def user_create():
form = UserCreateForm(request.form)
if not form.validate():
return render_template("user_create.html", form=form)
if form.username.data == "deleted":
return render_template("user_create.html",
form=form,
error="Username cannot be deleted")
user = User.query.filter_by(username=form.username.data,
deleted=False).first()
if user:
return render_template("user_create.html",
form=form,
error="Username already exists")
password = form.password.data.encode() # utf-8 for bcrypt
hashed = bcrypt.hashpw(password, bcrypt.gensalt()).decode()
user = User(form.username.data, hashed)
if User.user_count() == 0:
user.admin = True
db.session().add(user)
db.session().commit()
login_user(user)
return redirect(url_for("index"))
def login():
if current_user.is_authenticated:
flash('You are already logged in.')
return redirect(url_for('auth.home'))
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
username = request.form.get('username')
password = request.form.get('password')
try:
User.try_login(username, password)
except ldap.INVALID_CREDENTIALS:
flash(
'Invalid username or password. Please try again.',
'danger')
return render_template('login.html', form=form)
user = User.query.filter_by(username=username).first()
if not user:
user = User(username, password)
db.session.add(user)
db.session.commit()
login_user(user)
flash('You have successfully logged in.', 'success')
return redirect(url_for('auth.home'))
if form.errors:
flash(form.errors, 'danger')
return render_template('login.html', form=form)
def setUp(self):
db.create_all()
self.search_api = app.config['AUTHENTICATED_SEARCH_API']
self.app = app
self.client = app.test_client()
self.user = User(email='*****@*****.**',
password='******',
name='noname',
gender='M',
date_of_birth=datetime.datetime.now(),
current_address='nowhere',
previous_address='nowhere',
blocked=False,
view_count=0)
self.blocked_user = User(email='*****@*****.**',
password='******',
name='noname',
gender='M',
date_of_birth=datetime.datetime.now(),
current_address='nowhere',
previous_address='nowhere',
blocked=True,
view_count=0)
db.session.add(self.user)
db.session.add(self.blocked_user)
db.session.commit()
self.lrid = uuid.uuid4()
self.roles = ['CITIZEN']
def users_create():
form = NewUserForm(request.form)
if not form.validate():
return render_template("auth/new.html", form=form)
username = form.username.data
if User.query.filter_by(username=username).first() is None:
user = User(username, form.password.data)
else:
return render_template("auth/new.html",
form=NewUserForm(),
message="This username is already taken")
users_in_database = User.query.order_by(User.username).all()
if users_in_database:
user.role = "DEFAULT"
else:
user.role = "ADMIN"
db.session().add(user)
db.session().commit()
return redirect(url_for("auth_login"))
def auth_register():
username_already_taken = ""
if request.method == "GET":
return render_template("auth/registerform.html",
form=RegisterForm(),
username_already_taken=username_already_taken)
form = RegisterForm(request.form)
if not form.validate():
return render_template("auth/registerform.html",
form=form,
username_already_taken=username_already_taken)
#rekisteröinnissä pitää estää saman usernamen valinta
suggested_account_name = form.username.data
checked_account = User.query.filter(
User.username == suggested_account_name).first()
if checked_account != None:
username_already_taken = "Username is already taken. Please pick another one."
return render_template("auth/registerform.html",
form=form,
username_already_taken=username_already_taken)
account = User(form.name.data, form.username.data, form.password.data)
if db.session.query(User).count() == 0:
account.set_as_admin()
db.session().add(account)
db.session().commit()
return redirect(url_for("auth_login"))
def auth_registerOrUpdate():
if ('create' in request.form):
form = RegisterForm(request.form)
if not form.validate():
return render_template("auth/new.html", form=form)
username = form.username.data
password = form.password.data
user = User(username, password, False)
db.session().add(user)
db.session().commit()
login_user(user)
elif ('edit' in request.form):
form = UserEditForm(request.form)
if not form.validate():
return render_template("auth/edit.html", form=form)
oldUsername = form.oldUsername.data
user = User.query.filter_by(username=oldUsername).first()
user.username = form.username.data
user.password = form.password.data
db.session().commit()
return redirect(url_for("games_index"))
def create_user(self, user_payload, role):
with self.app.app_context():
user = User(**user_payload)
user.password = PasswordUtilities.generate_password(user.password)
user.role = role.pk
self.db.session.add(user)
self.db.session.commit()
def auth_create():
form = CreateUserForm(request.form)
if request.method == "GET":
return render_template("auth/newuser.html", form=form)
if not form.validate_on_submit():
return render_template("auth/newuser.html", form=form)
pw_hash = bcrypt.generate_password_hash(form.password.data).decode('utf-8')
user = User(form.name.data, form.username.data, pw_hash)
user.role_id = 3
try:
db.session().add(user)
db.session().commit()
login_user(user)
except IntegrityError:
db.session.rollback()
flash("Create account failed.", "danger")
return render_template(
"auth/newuser.html",
form=form,
error="User already exists. Consider changing username.")
