def test_verify_user(self):
login = "******" + str(randint(-1000, 1000))
password = "******"
user = User(fullname="New user service user.",
login=login,
password=password)
self.user_service.create_new_user(user)
user2 = User(login=login, password=password)
assert self.user_service.verify_user(user2) is not None
async def login(user: UserLogin):
"""
Valida el acceso del usuario al sistema.
:param user Usuario que se quiere conectar, tiene atributos rut y password
@return: User que contiene la información requerida y el tokn correspondiente.
"""
session = next(get_db())
r = user.rut.strip().replace(".", "").replace("-", "")
r = r.rjust(10, '0')
vendedor = session.query(t_MSOVENDEDOR).filter(
t_MSOVENDEDOR.c.rut == r, t_MSOVENDEDOR.c.tipo == 1).all()
clave = session.query(t_EOS_USUARIOS).filter(
t_EOS_USUARIOS.c.rut == r).all()
if vendedor and clave:
password_bytes = base64.b64decode(user.password)
password = password_bytes.decode('ascii')
m = hashlib.sha1(password.encode('utf-8'))
if m.digest() == clave[0].password:
upd = t_EOS_USUARIOS.update().where(
t_EOS_USUARIOS.c.rut == r).values(
lastlogin=datetime.datetime.now())
session.execute(upd)
return User(code=vendedor[0].codigo,
name=vendedor[0].nombre,
rut=r,
token="123")
else:
raise HTTPException(status_code=400, detail="Clave incorrecta")
raise HTTPException(status_code=400, detail="Usuario No encontrado")
def login():
if current_user.is_authenticated:
return redirect(url_for('home'))
form = LoginForm()
if form.validate_on_submit():
user = None
user_data = user_db_conn.execute(
"SELECT * FROM Users WHERE Username = ?",
(form.username.data.lower(), )).fetchall()
if user_data:
user = User(user_data[0][0], user_data[0][1], user_data[0][2],
user_data[0][3], user_data[0][4])
if user and bcrypt.check_password_hash(user.password,
form.password.data):
login_user(user, remember=form.remember.data)
flash(f'Login successful for user {form.username.data}!',
'success')
return redirect(url_for('home'))
else:
flash("Login failed- please check username and password", 'danger')
elif request.method == 'POST' and form.errors:
for error in form.errors:
for str in form.errors[error]:
flash(f"{error.capitalize()} error, {str}", 'danger')
return render_template("login.html", form=form)
def fetch_user_by_name(user_name):
db_cursor = db_query(sql_queries.SQL_FETCH_USER_BY_NAME, (user_name,))
row = db_cursor.fetchone()
user = None
if row:
user = User(row["twitter_id"], row["user_name"], row["balance"])
return user
def test_delete_user(self):
userA = User(fullname='UserA',
login="******" + str(randint(-1000, 1000)),
password="******")
self.repo.create_user(userA)
self.repo.delete_user(userA)
assert self.repo.get_user_by_id(userA.id) is None
def post(self):
'''Register user'''
try:
data = api.payload
username = data['username']
hashed_password = generate_password_hash(data['password'],
method='sha256')
new_user = User(username=username, password=hashed_password)
new_user.insert_record()
user = user_schema.dump(data)
this_user = User.fetch_by_user(username)
access_token = create_access_token(identity=this_user.id,
expires_delta=False)
return {
'status': 'User added',
'access token': access_token,
'user': user
}, 201
except KeyError as e:
api.abort(500,
e.__doc__,
status="Could not perform this action",
statusCode="500")
except Exception as e:
api.abort(400,
e.__doc__,
status="Could not perform this action",
statusCode="400")
def test_delete_user(self):
user = User(fullname="New user service user.",
login="******" + str(randint(-1000, 1000)),
password="******")
self.user_service.create_new_user(user)
assert user.id is not None
deleted_user = self.user_service.delete_user(user.id)
assert deleted_user is not None
def fetch_all_users():
db_cursor = db_query(sql_queries.SQL_FETCH_ALL_USERS)
rows = db_cursor.fetchall()
users = []
for row in rows:
user = User(row["twitter_id"], row["user_name"], row["balance"])
users.append(user)
return users
def register_user(form):
encoded_pw = form.password.data.encode('utf-8')
hashed_password = auth_logic.hash_password(encoded_pw)
user = User(username=form.username.data,
email=form.email.data,
password=hashed_password)
user.save()
return unicode(user.pk)
def list_to_user(user_list):
u = User()
u.set_id(user_list[0])
u.set_username(user_list[1])
u.set_password(user_list[2])
u.set_mail(user_list[3])
u.set_security(sec.get_by_name(user_list[4]))
return u
def register_user():
request_data = request.get_json()
# check if user already exists
user = User.query.filter_by(username=request_data.get('username')).first()
if not user:
try:
# validate the data are in the correct form
jsonschema.validate(request_data, register_user_schema)
if vuln and 'admin' in request_data: # User is possible to define if she/he wants to be an admin !!
