def put(self): args = self.get_put_arguments() try: email = auth_tokens_store.get("reset-%s" % args["token"]) if email: auth.validate_password(args["password"], args["password2"]) password = auth.encrypt_password(args["password"]) persons_service.update_password(email, password) auth_tokens_store.delete("reset-%s" % args["token"]) return {"success": True} else: return ( { "error": True, "message": "Wrong or expired token." }, 400, ) except auth.PasswordsNoMatchException: return ( { "error": True, "message": "Confirmation password doesn't match.", }, 400, ) except auth.PasswordTooShortException: return {"error": True, "message": "Password is too short."}, 400 except UnactiveUserException: return {"error": True, "message": "User is unactive."}, 400
def post(self): ( old_password, password, password_2, ) = self.get_arguments() try: auth_service.check_auth(app, get_jwt_identity(), old_password) auth.validate_password(password, password_2) password = auth.encrypt_password(password) persons_service.update_password(get_jwt_identity(), password) return {"change_password_success": True} except auth.PasswordsNoMatchException: return { "error": True, "message": "Confirmation password doesn't match." }, 400 except auth.PasswordTooShortException: return { "error": True, "message": "Password is too short." }, 400 except UnactiveUserException: return { "error": True, "message": "Old password is wrong." }, 400 except WrongPasswordException: return { "error": True, "message": "User is unactive." }, 400
def post(self): ( email, password, password_2, first_name, last_name, ) = self.get_arguments() try: email = auth.validate_email(email) auth.validate_password(password, password_2) password = auth.encrypt_password(password) persons_service.create_person(email, password, first_name, last_name) return {"registration_success": True}, 201 except auth.PasswordsNoMatchException: return ( { "error": True, "message": "Confirmation password doesn't match.", }, 400, ) except auth.PasswordTooShortException: return {"error": True, "message": "Password is too short."}, 400 except auth.EmailNotValidException as exception: return {"error": True, "message": str(exception)}, 400
def post(self): """ Allow the user to change his password. --- description: Prior to modifying the password, it requires to give the current password (to make sure the user changing the password is not someone who stealed the session). The new password requires a confirmation to ensure that the user didn't make a mistake by typing his new password. tags: - Authentification parameters: - in: body name: Credentials description: The old password, new password and confirmation password of the user schema: type: object required: - old_password - password - password_2 properties: old_password: type: string password: type: string password_2: type: string responses: 200: description: Password changed 400: description: Invalid password or inactive user """ (old_password, password, password_2) = self.get_arguments() try: auth_service.check_auth(app, get_jwt_identity(), old_password) auth.validate_password(password, password_2) password = auth.encrypt_password(password) persons_service.update_password(get_jwt_identity(), password) return {"success": True} except auth.PasswordsNoMatchException: return ( { "error": True, "message": "Confirmation password doesn't match.", }, 400, ) except auth.PasswordTooShortException: return {"error": True, "message": "Password is too short."}, 400 except UnactiveUserException: return {"error": True, "message": "User is unactive."}, 400 except WrongPasswordException: return {"error": True, "message": "Old password is wrong."}, 400
def post(self): ( old_password, password, password_2, ) = self.get_arguments() try: auth.check_credentials(current_user.email, old_password) auth.validate_password(password, password_2) password = auth.encrypt_password(password) person_info.update_password(current_user, password) return {"change_password_success": True} except auth.PasswordsNoMatchException: return { "error": True, "message": "Confirmation password doesn't match." }, 400 except auth.PasswordTooShortException: return {"error": True, "message": "Password is too short."}, 400 except auth.WrongPasswordException: return {"error": True, "message": "Old password is wrong."}, 400
def test_validate_password(self): self.assertRaises( auth.PasswordTooShortException, auth.validate_password, "12345", "12345", ) self.assertRaises( auth.PasswordsNoMatchException, auth.validate_password, "12345678", "12345676", ) self.assertTrue(auth.validate_password("mypassword", "mypassword"))
def put(self): """ Ressource to allow a user to change his password when he forgets it. --- description: "It uses a classic scheme: a token is sent by email to the user. Then he can change his password." tags: - Authentification parameters: - in: body name: Credentials description: The token, new password and confirmation password of the user schema: type: object required: - token - password - password_2 properties: token: type: UUID password: type: string password_2: type: string responses: 200: description: Password reset 400: description: Invalid password Wrong or expired token Inactive user """ args = self.get_put_arguments() try: email = auth_tokens_store.get("reset-%s" % args["token"]) if email: auth.validate_password(args["password"], args["password2"]) password = auth.encrypt_password(args["password"]) persons_service.update_password(email, password) auth_tokens_store.delete("reset-%s" % args["token"]) return {"success": True} else: return ( { "error": True, "message": "Wrong or expired token." }, 400, ) except auth.PasswordsNoMatchException: return ( { "error": True, "message": "Confirmation password doesn't match.", }, 400, ) except auth.PasswordTooShortException: return {"error": True, "message": "Password is too short."}, 400 except UnactiveUserException: return {"error": True, "message": "User is inactive."}, 400
def post(self): """ Allow a user to register himself to the service. --- tags: - Authentification parameters: - in: body name: Credentials description: The email, password, confirmation password, first name and last name of the user schema: type: object required: - email - password - password_2 - first_name - last_name properties: email: type: string password: type: string password_2: type: string first_name: type: string last_name: type: string responses: 201: description: Registration successful 400: description: Invalid password or email """ ( email, password, password_2, first_name, last_name, ) = self.get_arguments() try: email = auth.validate_email(email) auth.validate_password(password, password_2) password = auth.encrypt_password(password) persons_service.create_person(email, password, first_name, last_name) return {"registration_success": True}, 201 except auth.PasswordsNoMatchException: return ( { "error": True, "message": "Confirmation password doesn't match.", }, 400, ) except auth.PasswordTooShortException: return {"error": True, "message": "Password is too short."}, 400 except auth.EmailNotValidException as exception: return {"error": True, "message": str(exception)}, 400