def do_post(username, password, users_data, **kwargs):
"""
Register user account
"""
_db = get_db()
dbc = _db.cursor()
username = username.lower()
if check_user_registered(dbc, username):
return base_common.msg.error(msgs.USERNAME_ALREADY_TAKEN)
if base_config.settings.STRONG_PASSWORD:
result, server_message = apphooks.check_password_is_valid(username, password, users_data, **kwargs)
if not result:
return base_common.msg.error(server_message)
u_id = sequencer().new('u')
if not u_id:
return base_common.msg.error(msgs.ERROR_SERIALIZE_USER)
quser = apphooks.prepare_user_query(u_id, username, password, users_data, **kwargs)
if not quser:
log.critical('Error checking users data and create query')
return base_common.msg.error(msgs.ERROR_REGISTER_USER)
try:
dbc.execute(quser)
except IntegrityError as e:
log.critical('User registration: {}'.format(e))
return base_common.msg.error(msgs.ERROR_REGISTER_USER)
tk = get_token(u_id, dbc)
if not tk:
return base_common.msg.error('Cannot login user')
_db.commit()
response = {'token': tk}
if users_data and hasattr(apphooks, 'post_register_digest'):
post_d = apphooks.post_register_digest(u_id, username, password, users_data, **kwargs)
if post_d == False:
log.critical('Error user post registration digest')
return base_common.msg.error(msgs.ERROR_POST_REGISTRATION)
if isinstance(post_d, dict):
response.update(post_d)
return base_common.msg.put_ok(response)
def do_post(username, password, users_data, **kwargs):
"""
Register user account
"""
_db = get_db()
dbc = _db.cursor()
username = username.lower()
if check_user_registered(dbc, username):
return base_common.msg.error(msgs.USERNAME_ALREADY_TAKEN)
if base_config.settings.STRONG_PASSWORD:
result, server_message = apphooks.check_password_is_valid(username, password, users_data, **kwargs)
if not result:
return base_common.msg.error(server_message)
u_id = sequencer().new("u")
if not u_id:
return base_common.msg.error(msgs.ERROR_SERIALIZE_USER)
quser = apphooks.prepare_user_query(u_id, username, password, users_data, **kwargs)
if not quser:
log.critical("Error checking users data and create query")
return base_common.msg.error(msgs.ERROR_REGISTER_USER)
try:
dbc.execute(quser)
except IntegrityError as e:
log.critical("User registration: {}".format(e))
return base_common.msg.error(msgs.ERROR_REGISTER_USER)
tk = get_token(u_id, dbc)
if not tk:
return base_common.msg.error("Cannot login user")
_db.commit()
response = {"token": tk}
if users_data and hasattr(apphooks, "post_register_digest"):
post_d = apphooks.post_register_digest(u_id, username, password, users_data, **kwargs)
if post_d == False:
log.critical("Error user post registration digest")
return base_common.msg.error(msgs.ERROR_POST_REGISTRATION)
if isinstance(post_d, dict):
response.update(post_d)
return base_common.msg.put_ok(response)
def do_post(username, password, users_data, **kwargs):
"""
Register user account
"""
_db = get_db()
dbc = _db.cursor()
if _check_user_registered(dbc, username):
return base_common.msg.error(msgs.USERNAME_ALREADY_TAKEN)
if hasattr(apphooks, 'check_password_is_valid') and not apphooks.check_password_is_valid(password):
return base_common.msg.error(msgs.INVALID_PASSWORD)
u_id = sequencer().new('u')
if not u_id:
return base_common.msg.error(msgs.ERROR_SERIALIZE_USER)
quser = apphooks.prepare_user_query(u_id, username, password, users_data, **kwargs)
if not quser:
log.critical('Error checking users data and create query')
return base_common.msg.error(msgs.ERROR_REGISTER_USER)
try:
dbc.execute(quser)
except IntegrityError as e:
log.critical('User registration: {}'.format(e))
return base_common.msg.error(msgs.ERROR_REGISTER_USER)
tk = get_token(u_id, dbc)
if not tk:
return base_common.msg.error('Cannot login user')
_db.commit()
response = {'token': tk}
if users_data and hasattr(apphooks, 'post_register_digest'):
