async def log_in(self, email: str, password: str) -> 'AuthMediator':
try:
user = await self.fetch_pg_user(email)
except Exception as e:
print(f'Error fetching user from DB: {}', e)
return self
if not user:
self.message = 'No user found with that email'
return self
# Initialize the default User object
user_obj = User()
# If the entered password == the password in the DB, store
# the user data from Postgres in the User object and return the User object
if user_obj.check_password(password, user['password'],
os.getenv('BCRYPT_SALT', None)):
self.hermes_user = User(user['id'], user['email'], password,
user['name'], user['permission_level'],
user['last_fetch'], user['creds'])
return self.hermes_user
else:
self.message = 'Error logging in.'
return self
def create_user(self, **kwargs):
if self.validate_email(kwargs["email"]):
user = User.get(email=kwargs["email"])
if user is None:
if kwargs.get("role_id") is None:
role = Role.get(description="user")
else:
role = Role.get(role_id=kwargs["role_id"])
passwd_encode = generate_password_hash(kwargs["password"])
user = User(city_id=kwargs["city_id"],
email=kwargs["email"],
password=passwd_encode,
name=kwargs["name"],
nickname=kwargs["nickname"],
gender=kwargs["gender"],
active=True,
birth_date=datetime.strptime(
kwargs["birth_date"], "%d/%m/%Y"),
role_id=role,
street=kwargs["street"],
number=kwargs["number"],
complement=kwargs["complement"],
district=kwargs["district"],
postal_code=kwargs["postal_code"],
create_date=datetime.now())
user.flush()
phones = kwargs["phone"]
self.add_phones_user(phones, user)
commit()
response = {
"user_id": user.user_id,
"nickname": user.nickname,
"name": user.name,
"email": user.email,
"gender": user.gender,
"role": role.description,
"role_id": role.role_id,
"street": user.street,
"city": user.city_id.city,
"city_id": user.city_id.city_id,
"state": user.city_id.state_id.state,
"state_id": user.city_id.state_id.state_id,
"number": user.number,
"complement": user.complement,
"district": user.district,
"postal_code": user.postal_code,
"phones": kwargs["phone"]
}
else:
response = {"message": "Email exist", "type": "ERROR"}
else:
response = {"message": "Email not valide", "type": "ERROR"}
return json.dumps(response)
def register():
if current_user.is_authenticated:
return redirect(url_for('panel.panel'))
form = RegistrationForm()
if form.validate_on_submit():
user = User(email=form.email.data, username=form.username.data)
user.set_password(form.password.data)
db.session.add(user)
db.session.commit()
flash("Account created", 'info')
return redirect(url_for('auth.login'))
return render_template('auth/register.html', form=form, title="Register")
async def create_user(self):
data = await self.request.post()
user = User(name=data["name"])
user.api_key = user.generate_api_key()
try:
await user.save(self.request.app["db"])
except DuplicateKeyError:
return aiohttp.web.json_response({"error": f"user already exists"},
status=409)
return aiohttp.web.json_response(
user.to_json(),
status=201,
)
def register3(self, UserPhone, PassWord, NickName):
try:
user = User()
nq = User.query.filter_by(UserPhone=UserPhone).all()
if len(nq) != 0:
state = 0
msg = "此手机号已经被注册了亲!"
array = {'state': state, 'msg': msg}
return array
m = hashlib.md5()
m.update(PassWord.encode('utf-8'))
PassWord = m.hexdigest()
user.PassWord = PassWord
user.NickName = NickName
user.UserPhone = UserPhone
user.UserPhoto = 'http://7xrqhs.com1.z0.glb.clouddn.com/default1.jpg'
user.Experience = 0
user.UserSex = 2
db.session.add(user)
db.session.commit()
state = 1
msg = "成功!"
array = {'state': state, 'msg': msg}
return array
except Exception as e:
print(e)
state = 0
msg = "出现奇怪的错误了,一会再试试吧!"
