def get_plot_data(user_id=None, token=None):
"""
:param: category of analysis ie blocked/(unblocked/warned)
:parameter: user_id: the user making the request
:parameter: token: the user token for each request
:rtype: object
"""
f = do_get_auth(user_id, token)
if not isinstance(f, bool):
return f
else:
if f is not True:
return make_response(jsonify({"error": 'Invalid User id.', "data": False}), 200)
ips = get_plots().find({})
if ips:
ibl_list = []
for x in ips:
x['id'] = x['_id']
del x['_id']
ibl_list.append(x)
create_log(find_user(user_id), request, "retrieved analysis data", LOG_USER_TYPE)
return make_response(jsonify({"error": False, "token": get_request_token(user_id),
"data": json.dumps(ibl_list, cls=JSONEncoder)}), 200)
return make_response(jsonify({"error": False, "token": get_request_token(user_id), "data": False}), 200)
def delete_logs(user_id, log_type="user", retain=None, token=None):
"""
:param token:
:param user_id
:param log_type
:param retain
:rtype: object
"""
f = do_get_auth(user_id, token)
if not isinstance(f, bool):
return f
else:
if f is not True:
return make_response(
jsonify({
"error": 'Invalid User id.',
"data": False
}), 200)
logs = get_logs()
try:
"""
To change this so that deleting is limited to certain date to use retain
"""
data = logs.delete_many({
'type': log_type,
"lastAccessTime": {
"$lt": "2018-04-03 19:33:53"
}
})
if not data or data.deleted_count < 1:
return make_response(
jsonify({
"error": 'Unable to delete records. No records found ',
"token": get_request_token(user_id),
"data": False
}))
user = find_user(_id=user_id)
if user:
create_log(user, request, "accessed " + log_type + " logs",
LOG_SYSTEM_TYPE)
except IndexError:
return make_response(
jsonify({
"error": 'No data found for deletion',
"token": get_request_token(user_id),
"data": False
}))
return make_response(
jsonify({
"error": False,
"token": get_request_token(user_id),
"data": data.deleted_count
}))
def fetch_logs(user_id=None, log_type="user", token=None):
"""
:param token:
:param user_id
:param log_type
:return:
"""
f = do_get_auth(user_id, token)
if not isinstance(f, bool):
return f
else:
if f is not True:
return make_response(
jsonify({
"error": 'Invalid User id.',
"data": False
}), 200)
logs = get_logs()
try:
user = find_user(_id=user_id)
if user:
create_log(user, request, "accessed " + log_type + " logs",
LOG_SYSTEM_TYPE)
data = logs.find({
'type': log_type
}, {
'_id': 0
}).sort("lastAccessTime", -1)
if not data or data.count() < 1:
return make_response(
jsonify({
"error": 'No logs found..',
"token": get_request_token(user_id),
"data": False
}))
data = [x for x in data]
except IndexError:
return make_response(
jsonify({
"error": 'No data found',
"token": get_request_token(user_id),
"data": False
}))
return make_response(
jsonify({
"error": False,
"token": get_request_token(user_id),
"data": data
}))
def change_password():
"""
:parameter: request
request: {user_id, token, old_password, new_password, new_password_verify}
:rtype: object
"""
user_id = request.json['user_id']
cond = ("old_password", "new_password", "new_password_verify")
if not all(val in request.json.keys() for val in cond):
return make_response(
jsonify({
"error": 'Some data was missing in the submitted request. ',
"token": get_request_token(user_id),
"data": False
}), 200)
user = find_user(user_id)
if not user:
return make_response(
jsonify({
"error":
'Could not find this user. Please logout and in again',
"token": get_request_token(user_id),
"data": False
}), 200)
if not request.json['new_password'] == request.json['new_password_verify']:
return make_response(
jsonify({
"error": 'Passwords do not match.',
"token": get_request_token(user_id),
"data": False
}), 200)
if verify_password(request.json['old_password'], user['password']):
get_users().update_one({"email": user['email']}, {
"$set": {
"password": hash_password(request.json['new_password'])
}
})
create_log(find_user(user_id), request, "changed his password",
LOG_USER_TYPE)
return make_response(
jsonify({
"error": False,
"token": get_request_token(user_id),
"data": "Password change has been successful."