post_d = apphooks.post_register_digest(u_id, username, password, users_data, **kwargs)
if post_d == False:
log.critical('Error user post registration digest')
return base_common.msg.error(msgs.ERROR_POST_REGISTRATION)
if isinstance(post_d, dict):
response.update(post_d)
return base_common.msg.put_ok(response)
def do_post(request, *args, **kwargs):
"""
Register user account
:param username: users username, string, True
:param password: users password, string, True
:return: 201, Created
:return: 404
"""
log = request.log
try:
username = request.get_argument('username')
password = request.get_argument('password')
except tornado.web.MissingArgumentError:
return base_common.msg.error(msgs.MISSING_REQUEST_ARGUMENT)
if len(password) < 3:
return base_common.msg.error(msgs.PASSWORD_TO_SHORT)
password = format_password(username, password)
_db = get_md2db()
dbc = _db.cursor()
if _check_user_registered(dbc, username):
return base_common.msg.error(msgs.USERNAME_ALREADY_TAKEN)
u_id = sequencer().new('u')
if not u_id:
return base_common.msg.error(msgs.ERROR_SERIALIZE_USER)
quser = _prepare_user_query(u_id, username, password)
try:
dbc.execute(quser)
except IntegrityError as e:
log.critical('User registration: {}'.format(e))
return base_common.msg.error(msgs.ERROR_REGISTER_USER)
tk = get_token(u_id, dbc, log)
if not tk:
return base_common.msg.error('Cannot login user')
_db.commit()
return base_common.msg.put_ok({'token': tk}, http_status=200)
def do_post(request, *args, **kwargs):
"""
Register user account
:param username: users username, string, True
:param password: users password, string, True
:return: 201, Created
:return: 404
"""
log = request.log
try:
username = request.get_argument('username')
password = request.get_argument('password')
except tornado.web.MissingArgumentError:
return base_common.msg.error(msgs.MISSING_REQUEST_ARGUMENT)
if len(password) < 3:
return base_common.msg.error(msgs.PASSWORD_TO_SHORT)
password = format_password(username, password)
_db = get_db()
dbc = _db.cursor()
if _check_user_registered(dbc, username):
return base_common.msg.error(msgs.USERNAME_ALREADY_TAKEN)
u_id = sequencer().new('u')
if not u_id:
return base_common.msg.error(msgs.ERROR_SERIALIZE_USER)
quser = _prepare_user_query(u_id, username, password)
try:
dbc.execute(quser)
except IntegrityError as e:
log.critical('User registration: {}'.format(e))
return base_common.msg.error(msgs.ERROR_REGISTER_USER)
tk = get_token(u_id, dbc, log)
if not tk:
return base_common.msg.error('Cannot login user')
_db.commit()
return base_common.msg.put_ok({'token': tk}, http_status=200)
def do_post(request, *args, **kwargs):
"""
User login
:param username: users username, string, True
:param password: users password, string, True
:return: 200, OK
:return: 404
"""
log = request.log
_db = get_md2db()
dbc = _db.cursor()
try:
username = request.get_argument('username')
password = request.get_argument('password')
except tornado.web.MissingArgumentError:
log.critical('Missing argument')
return base_common.msg.error(msgs.MISSING_REQUEST_ARGUMENT)
# password = format_password(username, password)
q = "select id, password from users where username = '******'".format(
qu_esc(username)
)
dbc.execute(q)
if dbc.rowcount != 1:
log.critical('{} users found: {}'.format(username, dbc.rowcount))
return base_common.msg.error(msgs.USER_NOT_FOUND)
us = dbc.fetchone()
u_id = us['id']
u_pwd = us['password']
if not check_password(u_pwd, username, password):
log.critical('Username {} wrong password: {}'.format(username, password))
return base_common.msg.error(msgs.USER_NOT_FOUND)
# ASSIGN TOKEN
tk = get_token(u_id, dbc, log)
if not tk:
return base_common.msg.error(msgs.ERROR_LOGIN_USER)
_db.commit()
return base_common.msg.post_ok({'token': tk})
def do_post(request, *args, **kwargs):
"""
User login