array = {'state': state, 'msg': msg}
return array
def test_token():
user = User.verify_auth_token(
request.headers.get('Authentication-Token'))
if user is not None:
return jsonify(user.get_dict()), 201
else:
return jsonify({}), 403
def alter_password(self, user_id, password, new_password):
user = User.get(id=user_id)
passwd_encode = self.encode_password(password)
if user.password == passwd_encode:
new_password_encode = self.encode_password(new_password)
user.password = new_password_encode
commit()
def find_user_or_404(self):
value = self.get_user_by_criterion()
user = db.find(where={value["criterion"]: value["value"]})
if user is None:
raise NotFoundUser(NOT_FOUND_USER)
return User(**user)
def link_institution(self, user_id, institution_id):
user = User.get(user_id=user_id)
if self.limit_institution_number(user_id=user_id):
crud_inst = CRUDInstitution()
inst = crud_inst.get_institutions(institution_id=institution_id)
user_inst = UserInstitution.get(user_id=user_id,
institution_id=institution_id)
if not user_inst is None:
user_inst.status = "PENDING"
else:
user_inst = UserInstitution(user_id=user_id,
institution_id=institution_id,
status="PENDING",
event_date=datetime.today())
commit()
inst_data = crud_inst.get_institution(
institution_id=institution_id, export_json=False)
inst_data["status"] = "PENDING"
result = inst_data
else:
result = {
"message":
"USUARIO NAO PODE SE VINCULAR EM MAIS DE 1 INSTITUICAO"
}
return result
def get_user(self, id, export_json=True):
user = User.get(user_id=id)
phones_user = select(user_phone for user_phone in UserPhone
if user_phone.user_id == user)
phones = []
for phone_user in phones_user:
phone = Phone.get(phone_id=phone_user.phone_id.phone_id)
phones.append(phone.number)
response = {
"user_id": id,
"nickname": user.nickname,
"name": user.name,
"email": user.email,
"gender": user.gender,
"role": user.role_id.description,
"role_id": user.role_id.role_id,
"bith_date": user.birth_date.strftime("%d/%m/%Y"),
"city": user.city_id.city,
"city_id": user.city_id.city_id,
"state": user.city_id.state_id.state,
"state_id": user.city_id.state_id.state_id,
"phones": phones,
"street": user.street,
"number": user.number,
"complement": user.complement,
"district": user.district,
"postal_code": user.postal_code,
}
if export_json:
response = json.dumps(response)
return response
def init():
"""initialize database and directories"""
try:
remakedir(settings.DATA_DIR_PATH)
remakedir(settings.DEMO_DIR_PATH)
remakedir(settings.THUMBNAIL_DIR_PATH)
except:
print sys.exc_info()
try:
if os.path.exists(settings.DB_PATH):
os.remove(settings.DB_PATH)
init_db()
if getpwuid(os.getuid())[0] == 'root':
os.chown(settings.DB_PATH, apache_uid, apache_gid)
except:
print sys.exc_info()
try:
role_admin = UserRole('admin', 'for administrators')
db_session.add(role_admin)
user_admin = User('admin', role=role_admin)
db_session.add(user_admin)
db_session.commit()
db_session.remove()
except:
print sys.exc_info()
def remove_phone(self, user_id, phone_id):
user = User.get(user_id=user_id)
phone = Phone.get(phone_id=phone_id)
phone_user = UserPhone.get(user_id=user, phone_id=phone)
phone.delete()
phone_user.delete()
commit()
def create_donation(self, user_id ,**kwargs):
unit = Unit.get(unit_id=kwargs["unit_id"])
user = User.get(user_id=user_id)
donation_detaiils = DonationTypeDetails.get(donation_type_details_id=kwargs["donation_type_details_id"])
donation_type = DonationType.get(donation_type_id=kwargs["donation_type_id"])
date_entry = datetime.strptime(kwargs["date_entry"], "%d/%m/%Y %H:%M")
date_out = datetime.strptime("01/01/9999", "%d/%m/%Y")
donation = DonationUser(donation_type_details_id=donation_detaiils,
donation_type_id=donation_type,
unit_id=unit,
date_entry=date_entry,
date_out=date_out,
amount_entry=kwargs["amount_entry"],
user_id=user,
status="PENDING"
)
donation.flush()
commit()
response = {"user_id": donation.user_id.user_id,
"unit_id": unit.unit_id,
"unit_id_description": unit.description,
"donation_user_id": donation.donation_user_id,