}), 200)
return make_response(
jsonify({
"error": "Old password is not valid. please correct it.",
"token": get_request_token(user_id),
"data": False
}), 200)
def update_user():
"""
:parameter: request
request {user_id, token, user:object}
user: object{update_user_id, username, first_name, last_name, status }
:return:
"""
user_id = request.json['user_id']
if "update_user_id" not in request.json:
return make_response(
jsonify({
"error":
"User update cannot be performed due to required missing "
"field(update_user_id)",
"token":
get_request_token(user_id),
"data":
False
}), 200)
update_user_id = request.json['update_user_id']
cond = ("username", "first_name", "last_name", "status")
updates = {}
for ob in cond:
if ob in request.json:
updates[ob] = request.json[ob]
if not updates:
return make_response(
jsonify({
"error": "Update was unsuccessful. No valid updates provided",
"token": get_request_token(user_id),
"data": False
}), 200)
if not find_user(update_user_id):
return make_response(
jsonify({
"error": "Could not find the user you want to update",
"token": get_request_token(user_id),
"data": False
}), 200)
users = get_users()
users.find_one_and_update({"_id": ObjectId(update_user_id)},
{"$set": updates},
upsert=True)
return make_response(
jsonify({
"error": False,
"token": get_request_token(user_id),
"data": "User update has been successful."
}), 200)
def redirect_domain_handle():
user_id = request.json['user_id']
if "domain" not in request.json:
return make_response(jsonify({"error": 'Incorrect data sent to server. domain is missing',
"token": get_request_token(user_id),
"data": False}), 200)
domain = request.json['domain']
res = get_domains().find_one_and_update({"_id": domain}, {"redirected": True})
if not res:
return make_response(jsonify({"error": "Could not find the domain specified.",
"token": get_request_token(user_id), "data": False}), 200)
redirect_domain(domain)
return make_response(jsonify({"error": False, "token": get_request_token(user_id),
"data": "Domain {0} has been zoned for redirection.".format(domain)}), 200)
def deactivate_user(email, user_id=None, token=None):
"""
:parameter: user_id: the user making the request
:parameter: email: the email of user to deactivate
:parameter: token: the user token for each request
:rtype: object
"""
f = do_get_auth(user_id, token)
if not isinstance(f, bool):
return f
else:
if f is not True:
return make_response(
jsonify({
"error": 'Invalid User id.',
"data": False
}), 200)
email = email.replace('-', '@')
if not validate_email(email):
return make_response(
jsonify({
"error": "Email is invalid. ex. [email protected]",
"token": get_request_token(user_id),
"data": False
}), 200)
if deactivate_user_status(email):
create_log(find_user(user_id), request,
"deactivated an account of {0}".format(email),
LOG_USER_TYPE)
return make_response(
jsonify({
"error": False,
"token": get_request_token(user_id),
"data": "User has been deactivated successfully"
}), 200)
return make_response(
jsonify({
"error": "Sorry. Could not deactivate user. Something happened",
"token": get_request_token(user_id),
"data": False
}), 200)
def fetch_single_user(user_email_id, user_id=None, token=None):
"""
:parameter: user_id: the user making the request
:parameter: token: the user token for each request
:param: user_email_id: user id to update
:rtype: object
"""
f = do_get_auth(user_id, token)
if not isinstance(f, bool):
return f
else:
if f is not True:
return make_response(
jsonify({
"error": 'Invalid User id.',
"data": False
}), 200)
if not user_email_id or not len(user_email_id) == 24:
return make_response(
jsonify({
"error": 'A valid User id is required',
"token": get_request_token(user_id),
"data": False
}), 200)
user = find_user(user_email_id)