if request_data['admin'] == "True":
admin = True
else:
admin = False
user = User(username=request_data['username'],
password=request_data['password'],
email=request_data['email'],
admin=admin)
else:
user = User(username=request_data['username'],
password=request_data['password'],
email=request_data['email'])
db.session.add(user)
db.session.commit()
responseObject = {
'status':
'success',
'message':
'Successfully registered. Login to receive an auth token.'
}
return Response(json.dumps(responseObject),
200,
mimetype="application/json")
except jsonschema.exceptions.ValidationError as exc:
return Response(error_message_helper(exc.message),
400,
mimetype="application/json")
else:
return Response(
error_message_helper("User already exists. Please Log in."),
200,
mimetype="application/json")
def post(self):
data = request.get_json()
if User.find_by_username(data['username']):
return {"message": "User already exists"}
user = User(data['username'], data['password'])
user.save_to_db()
return {"message": "User Created"}
def post(self):
data = UserRegister.parser.parse_args()
if User.find_by_username(data['username']):
return {"message": "username already taken"}, 400
user = User(**data)
user.save_to_db()
return {"message": "user created"}, 201
def post(self):
if self._getUsername(request.json["username"]) is not None:
return {
"message": "Please register with a non existing username"
}, 400
new_user = User(username=request.json["username"],
password=request.json["password"])
#token = create_access_token( identity = request.json[ "username" ] )
db.session.add(new_user)
db.session.commit()
return self.post_schema.dump(new_user)
def new_remember(message):
try:
# Get the user info
user = User(message.chat.id)
# Send Interaction
add_remember_interaction_module(bot, user).add_remember(message)
except Exception as e:
logging.error("----------------------------------")
logging.error("Error: " + str(e))
logging.error("Message:" + str(message))
logging.error("Function: new_remember")
def change_language(message):
try:
# Get the user info
user = User(message.chat.id)
# Send Interaction
change_language_interaction_module(bot, user).change_language(message)
except Exception as e:
logging.error("----------------------------------")
logging.error("Error: " + str(e))
logging.error("Message:" + str(message))
logging.error("Function: change_language")
def cancel(message):
try:
# Get the user info
user = User(message.chat.id)
# Put back to keyboard
utilities_interaction_module(bot, user).show_keyboard(message)
except Exception as e:
logging.error("-----------------------------------")
logging.error("Error: " + str(e))
logging.error("Message:" + str(message))
logging.error("Function: cancel")
def remember_delete(message):
try:
# Get the user info
user = User(message.chat.id)
# Send Interaction
remember_delete_interaction_module(bot, user).remember_delete(message)
except Exception as e:
logging.error("----------------------------------")
logging.error("Error: " + str(e))
logging.error("Message:" + str(message))
logging.error("Function: remember_delete")
def about_me(message):
try:
# Get the user info
user = User(message.chat.id)
# Send Interaction
about_this_bot_interaction_module(bot, user).about_this_bot(message)
except Exception as e:
logging.error("-----------------------------------")
logging.error("Error: " + str(e))
logging.error("Message:" + str(message))
logging.error("Function: about_me")
def sign_up(self, login, password, name):
user = User(login = login, password=password, fullname = str(name))
try:
self.auth_service.create_new_user(user)
messagebox.showinfo(message="User created.")
self.window.destroy()
self.window = Tk()
MainWindow(self.window, user.id, Services.product_service(), Services.user_service(),
Services.physical_stats_service())
except:
messagebox.showinfo(message="User with that login already exists.")