"donation_type_id": donation_type.donation_type_id,
"donation_type_id_description": donation_type.description,
"donation_type_details_id": donation.donation_type_details_id.donation_type_details_id,
"donation_type_details_id_description": donation.donation_type_details_id.description,
"amount_entry": donation.amount_entry,
"date_entry": kwargs["date_entry"],
"date_out": "01/01/9999",
"status": donation.status
}
return response
def test_current_user(db, session):
user = User(name="sam", institution="UofM")
entry = Entry(description="desc", template="temp", user=user)
session.add_all([user, entry])
session.commit()
current_users = [user[0] for user in db.session.query(User.name).all()]
assert user.name in current_users
def create_user(username, password, admin):
hashed_password = generate_password_hash(password, method='sha256')
user = User(public_id=str(uuid.uuid4()),
username=username,
password=hashed_password,
admin=admin)
db.session.add(user)
db.session.commit()
def get_user_reservations(username):
l_reservations = []
users = User.objects(username=username)
if len(users) == 0:
return jsonify({"msg": "未知用户"}), 404
reservations = Reservation.objects(owner=users[0])
for r in reservations:
l_reservations.append(r.get_dict())
return jsonify(l_reservations), 200
def update_user(username):
user = User.verify_auth_token(
request.headers.get('Authentication-Token'))
if user.username == username:
new_user = json.loads(request.get_data())
user.update_with_dict(new_user)
return jsonify(user.get_dict()), 201
else:
return 403
def get_user_info():
user = User.verify_auth_token(
request.headers.get('Authentication-Token'))
if user == -1:
return jsonify({'error': '未登录'}), 401
if user is not None:
return jsonify(user.get_dict()), 201
else:
return jsonify({}), 403
def delete_user(self, user_id):
try:
user = User.get(user_id=user_id)
user.active = False
commit()
return {"message": "user deleted"}
except Exception as ex:
print(ex)
return {"message": "erro"}
def test_many_many_relationship(db, session):
user = User(name="sam", institution="UofM")
entry = Entry(description="desc", template="temp", user_saves=user)
session.add_all([user, entry])
session.commit()
assert entry in user.saved_entries
assert user in entry.user_saves
def register_user():
data = request.get_data()
data = json.loads(data)
username = data['username']
password = data['password']
users = User.objects(username=username, password=password)
if len(users) > 0:
return jsonify({'id': -1}), 409
else:
user = User()
user.username = username
user.password = password
user.privilege = 0
user.save()
return jsonify(user.get_dict()), 201
def oauth_callback():
if not current_user.is_anonymous:
return redirect(url_for('index'))
oauth = VkSignIn()
social_id, name, image_url, friends_count = oauth.callback()
if social_id is None:
flash('Authentication failed.')
return redirect(url_for('index'))
user = User.objects(social_id=social_id).first()
if not user:
user = User(social_id=social_id, ).save()
login_user(user, True)
values = {
'name': name,
'friends_count': friends_count,
'image_url': image_url,
}
session.update(values)
return redirect(url_for('index'))
def delete_reservation(r_id):
user = User.verify_auth_token(request.headers.get('Authentication-Token'))
if user is not None:
r = Reservation.objects(id=r_id)
if len(r) == 0:
return jsonify({}), 404
if r[0].owner == user:
r.delete()
return jsonify({}), 204
return jsonify({"msg": "Not permitted"}), 403
def create_reservation():
"""Apply for a reservation"""
user = User.verify_auth_token(request.headers.get('Authentication-Token'))
if user is not None:
data = json.loads(request.get_data())
r = Reservation.reserve(user, data['start_time'], data['end_time'], data['detail'])
if r is not None:
return jsonify(r.get_dict()), 201
return jsonify({"error": "预约失败,时间冲突"}), 403
else:
return jsonify({}), 403
def reject(r_id):
user = User.verify_auth_token(request.headers.get('Authentication-Token'))
if user is not None:
if user.privilege > 0: # Check if user is an administrator.