return redirect(url_for("index"))
def newuser():
try:
if request.method == "GET":
return render_template("auth/newuser.html", form=LoginForm())
form = LoginForm(request.form)
if not form.validate():
return render_template(
"auth/newuser.html",
form=form,
error=
"Invalid input. The username and password must have 3-20 characters, and mustn't contain illegal characters."
)
user = db.session.query(
User).filter((User.name == form.username.data)
| (User.username == form.username.data)).first()
if user:
return render_template("auth/newuser.html",
form=form,
error="Username already in use")
user = User(form.username.data, form.username.data, form.password.data)
user.acc_type = "USER"
db.session().add(user)
db.session().commit()
login_user(user)
return redirect(url_for("main"))
except:
print("Something went wrong.")
db.session().rollback()
return redirect(url_for("page_404"))
def init_categories():
stmt = text('SELECT * FROM Category;')
res = db.engine.execute(stmt)
if (res.fetchone() != None):
return
category1 = Category('Sports')
category2 = Category('Gaming')
category3 = Category('Programming')
userrole = Role('USER')
adminrole = Role('ADMIN')
db.session().add(userrole)
db.session().add(adminrole)
db.session().add(category1)
db.session().add(category2)
db.session().add(category3)
db.session().commit()
normaluser = User(' ', 'user', 'user')
adminuser = User(' ', 'admin', 'admin')
db.session().add(normaluser)
db.session().add(adminuser)
db.session().commit()
db.session().add(User_Role(normaluser.id, 1))
db.session().add(User_Role(adminrole.id, 2))
db.session().commit()
def oauth_callback(provider):
try:
oauth = OAuthSignIn.get_provider(provider)
except KeyError:
current_app.logger.error(
"Failed authentication with <{0}>, not listed as a provider".
format(provider))
raise InvalidAPIRequest(
"Could not authenticate with the given provider",
status_code=BAD_REQUEST_CODE)
social_id, email = oauth.callback()
current_app.logger.debug("Data: | {0} | {1}".format(social_id, email))
if not social_id:
current_app.logger.error(
"OAuth did not return valid data. <{0}>".format(provider))
raise InvalidAPIRequest('OAuth authentication error',
status_code=UNAUTHORIZED_CODE)
user = User.query.filter_by(social_id=social_id).first()
if not user:
try:
user = User(social_id=social_id, username=email)
user.role = UserUtilities.regular_user_pk()
db.session.add(user)
db.session.commit()
except Exception as e:
current_app.logger.error(
"Could not create a user in the database. Error: {0}".format(
str(e)))
return redirect(
url_for('home.index',
access_token=JWTUtilities.create_access_token(user)))
def test_password_salts_are_random(self):
""" salt should be added to password hash
"""
user_one = User(password='******')
user_another = User(password='******')
self.assertTrue(user_one.password_hash != user_another.password_hash)
def auth_register_user():
if request.method == "GET":
return render_template('register.html')
payload = MultiDict(request.get_json())
registration_form = StandardRegistrationForm(payload)
try:
if registration_form.validate():
if User.query.filter(
User.username == registration_form.username.data).first():
raise InvalidAPIRequest(
"Duplicate username, please choose a unique username",
status_code=403)
try:
password = PasswordUtilities.generate_password(
registration_form.password.data,
registration_form.confirm.data)
user_data = registration_form.to_dict
user_data["password"] = password
new_user = User(**user_data)
new_user.role = UserUtilities.regular_user_pk()
db.session.add(new_user)
db.session.commit()
return JWTUtilities.create_access_token_resp(new_user)
except ImproperPasswordError:
raise InvalidAPIRequest("Password format error",
status_code=BAD_REQUEST_CODE)
except PasswordMismatchError:
raise InvalidAPIRequest(
"Password mismatch error, ensure they are the same",
status_code=BAD_REQUEST_CODE)
else:
raise InvalidAPIRequest("Bad request, please try again",
status_code=BAD_REQUEST_CODE)
except DuplicateUserEmailUsernameException:
raise InvalidAPIRequest("Username taken")
def auth_create_user():
form = RegistrationForm(request.form)
if not form.validate():
return render_template("auth/registration.html",
form=form,
kayttajat=User.query.all(),
error="Tarkista syötteet!")
