Ejemplo n.º 1
0
def register():
    """Register Form"""
    logger.info(str(request))
    try:
        username = request.form['username']
        password = hashlib.md5(request.form['password'].encode()).hexdigest()
        email = request.form['email']

        if not check_mail(email):
            return jsonify(result='Registration failed: Not valid email'), 400

        data = User.query.filter_by(username=username).first()
        if data and data.deleted:
            data.password = hashlib.md5(password.encode()).hexdigest()
            data.email = email
            data.deleted = False
            new_action = Registry(username=username, action='Re-Register')

        else:
            new_user = User(username=username, password=password, email=email)
            new_action = Registry(username=username, action='Register')
            db.session.add(new_user)
        db.session.add(new_action)
        db.session.commit()
        admin_confirmation(username, email)
        return jsonify(result='User registered. Keep an eye with your email for knowing when your account is activated')

    except Exception as e:
        if str(type(e)).find('IntegrityError') > 0:
            e = 'User already exists'
        return jsonify(result=('Registration failed: ' + str(e))), 400
Ejemplo n.º 2
0
def validate_token(token, request):
    try:
        if not token:
            return 'Login or set a Token access is required'

        metadata = ast.literal_eval(jwt.JWT(key=key, jwt=token).claims)

        now = datetime.now()
        if metadata.get('timeout') >= datetime.timestamp(now):
            data = User.query.filter_by(username=metadata.get('username'), password=metadata.get('password')).first()
        else:
            return 'Token expired'
        if data is not None:

            if not isinstance(request, str) and request.data:
                new_action = Registry(username=metadata.get('username'),
                                      action=str(request.method + ' ' + request.path),
                                      data=str(request.get_json()))
            else:
                new_action = Registry(username=metadata.get('username'),
                                      action=str(request.method + ' ' + request.path))
            db.session.add(new_action)
            db.session.commit()
            pass
        else:
            raise Exception()
    except:
        return 'No valid Token given'
Ejemplo n.º 3
0
def validate_user_manually(data):
    logger.info(str(request))
    logger.info("Validating user")
    try:
        admin_auth(validate_user)
        user = data
        action = "create"
        email = User.query.filter_by(username=user).first().email
        logger.info(
            "The user {}, with mail {} is going to be validated".format(
                str(data), email))
        data = User.query.filter_by(username=user).first()
        data.active = True
        data.deleted = False
        new_action = Registry(username=data.username, action='Activated')
        db.session.add(new_action)
        db.session.commit()
        logger.info("The user {}, with mail {} is validated".format(
            str(data), email))
        notify_user(email, action)
        logger.info("A notification email is send to {}".format(email))
        return jsonify(result='Changes applied')

    except Exception as e:
        return jsonify(result=('Validation process interrupted: ' +
                               str(e))), 400
Ejemplo n.º 4
0
def validate_user(data):
    logger.info(str(request))
    try:

        metadata = ast.literal_eval(jwt.JWT(key=key, jwt=data).claims)
        user = metadata['username']
        action = metadata['action']

        email = User.query.filter_by(username=user).first().email
        if action == 'delete':
            Registry.query.filter_by(username=user).delete()
            User.query.filter_by(username=user).delete()
        else:
            data = User.query.filter_by(username=user).first()
            data.active = True
            data.deleted = False
            new_action = Registry(username=data.username, action='Activated')
            db.session.add(new_action)

        db.session.commit()
        notify_user(email, action)
        return jsonify(result='Changes applied')

    except Exception as e:
        return jsonify(result=('Validation process interrupted: ' +
                               str(e))), 400
Ejemplo n.º 5
0
def change_password():
    """change_Password Form"""
    logger.info(str(request))
    try:
        data = None
        if request.authorization:
            name = request.authorization.username
            passw = hashlib.md5(
                request.authorization.password.encode()).hexdigest()
            new_password = hashlib.md5(
                request.form['password'].encode()).hexdigest()
            data = User.query.filter_by(username=name, password=passw).first()

        if data is not None and data.active:
            data.password = new_password
            new_action = Registry(username=request.authorization.username,
                                  action='ChangePassword')
            db.session.add(new_action)
            db.session.commit()
            return jsonify(result='New password for ' + name)
        else:
            return jsonify(
                result='No user registered/active with that user/password'
            ), 400
    except Exception as e:
        return jsonify(result=('Change password failed: ' + str(e))), 400
Ejemplo n.º 6
0
def recover_password():
    """change_Password Form"""
    logger.info(str(request))
    email = request.form['email']
    if not check_mail(email):
        return jsonify(result='Not valid email'), 400

    new_password = randomPassword()

    try:
        data = User.query.filter_by(email=email).first()
        if data is not None and data.active:
            with app.app_context():
                data.password = hashlib.md5(new_password.encode()).hexdigest()
                new_action = Registry(username=data.username, action='recoverPassword')
                db.session.add(new_action)
                db.session.commit()
                msg = Message(subject='Password changed',
                              sender=app.config.get('MAIL_USERNAME'),
                              recipients=[email],  # replace with your email for testing
                              html=render_template('recover.html',
                                                   user=data.username, password=new_password))
                mail.send(msg)
            return jsonify(result='New password for ' + email + ' Look your email for getting it.')
        else:
            return jsonify(result='No user registered/active with that user/password'), 400
    except Exception as e:
        return jsonify(result=('Change password failed: ' + str(e))), 400
Ejemplo n.º 7
0
    def logic(token):
        try:
            session['token'] = token
            new_action = Registry(username=request.authorization.username, action='LogIn')
            db.session.add(new_action)
            db.session.commit()
            return jsonify(result='Logged')

        except Exception as e:
            return jsonify(result=('Login fails: ' + str(e))), 401
Ejemplo n.º 8
0
    def logic(token):

        try:
            new_action = Registry(username=request.authorization.username, action='GetToken')
            db.session.add(new_action)
            db.session.commit()
            return jsonify(result=token), 200

        except Exception as e:
            return jsonify(result=('Login fails: ' + str(e))), 400
Ejemplo n.º 9
0
def delete_account():
    """change_Password Form"""
    logger.info(str(request))
    try:
        data = None
        if request.authorization:
            name = request.authorization.username
            passw = hashlib.md5(request.authorization.password.encode()).hexdigest()
            data = User.query.filter_by(username=name, password=passw).first()
        if data is not None and data.active and not data.deleted and data.username != 'Admin':
            data.active = False
            data.deleted = True
            new_action = Registry(username=request.authorization.username, action='account_deleted')
            db.session.add(new_action)
            db.session.commit()
            return jsonify(result=name + ' deleted')
        else:
            return jsonify(result='No user registered/active with that user/password'), 400
    except Exception as e:
        return jsonify(result=('Delete account failed: ' + str(e))), 400
Ejemplo n.º 10
0
def validate_user_manually(data):
    logger.info(str(request))
    try:
        admin_auth(validate_user)
        user = data
        action = "create"
        email = User.query.filter_by(username=user).first().email

        data = User.query.filter_by(username=user).first()
        data.active = True
        data.deleted = False
        new_action = Registry(username=data.username, action='Activated')
        db.session.add(new_action)

        db.session.commit()
        notify_user(email, action)
        return jsonify(result='Changes applied')

    except Exception as e:
        return jsonify(result=('Validation process interrupted: ' + str(e))), 400