if user:
user['id'] = user['_id']
del user['_id']
del user['password']
create_log(find_user(user_id), request, "retrieved user data",
LOG_USER_TYPE)
return make_response(
jsonify({
"error": False,
"token": get_request_token(user_id),
"data": json.dumps(user, cls=JSONEncoder)
}), 200)
return make_response(
jsonify({
"error": "Could not find the requested user.",
"token": get_request_token(user_id),
"data": False
}), 200)
def confirm_email(token):
"""
:param token
:rtype: object
"""
if not token:
return make_response(
jsonify({
"error": "Confirmation link is invalid or has expired.",
"data": False
}), 200)
email = confirm_token(token)
users = get_users()
user = users.find_one({"email": email})
if user:
if user['confirmed'] is True:
return make_response(
jsonify({
"error": False,
"token": get_request_token(user['_id']),
"data": "Account already confirmed. Please login"
}), 200)
else:
users.update_one({"email": email}, {
"$set": {
"status": "active",
"confirmation_token": "",
"confirmed": True,
"confirmed_on": make_date_time()
}
})
return make_response(
jsonify({
"error": False,
"token": get_request_token(user['_id']),
"data": "You have confirmed your account! Thanks"
}), 200)
return make_response(
jsonify({
"error": "Confirmation link is invalid or has expired.",
"data": False
}), 200)
def blocked_or_warned(category=None, order=None, user_id=None, token=None):
"""
:param token:
:param user_id:
:param category: category of analysis ie blocked/(unblocked/warned)
:param order: order of the category: ie network or ip
:parameter: user_id: the user making the request
:parameter: token: the user token for each request
:rtype: object
"""
f = do_get_auth(user_id, token)
if not isinstance(f, bool):
return f
else:
if f is not True:
return make_response(jsonify({"error": 'Invalid User id.', "data": False}), 200)
if not category or not order:
return make_response(jsonify({"error": False, "token": get_request_token(user_id), "data": False}), 200)
ips = None
if category == "warned" or category == "unblocked":
if order == "ip":
ips = get_warned_by_ip().find({})
elif order == "network":
ips = get_warned_by_network().find({})
elif category == "blocked":
if order == "ip":
ips = get_blocked_by_ip().find({})
elif order == "network":
ips = get_blocked_by_network().find({})
if ips:
ibl = ips.sort([("block_date", DESCENDING), ("attempts", ASCENDING)])
ibl_list = []
for x in ibl:
x['id'] = x['_id']
del x['_id']
ibl_list.append(x)
create_log(find_user(user_id), request, "retrieved analysis data", LOG_USER_TYPE)
return make_response(jsonify({"error": False, "token": get_request_token(user_id),
"data": json.dumps(ibl_list, cls=JSONEncoder)}), 200)
return make_response(jsonify({"error": False, "token": get_request_token(user_id), "data": False}), 200)
def activate_user():
"""
:parameter: user_id: the user making the request
:parameter: email: the email of user to activate
:parameter: token: the user token for each request
:rtype: object
"""
keys = ("email", "user_id")
user_id = request.json['user_id']
email = request.json['email']
if not set(keys).issubset(set(request.json)):
return make_response(
jsonify({
"error": 'Some fields are missing',
"token": get_request_token(user_id),
"data": False
}), 200)
if not validate_email(email):
return make_response(
jsonify({
"error": "Email is invalid. ex. [email protected]",
"token": get_request_token(user_id),
"data": False
}), 200)
if activate_user_status(email):
create_log(find_user(user_id), request,
"Activated account of {0}".format(email), LOG_USER_TYPE)
return make_response(
jsonify({
"error": False,
"token": get_request_token(user_id),
"data": "User has been activated successfully"
}), 200)
return make_response(
jsonify({
"error": "Sorry. Could not activate user. Something happened",