user = User(form.name.data, form.username.data, form.password.data)
if form.isadmin.data:
user.role = "ADMIN"
else:
user.role = "USER"
db.session().add(user)
try:
db.session().commit()
#jos lisäys onnistuu, liitetään käyttäjä valittuun projektii
userproject = Userproject(False)
userproject.account_id = user.id
userproject.project_id = form.paaprojekti.data
userproject.paaprojekti = True
db.session().add(userproject)
db.session().commit()
except IntegrityError:
db.session().rollback()
return render_template(
"auth/registration.html",
form=form,
error="Käyttäjätunnus varattu, valitse toinen käyttäjätunnus",
kayttajat=User.query.all())
return redirect(url_for("auth_register"))
def auth_new_friseur():
if request.method == "GET":
return render_template("auth/new_friseur.html", form=UserForm())
form = UserForm(request.form)
if not form.validate():
return render_template("auth/new_friseur.html", form=form)
user = User.query.filter_by(username=form.username.data).first()
if user:
flash("Username exists, pick another one", "alert-warning")
return render_template("auth/new_friseur.html", form=form)
# Encrypt password and assign friseur role
password_hash = bcrypt.generate_password_hash(form.password.data)
user = User(form.name.data, form.username.data, password_hash)
user.role = Role.query.get(2)
db.session().add(user)
db.session().flush()
# Add all upcoming work days to friseur
upcoming_work_days = Work_day.upcoming_work_days()
for day in upcoming_work_days:
friseur_work_day = Friseur_work_day(user.id, day.get("id"), 10, 17)
db.session().add(friseur_work_day)
db.session().flush()
db.session().commit()
flash("New friseur with username %s created." % user.username,
"alert-warning")
return redirect(url_for("friseur_index"))
def auth_signup():
if request.method == "GET":
return render_template("auth/signupform.html", form=SignUpForm())
form = SignUpForm(request.form)
if not form.validate():
return render_template("auth/signupform.html",
form=SignUpForm(),
error="Invalid information")
user = User.query.filter_by(username=form.username.data).first()
if user:
return render_template("auth/signupform.html",
form=SignUpForm(),
error=user.username + " already taken")
user = User(form.firstName.data + ' ' + form.lastName.data)
user_role = Role.query.filter_by(name='User').first()
user.username = form.username.data
password = form.password.data
pw_hash = generate_password_hash(password).decode('utf-8')
user.password = pw_hash
user.roles.append(user_role)
db.session().add(user)
db.session().commit()
return redirect(url_for("auth_login"))
def users_show(account_id):
if request.method == 'GET':
account = User.query.get_or_404(account_id)
photos = User.find_user_pictures(account_id)
form = MessageForm()
return render_template("users/show.html",
account=account,
form=form,
photos=photos)
else:
form = MessageForm(request.form)
account_from = User.query.get(current_user.get_id())
account_to = User.query.get(account_id)
photos = User.find_user_pictures(account_id)
if not form.validate():
return render_template("users/show.html",
account=account_to,
form=form,
photos=photos)
m = Message(form.message.data)
account_from.conversations.append(m)
account_to.conversations.append(m)
db.session().commit()
return redirect(url_for("users_index"))
def admin_delete_user(user_id):
if current_user.role != "ADMIN":
return render_template("index.html", msg=msg_admin_feature)
Item.delete_items_by_userid(user_id)
List.delete_lists_by_userid(user_id)
User.delete_user_by_userid(user_id)
return redirect(url_for("list_users_with_item_amounts"))
def sample_db():
admin = User("admin",
bcrypt.generate_password_hash("admin").decode('utf-8'))
db.session().add(admin)
monkey = User("SunWukong",
bcrypt.generate_password_hash("xiyouji").decode('utf-8'))
db.session().add(monkey)
generic_user = User("generic_user",
bcrypt.generate_password_hash("salis").decode('utf-8'))
db.session().add(generic_user)
db.session().commit()
role1 = Role("admin")
db.session().add(role1)
role2 = Role("user")
db.session().add(role2)
db.session().commit()
urole1 = UserRole(1, 1)
db.session().add(urole1)
urole2 = UserRole(2, 2)