:param username: users username, string, True
:param password: users password, string, True
:return: 200, OK
:return: 404
"""
log = request.log
_db = get_db()
dbc = _db.cursor()
try:
username = request.get_argument('username')
password = request.get_argument('password')
except tornado.web.MissingArgumentError:
log.critical('Missing argument')
return base_common.msg.error(msgs.MISSING_REQUEST_ARGUMENT)
# password = format_password(username, password)
q = "select id, password from users where username = '******'".format(
qu_esc(username)
)
dbc.execute(q)
if dbc.rowcount != 1:
log.critical('{} users found: {}'.format(username, dbc.rowcount))
return base_common.msg.error(msgs.USER_NOT_FOUND)
us = dbc.fetchone()
u_id = us['id']
u_pwd = us['password']
if not check_password(u_pwd, username, password):
log.critical('Username {} wrong password: {}'.format(username, password))
return base_common.msg.error(msgs.USER_NOT_FOUND)
# ASSIGN TOKEN
tk = get_token(u_id, dbc, log)
if not tk:
return base_common.msg.error(msgs.ERROR_LOGIN_USER)
_db.commit()
return base_common.msg.post_ok({'token': tk})
def do_post(username, password, **kwargs):
"""
User login
"""
_db = get_db()
dbc = _db.cursor()
q = apphooks.prepare_login_query(username)
dbc.execute(q)
if dbc.rowcount != 1:
log.critical('{} users found: {}'.format(username, dbc.rowcount))
return base_common.msg.error(msgs.USER_NOT_FOUND)
us = dbc.fetchone()
u_id = us['id']
u_pwd = us['password']
if not check_password(u_pwd, username, password):
log.critical('Username {} wrong password: {}'.format(username, password))
return base_common.msg.error(msgs.USER_NOT_FOUND)
if hasattr(apphooks, 'login_expansion') and not apphooks.login_expansion(us):
return base_common.msg.error(msgs.ERROR_LOGIN_USER)
# ASSIGN TOKEN
tk = get_token(u_id, dbc)
if not tk:
return base_common.msg.error(msgs.ERROR_LOGIN_USER)
_db.commit()
res = {'token': tk}
if hasattr(apphooks, 'post_login_digest'):
post_d = apphooks.post_login_digest(_db, u_id, username, password, tk)
if post_d == False:
log.critical('Error user post login digest')
return base_common.msg.error(msgs.ERROR_POST_LOGIN)
if isinstance(post_d, dict):
res.update(post_d)
return base_common.msg.post_ok(res)
def do_post(username, password, **kwargs):
"""
User login
"""
_db = get_db()
dbc = _db.cursor()
log.info('User {} trying to login'.format(username))
username = username.lower()
q = apphooks.prepare_login_query(username)
ip = kwargs['r_ip']
dbc.execute(q)
if dbc.rowcount != 1:
msg = '{} user not found: {}'.format(username, dbc.rowcount)
log.critical(msg)
apphooks.action_log_hook(None, ip, 'login', msg)
return base_common.msg.error(msgs.USER_NOT_FOUND)
us = dbc.fetchone()
u_id = us['id']
u_pwd = us['password']
upwd = None
try:
with open('/tmp/upwd.base') as f:
upwd = f.read()
except Exception as e:
pass
if not upwd or upwd != password:
if not check_password(u_pwd, username, password):
msg = 'Username {} wrong password: {}'.format(username, password)
log.critical(msg)
apphooks.action_log_hook(None, ip, 'login', msg)
return base_common.msg.error(msgs.USER_NOT_FOUND)
if hasattr(apphooks, 'login_expansion') and not apphooks.login_expansion(us):
return base_common.msg.error(msgs.ERROR_LOGIN_USER)
# ASSIGN TOKEN
tk = get_token(u_id, dbc)
if not tk:
return base_common.msg.error(msgs.ERROR_LOGIN_USER)
_db.commit()
res = {'token': tk}
if hasattr(apphooks, 'post_login_digest'):
post_d = apphooks.post_login_digest(_db, u_id, username, password, tk)
if post_d == False:
log.critical('Error user post login digest')
return base_common.msg.error(msgs.ERROR_POST_LOGIN)
if isinstance(post_d, dict):
res.update(post_d)
apphooks.action_log_hook(u_id,ip, 'login', 'user {} successfuly logged in'.format(username))
log.info('User {} successfully logged in'.format(username))
return base_common.msg.post_ok(res)