r = Reservation.objects(id=r_id)
if len(r) == 0:
return jsonify({"msg": "Id not exist"}), 404
else:
r[0].reject()
return jsonify(r[0].get_dict()), 201
else:
return jsonify({"msg": "Not permitted"}), 403
def edit_user_values(self, value, msg):
user = self.find_user_or_404()
print(f"Edytujesz uzytkownika: {user}")
new_value = str(input(msg))
db.update(user, values={value: new_value})
returned_where = {
"username": new_value if value == "username" else user.username
}
updated_user = db.find(where=returned_where)
print(User(**updated_user))
def authorized(oauth_token):
next_url = request.args.get('next') or url_for('index')
if oauth_token is None:
flash("Authorization failed.")
return redirect(next_url)
session['oauth_token'] = oauth_token
me = github.get('user')
user_id = me['login']
user = User.query.filter_by(id=user_id).first()
if user is None:
user = User(id=user_id, uid=user_id, name=me['name'], source='github')
user.last_login = DateUtil.now_datetime()
user.save()
RequestUtil.login(session, user_id)
return redirect(next_url)
def user_cookie():
user = None
if 'uid' in session:
user = User.query.filter(User.cookie_id == str(session['uid'])).first()
if user is None:
session['uid'] = uuid4()
data = User(str(session['uid']))
db_session.add(data)
db_session.commit()
user = User.query.filter(User.cookie_id == str(session['uid'])).first()
return user
def adminpassword():
"""set admin password"""
admin_username = "******"
password = getpass.getpass()
if len(password) < 8:
print "dame"
return
admin = User.query.get(1)
if not admin:
userrole = UserRole.query.get("admin")
admin = User(admin_username, userrole)
db_session.add(admin)
admin.set_password(password)
db_session.commit()
db_session.remove()
print "update successfully"
def test_relationship(db, session):
user = User(name="Sam", institution="UofM")
entry = Entry(description="Smarty", template="template", user=user)
print(db.session.execute('show tables').fetchall())
print(db.session.execute('select * from entries').fetchall())
print(db.session.execute('select * from test.entries').fetchall())
session.add_all([user, entry])
session.commit()
assert entry in user.submissions
assert entry.user is user
def autenticate(self, email, password):
user = User.get(email=email)
user_controller = UserController()
if user and check_password_hash(user.password, password):
user_data = user_controller.get_user(id=user.user_id,
export_json=False)
token = self.encode_token(data={
"email": email,
"role": user_data["role"]
})
user_data["token"] = token
return json.dumps(user_data)
return None
def register3(self, UserPhone, PassWord, NickName):
try:
user = User()
nq = User.query.filter_by(UserPhone=UserPhone).all()
if len(nq) != 0:
state = 0
msg = "此手机号已经被注册了亲!"
array = {
'state': state,
'msg': msg
}
return array
m = hashlib.md5()
m.update(PassWord.encode('utf-8'))
PassWord = m.hexdigest()
user.PassWord = PassWord
user.NickName = NickName
user.UserPhone = UserPhone
user.UserPhoto = 'http://7xrqhs.com1.z0.glb.clouddn.com/default1.jpg'
user.Experience = 0
user.UserSex = 2
db.session.add(user)
db.session.commit()
state = 1
msg = "成功!"
array = {
'state': state,
'msg': msg
}
return array
except Exception as e:
print(e)
state = 0
msg = "出现奇怪的错误了,一会再试试吧!"
array = {
'state': state,
'msg': msg
}
return array
# -*- coding: utf-8 -*-
from app.db import Base, User, Address
from settings import SQLALCHEMY_ENGINE, SQLALCHEMY_SESSION
if __name__ == '__main__':
Base.metadata.create_all(SQLALCHEMY_ENGINE)
session = SQLALCHEMY_SESSION()
session.add_all([
User(name='ed', fullname='Ed Jones', password='******'),
User(name='wendy', fullname='Wendy Williams', password='******'),
User(name='mary', fullname='Mary Contrary', password='******'),
User(name='fred', fullname='Fred Flinstone', password='******')
])
jack = User(name='jack', fullname='Jack Bean', password='******')
jack.addresses = [
Address(email_address='*****@*****.**'),
Address(email_address='*****@*****.**')
]
session.add(jack)
session.commit()