def handle_query(call):
if call.data.startswith("postpone_remermberme_id"):
remember_id = call.data.split("-")[-1]
user = User(call.from_user.id)
# Added this check to be sure that people don't start postponing random things
if Remember(remember_id).user_id != call.from_user.id:
utilities_interaction_module(bot, user).show_keyboard(call)
else:
remember_postpone_module(bot, user).remember_hour_postpone(
call, remember_id=remember_id)
def new_user():
u = User()
u.set_id(random.randint(1, 999))
u.set_username(input("Nutzername: "))
u.set_password(input("Passwort: "))
u.set_mail(input("Mail: "))
for i in range(len(sec.secs)):
print(str(i + 1) + " | " + sec.secs[i].name)
which = int(input("Wählen sie eine Sicherheitsstufe: "))
u.set_security(sec.secs[which - 1].name)
save_user(u)
return u
def test_create_user(self):
# Arrange
# Login is UNIQUE filled, so we use random for new unique login field.
userA = User(fullname='UserA',
login="******" + str(randint(-1000, 1000)),
password="******")
# Act
self.repo.create_user(userA)
print("With a unique login", userA)
# Assert
# Should be not None as id was assigned by Database
assert userA.id is not None
def sign_in(self, login, password):
user = User(login = login, password = password)
try:
user_from_db = self.auth_service.verify_user(user)
self.window.destroy()
self.window = Tk()
MainWindow(self.window, user_from_db.id, Services.product_service(), Services.user_service(),
Services.physical_stats_service())
except Exception as e:
messagebox.showinfo(message="Wrong login or password.")
def create_user(self, username: str, password: str, mac_address: Optional[str] = None) -> User:
db_response = self.db.execute(
text(CREATE_USER_QUERY),
username=username,
password=hash_password(raw_password=password),
mac_address=mac_address,
).fetchone()
return User(
user_id=db_response["user_id"],
username=db_response["username"],
mac_address=db_response["mac_address"],
)
def transfer(origin_id, command_stack):
try:
from_user = User(user_id=origin_id)
to_user = User(user_name=command_stack[1])
amount = round(float(command_stack[0]), 2)
if not pipocoin_util.does_user_exists_by_id(from_user):
return messages.transfer.fail_not_registered_user()
if not pipocoin_util.does_user_exists_by_name(to_user):
return messages.transfer.fail_not_registered_target_user()
if not pipocoin_util.user_has_enough_money_by_id(from_user, amount):
return messages.transfer.fail_not_enough_money_to_tranfer()
user_DAO.transfer_to_user(
from_user,
to_user,
amount
)
return messages.transfer.success_tranferred(from_user, to_user, amount)
except Exception as e:
print(e)
return messages.transfer.fail_error_occurred()
def post(self):
'''Register User'''
data = api.payload
if not data:
abort(400, 'No input data detected')
email = data['email'].lower()
user = User.fetch_by_email(email)
if user:
abort(400, 'Falied... A user with this email already exists')
id_no = data['id_no']
user = User.fetch_by_id_no(id_no)
if user:
abort(400, 'Falied... A user with this ID number already exists')
full_name = data['full_name'].lower()
hashed_password = generate_password_hash(data['password'],
method='sha256')
new_user = User(email=email,
id_no=id_no,
full_name=full_name,
country_code=data['country_code'],
phone=data['phone'],
password=hashed_password)
new_user.insert_record()
user = user_schema.dump(data)
this_user = User.fetch_by_email(email)
UserPrivilege.generate_user_role(user_id=this_user.id)
user_id = UserPrivilege.user_id
role = UserPrivilege.role
new_user_role = UserRole(user_id=user_id, role=role)
new_user_role.insert_record()
privileges = UserPrivilege.privileges
expiry_time = timedelta(minutes=30)
my_identity = {'id': this_user.id, 'privileges': privileges}
access_token = create_access_token(identity=my_identity,
expires_delta=expiry_time)
refresh_token = create_refresh_token(my_identity)
return {
'message': 'Success',
'access token': access_token,
"refresh_token": refresh_token,
'user': user
}, 201
def stats(origin_id, command_stack):
try:
origin_user = User(user_id=origin_id)
if not pipocoin_util.does_user_exists_by_id(origin_user):
return messages.stats.fail_not_registered_user()
user = user_DAO.fetch_user_by_id(
origin_user.get_id()
)
return messages.stats.success_get_stats(user)
except Exception as e:
print(e)
return messages.stats.fail_error_occurred()
def create(origin_id, command_stack):
try:
user = User(user_id=origin_id, user_name=command_stack[0])
if pipocoin_util.does_user_exists_by_id(user):
return messages.create.fail_already_registered_user()
created_user = user_DAO.create_new_user(
user
)
return messages.create.success_user_created(created_user)
except Exception as e:
print(e)
return messages.create.fail_error_occurred()
def register():
form = RegisterForm()
if request.method == 'POST':
if form.validate_on_submit():
salt = bcrypt.gensalt()
user = User(
username = form.username.data,
password = bcrypt.hashpw(form.password.data, salt)
).save()
return redirect(url_for('user_app.login'))
return render_template('user/register.html', form=form)