db.session().add(urole2)
urole3 = UserRole(3, 2)
db.session().add(urole3)
db.session().commit()
alueet = ["Yleinen", "Bysanttilainen dädä", "Sekalainen"]
for i in range(len(alueet)):
alue = Category(alueet[i])
db.session().add(alue)
db.session().commit()
return
def create_user():
if request.method == "GET":
return render_template("/auth/newuser.html", form=CreateUserForm())
form = CreateUserForm(request.form)
user = User.query.filter_by(username=form.username.data).first()
if not user:
username = form.username.data
passwordHash = bcrypt.generate_password_hash(
form.password.data).decode("utf-8") ## CHANGE TO BE BCRYPTED
name = form.displayname.data
# New user
u = User(name, username, passwordHash)
# THIS IS A HACK
if u.name == "admin":
u.role = "ADMIN"
else:
u.role = "USER"
db.session().add(u)
db.session().commit()
Category.create_default_categories(u.id)
return redirect(url_for("auth_login"))
return render_template(
"/auth/newuser.html",
form=form,
error="Username already in use! Choose another one.")
def student_create():
form = StudentForm(request.form)
if not form.validate():
return render_template("auth/new.html", form=form)
if User.query.filter(User.name == form.user.data).count() == 0:
return render_template("/kurssilaistaulu/kurssilaistauluform.html",
form=StudentForm(),
course_students=User.studentto_course(),
courses=Course.query.all(),
error="Tämän nimistä kurssilaista ei löytynyt")
if Course.query.filter(Course.name == form.course.data).count() == 0:
return render_template("/kurssilaistaulu/kurssilaistauluform.html",
form=StudentForm(),
course_students=User.studentto_course(),
courses=Course.query.all(),
error="Tämän nimistä kurssia ei löytynyt")
opiskelija = User.query.filter(User.name == form.user.data).first()
kurssi = Course.query.filter(Course.name == form.course.data).first()
if not (opiskelija.name in kurssi.kurssilaiset):
opiskelija.courseusers.append(kurssi)
db.session.commit()
return redirect(url_for("kurssilaistaulu_index"))
def auth_create():
if request.method == 'GET':
return render_template("auth/registerform.html", form=LoginForm())
# If method is POST, validate form data
form = LoginForm(request.form)
if form.validate():
user = User.query.filter_by(email=form.email.data).first()
if user:
# Enforce unique emails
return render_template("auth/loginform.html",
form=form,
error="This email is already in use.")
# If valid email, create user and hash password, then login and redirect
pw_hash = bcrypt.generate_password_hash(
form.password.data).decode('utf-8')
u = User(email=form.email.data, password=pw_hash)
if form.admin.data is True:
u.admin = True
db.session.add(u)
db.session.commit()
login_user(u)
print(u)
return redirect(url_for('events_index'))
# If anything in POST goes wrong, serve login form with errors
return render_template("auth/registerform.html",
form=form,
error="Invalid information")
def auth_signup_new():
form = SignupForm(request.form)
user = User.query.filter_by(username=form.username.data).first()
if user:
return render_template("auth/signupform.html", form = form,
error = "User with that username already exists")
if not form.validate() or form.username.data.isspace():
# username can't be only space
if form.username.data.isspace():
form.username.errors.append("Username can't be only whitespace")
return render_template("auth/signupform.html", form = form)
u = User(form.username.data)
u.name = form.name.data
u.password = form.password.data
db.session().add(u)
db.session().commit()
flash("Account successfully created")
return redirect(url_for("auth_login"))
def auth_add_user():
if request.method == "GET":
return render_template("auth/add_user.html", form=AddUserForm())
else:
form = AddUserForm(request.form)
errors = []
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if not user:
user = User(
form.name.data, form.username.data,
bcrypt.generate_password_hash(
form.password.data).decode("utf-8"))
user.role = Role.query.filter_by(name="user").first().id
db.session.add(user)
db.session.commit()
print("Käyttäjä %s luotu" % user.name)
login_user(user)
else:
errors.append("Käyttäjänimi on jo käytössä.")