"token": get_request_token(user_id),
"data": False
}), 200)
def update_settings():
user_id = request.json['user_id']
if "settings" not in request.json:
return make_response(jsonify({"error": 'Incorrect data sent to server. settings are missing',
"token": get_request_token(user_id),
"data": False}), 200)
settings = request.json['settings']
if not isinstance(settings, dict):
return make_response(jsonify({"error": 'a settings dictionary was expected but got {0}'.format(type(settings)),
"token": get_request_token(user_id), "data": False}), 200)
res = save_settings(settings)
if not res:
return make_response(jsonify({"error": "Could not update settings. Try again later",
"token": get_request_token(user_id), "data": False}), 200)
return make_response(jsonify({"error": False, "token": get_request_token(user_id),
"data": "Settings have been updated successfully."}), 200)
def fetch_all_users(user_id=None, token=None):
"""
:parameter: user_id: the user making the request
:parameter: token: the user token for each request
:rtype: object
"""
f = do_get_auth(user_id, token)
if not isinstance(f, bool):
return f
else:
if f is not True:
return make_response(
jsonify({
"error": 'Invalid User id.',
"data": False
}), 200)
users = get_users().find({})
if users:
users = users.sort([("status", ASCENDING), ("first_name", ASCENDING),
("last_name", ASCENDING)])
user_list = []
for x in users:
x['id'] = x['_id']
del x['_id']
del x['password']
user_list.append(x)
create_log(find_user(user_id), request, "retrieved user data",
LOG_USER_TYPE)
return make_response(
jsonify({
"error": False,
"token": get_request_token(user_id),
"data": json.dumps(user_list, cls=JSONEncoder)
}), 200)
return make_response(
jsonify({
"error": False,
"token": get_request_token(user_id),
"data": False
}), 200)
def block_ip():
user_id = request.json['user_id']
if "data" not in request.json:
return make_response(jsonify({"error": 'No data sent to server', "token": get_request_token(user_id),
"data": False}), 200)
data = request.json['data']
if not isinstance(data, dict):
return make_response(jsonify({"error": 'Data is not json formatted.', "token": get_request_token(user_id),
"data": False}), 200)
keys = ("ip", "network")
if not set(keys).issubset(set(data)):
return make_response(jsonify({"error": 'the data submitted must contain both the `ip` and `network` fields ',
"token": get_request_token(user_id), "data": False}), 200)
ip, network = validate_ips(ip=data['ip'], network=data['network'])
if not ip or not network:
return make_response(jsonify({"error": 'Invalid address has been forwarded. please check your data.',
"token": get_request_token(user_id), "data": False}), 200)
net_data = get_warned_by_network().find_one({"source_ip": ip, "source_network": network})
feed = []
if net_data and len(net_data) > 0:
feed.clear()
feed.append(net_data)
block_all(networks=feed)
else:
ip_data = get_warned_by_ip().find_one({"source_ip": ip, "source_network": network})
if ip_data and len(ip_data) > 0:
feed.clear()
feed.append(ip_data)
block_all(ips=feed)
else:
return make_response(jsonify({"error": False, "token": get_request_token(user_id),
"data": "Cant find this record. Unable to take action on the provided data."}), 200)
return make_response(jsonify({"error": False, "token": get_request_token(user_id),
"data": "Address has been black-listed "}), 200)
def unblock_network():
user_id = request.json['user_id']
if "network" not in request.json:
return make_response(jsonify({"error": 'Incorrect data sent to server. network value is missing',
"token": get_request_token(user_id),
"data": False}), 200)
ip, network = validate_ips(network=request.json['network'])
if not network:
return make_response(jsonify({"error": 'Invalid network address', "token": get_request_token(user_id),
"data": False}), 200)
fn = get_blocked_by_ip().find({"source_network": network})
if fn and fn.count() > 0:
unblock_all(ips=list(fn))
fn_2 = get_blocked_by_network().find({"source_network": network})
if fn_2 and fn_2.count() > 0:
unblock_all(ips=list(fn_2))
return make_response(jsonify({"error": False, "token": get_request_token(user_id),
"data": "Network `{0}` has been white-listed ".format(network)}), 200)
def block_by_country(country=None, user_id=None, token=None):
f = do_get_auth(user_id, token)
if not isinstance(f, bool):
return f
else:
if f is not True:
return make_response(jsonify({"error": 'Invalid User id.', "data": False}), 200)
if not country or not len(country.strip()) == 2:
return make_response(jsonify({"error": 'Incorrect data sent to server', "token": get_request_token(user_id),
"data": False}), 200)
block_all(by_country=country)
return make_response(jsonify({"error": False, "token": get_request_token(user_id),
"data": "Country `{0}` has been black-listed ".format(country)}), 200)
def get_global_notifications(user_id=None, token=None):
"""
:param: category of analysis ie blocked/(unblocked/warned)
:parameter: user_id: the user making the request
:parameter: token: the user token for each request
:rtype: object
"""
f = do_get_auth(user_id, token)
if not isinstance(f, bool):
return f
else:
if f is not True:
return make_response(jsonify({"error": 'Invalid User id.', "data": False}), 200)
ips = get_new_global_alerts()
return make_response(jsonify({"error": False, "token": get_request_token(user_id),
"data": json.dumps(ips, cls=JSONEncoder)}), 200)
def fetch_domains(user_id, token):
"""
:param: category of analysis ie blocked/(unblocked/warned)
:parameter: user_id: the user making the request
:parameter: token: the user token for each request
:rtype: object
"""
f = do_get_auth(user_id, token)
if not isinstance(f, bool):
return f
else:
if f is not True:
return make_response(jsonify({"error": 'Invalid User id or token', "data": False}), 200)
ips = get_domains().find()
data = []
for d in ips:
data.append(d)
return make_response(jsonify({"error": False, "token": get_request_token(user_id),
"data": json.dumps(data, cls=JSONEncoder)}), 200)
def confirm_password_reset():
"""
request: {forgot__token, new_password, new_password_verify}
:return:
"""
if not request or not request.json:
return not_json_request()
cond = ("forgot_token", "new_password", "new_password_verify")
if not all(val in request.json.keys() for val in cond):
return make_response(
jsonify({
"error": 'Some data was missing in the submitted request. ',
"token": "",
"data": False
}), 200)
token = request.json['forgot_token']
password = request.json['new_password']
password_2 = request.json['new_password_verify']
email = confirm_token(token)
if not email:
return make_response(
jsonify({
"error":
'This token has already expired. please request a new token',
"token": "",
"data": False
}), 200)
user = find_user(email=email)
if not user or ("forgot_token"
not in user) or not (user['forgot_token'] == token):
return make_response(
jsonify({
"error":
'Could not find this user. The token you provided could be corrupt',
"token": "",
"data": False
}), 200)
if not password == password_2:
return make_response(
jsonify({
"error": 'Passwords do not match.',
"token": "",
"data": False
}), 200)
update = get_users().find_one_and_update(
{"email": email},
{"$set": {
"forgot_token": "",
"password": hash_password(password)
}})
if update:
create_log(find_user(email=email), request, "Reset his password",
LOG_USER_TYPE)
return make_response(
jsonify({
"error":
False,
"token":
get_request_token(user['_id']),
"data":
"Password change has been successful. You can now login."
