper_key(old_value):
data = user.keeper.all()
for each in data:
each.account = user.encrypt(user.decrypt(each.account, old_value, each.label), new_value, each.label)
each.password = user.encrypt(user.decrypt(each.password, old_value, each.label), new_value, each.label)
if each.password_original:
each.password_original = user.encrypt(user.decrypt(each.password_original, old_value, each.label), new_value, each.label)
user.keeper_key = user.generate_keeper_key(new_value)
db.session.commit()
return 'done', 200
else:
return 'valid pin', 404
elif item == "length":
user.keeper_length = new_value
db.session.commit()
return 'done', 200
else:
abort(404, message='invalid item:{} for target:{}'.format(item, target))
elif target == "verify":
if item == "pin":
return {'valid': user.verify_keeper_key(new_value)}, 200
else:
abort(404, message='invalid item:{} for target:{}'.format(item, target))
else:
abort(404, message='invalid target: {}'.format(target))
else:
abort(404, message='invalid user token: {}'.format(token))
def put(self, token, pin=1234, id=None):
user = Users.verify_auth_token(token)
if user and user.verify_keeper_key(pin):
password_data = user.keeper.filter_by(id=id).first()
if password_data:
data = row_data.parse_args()
password_data.label = data['label']
password_data.account = user.encrypt(data['account'], pin, data['label'])
password_data.password = user.encrypt(data['password'], pin, data['label'])
if data['password_original']:
password_data.password_original = user.encrypt(data['password_original'], pin, data['label'])
password_data.link = data['link'],
password_data.modified_date = datetime.utcnow()
db.session.commit()
password_data.account = data['account']
password_data.password = data['password']
password_data.password_original = data['password_original']
return password_data
else:
abort(404, message='invalid user data')
else:
abort(404, message="invalid user token or pin")
def get(self, token, length=20):
user = Users.verify_auth_token(token)
if user:
return {"random": ''.join(sample(ascii_letters + digits, length))}
else:
abort(404, message="user with token '{}' do not exist".format(token))
def get(self, token, target=None):
user = Users.verify_auth_token(token)
if user:
return {"user": user.user_info()}
else:
abort(404, message="user with token '{}' do not exist".format(token))