else:
errors.append("Tarkista lomakkeen tiedot.")
if len(errors) > 0:
return render_template("auth/add_user.html",
form=form,
errors=errors)
return redirect(url_for("index"))
def user_update(user_id):
user = User.query.get(user_id)
if request.method == "GET":
form = UpdateUserForm(obj=user)
password_form = UpdatePasswordForm()
return render_template("auth/update.html", form=form, password_form=password_form, user=user)
form = UpdateUserForm(request.form)
if not form.validate():
return render_template("auth/update.html", form=form, password_form=UpdatePasswordForm(), user=user)
user.name = form.name.data
user.phone = form.phone.data
user.email = form.email.data
if user.role_ok("admin") and form.admin.data == True:
User.switch_roles("admin", "user", user_id)
flash('Tietojen päivittäminen onnistui')
return redirect(url_for("user_update", user_id=user_id))
elif user.role_ok("user") and form.admin.data == True:
User.switch_roles("user", "admin", user_id)
flash('Tietojen päivittäminen onnistui')
return redirect(url_for("user_update", user_id=user_id))
else:
db.session().commit()
flash('Tietojen päivittäminen onnistui')
return redirect(url_for("user_update", user_id=user_id))
def mutate(self, _, email, password, user_data):
if _UserModel.find_by_email(email):
LOG.warning(f'Repeated registration for {email}')
raise GraphQLError(f'User {email} already exists')
access_token = create_access_token(identity=email)
refresh_token = create_refresh_token(identity=email)
try:
new_user = _UserModel(email=email.strip(),
password=_UserModel.generate_hash(password),
jti=decode_token(refresh_token)['jti'],
created_time=datetime.datetime.now())
new_user.save()
Persistent.flush()
new_user_profile = UserProfile(
user_id=new_user.id,
email=email.strip(),
first_name=user_data.first_name.strip(),
last_name=user_data.last_name.strip())
new_user_profile.save_and_persist()
except Exception as e:
LOG.error(f"User registration failed. Error: {e}")
Persistent.rollback()
raise GraphQLError("User registration failed.")
else:
# check ws invitatitons
try:
pending_invitations = WorkspaceInvitation.find_all(
email=email, status=WorkspaceInvitationStatus.PENDING)
processed_ws_ids = set()
for inv in pending_invitations:
if inv.ws_id not in processed_ws_ids:
processed_ws_ids.add(inv.ws_id)
WorkspaceUser(user_id=new_user.id,
ws_id=inv.ws_id,
start_date=inv.start_date).save()
WorkspaceUserRole(
ws_id=inv.ws_id,
user_id=new_user.id,
role=WorkspaceUserRoles.MEMBER).save()
inv.status = WorkspaceInvitationStatus.ACCEPTED
WorkspaceInvitation.query() \
.filter(WorkspaceInvitation.id == inv.id) \
.update({WorkspaceInvitation.status: inv.status})
Persistent.commit()
except Exception as e:
LOG.error(
f"Workspace invitations check failed for user {new_user.email}. Error: {e}"
)
db.session.rollback()
return Register(ok=True,
user_id=new_user.id,
access_token=access_token,
refresh_token=refresh_token)
def list_users():
if current_user.role != "ADMIN":
return render_template("index.html", msg=msg_admin_feature)
users = User.list_all_users()
empty_shoppinglist = User.find_users_with_no_items()
return render_template("auth/users.html",
users=users,
empty_shoppinglist=empty_shoppinglist)
def auth_list_users():
if current_user.userrole == "MASTER":
userList = User.list_users_and_admins()
if current_user.userrole == "ADMIN":
userList = User.list_users()
return render_template("/auth/userList.html", userList=userList)
def worklog_stats():
#Kirjautunut käyttäjä
u = User.query.get(current_user.id)
return render_template("worklog/front.html", user=u, total_work=User.total_tasks(),
total_hours=WorkDone.total_hours(), user_hours=WorkDone.user_hours(u),
user_work = User.user_tasks(u), upcoming_work = UpcomingWork.select_filtered(u) )
def current_animals():
owner = current_user
owner_id = owner.get_id()
return render_template("animals/current.html", form = FoodForm(),
currentanimals = User.find_animals_of_current_user(owner_id), currentfoods = User.find_foods_of_current_user(owner_id),
counts = User.count_animals_of_current_user(owner_id), average = User.average_of_food_prices(owner_id))