}), 200)
return make_response(
jsonify({
"error": "Password reset Failed. Consult the admin.",
"token": "",
"data": False
}), 200)
def login():
if not request.is_json or not (request.json.keys()
& {"username", "password"}):
return make_response(
jsonify({
"error": 'request is missing information',
"data": False
}), 200)
username = request.json['username']
password = request.json['password']
if not username or not password:
return make_response(
jsonify({
"error": 'required fields are not provided',
"data": False
}), 200)
try:
users = get_users()
user = users.find_one(
{"$or": [{
"username": username
}, {
"email": username
}]})
if not user:
return make_response(
jsonify({
"error": 'Wrong username',
"data": False
}), 200)
if not verify_password(password, user['password']):
return make_response(
jsonify({
"error": 'Invalid user credentials',
"data": False
}))
if 'status' not in user.keys() or not user['status'] == "active":
return make_response(
jsonify({
"error": 'Access denied. User was deactivated.',
"data": False
}), 200)
user['id'] = user['_id']
del user['_id']
del user['password']
if user_has_session(user['id']):
if is_session_active(user_id=user['id']):
return make_response(
jsonify({
"error": False,
"data": "already logged in",
"token": get_request_token(user['id']),
"user": json.dumps(user, cls=JSONEncoder)
}), 200)
return session_expired()
session['username'] = user['username']
session['email'] = user['email']
session['is_logged_in'] = True
session['user_id'] = user['id']
session['token'] = generate_token()
session['expiration'] = make_date_time(SESSION_LIFETIME)
update_last_login(user['email'])
create_log(user, request, "Logged in", LOG_USER_TYPE)
except IndexError:
return make_response(jsonify({
"error": 'No data found',
"data": False
}))
return make_response(
jsonify({
"error": False,
"token": session["token"],
"data": json.dumps(user, cls=JSONEncoder)
}))
def add_user():
"""
:parameter: user_id: the user making the request
:parameter: token: the user token for each request
:param: request
request: POST {first_name, last_name, email, username, password, password_verify, user_id, token}
:return:
"""
keys = ("username", "password", "password_verify", "first_name",
"last_name", "email", "user_id")
user_id = request.json['user_id']
if not set(keys).issubset(set(request.json)):
return make_response(
jsonify({
"error": 'Some fields are missing',
"token": get_request_token(user_id),
"data": False
}), 200)
username = request.json['username']
password = request.json['password']
password_verify = request.json['password_verify']
email = request.json['email']
first_name = request.json['first_name']
last_name = request.json['last_name']
if not validate(username, 1):
return make_response(
jsonify({
"error": 'Username should only contain letters',
"token": get_request_token(user_id),
"data": False
}), 200)
if not validate_email(email):
return make_response(
jsonify({
"error": "Email is invalid. ex. [email protected]",
"token": get_request_token(user_id),
"data": False
}), 200)
if user_exists(email):
return make_response(
jsonify({
"error": "Email already in used. Use another email",
"token": get_request_token(user_id),
"data": False
}), 200)
if not password == password_verify:
return make_response(
jsonify({
"error": 'Passwords do not match.',
"token": get_request_token(user_id),
"data": False
}), 200)
if not validate_password(password, 6):
return make_response(
jsonify({
"error":
'Password should only be alphanumeric and min length 6',
"token": get_request_token(user_id),
"data": False
}), 200)
"""
Need to implement permissions on each user
add permissions object/dict
"""
conf_token = generate_confirmation_token(email)
user_object = {
"username": username,
"first_name": first_name,
"last_name": last_name,
"email": email,
"password": hash_password(password),
"status": "pending",
"confirmation_token": conf_token,
"confirmed_on": "",
"confirmed": False
}
mess = EMAIL_CONFIRM_LINK + conf_token + "/"
mess = "<b style='color: blue'>Use this link to activate your account :</b> " \
"<br> <br> <a href='" + mess + "' target='_blank' >" + mess + "</a>"
if not send_mail(email, mess):
return make_response(
jsonify({
"error":
"Unable to create user, failed to send an email to this user. "
"Cant connect to mail server.",
"token":
get_request_token(user_id),
"data":
False
}), 200)
if create_user(user_object):
us = find_user(request.json['user_id'])
create_log(us, request, "Added new user", LOG_USER_TYPE)
return make_response(
jsonify({
"error":
False,
"token":
get_request_token(user_id),
"data":
"New user has been created. User should confirm his/her"
" email by visiting the link sent to him."
}), 200)
return make_response(
jsonify({
"error": "Something went wrong. Unable to create new user.",
"token": get_request_token(user_id),
"data": False
}), 200)