def check_token(username):
if request.method == 'GET':
headers = request.headers
if 'token' in headers:
token = headers['token']
if database_helper.check_user_exists_email(username):
if database_helper.check_user_logged_in_e_t(username, token):
answer = {
"success": True,
"message": "Welcome Back",
"data": ""
}
else:
answer = {
"success": False,
"message": "Wrong Username or Token",
"data": ""
}
else:
answer = {
"success": False,
"message": "No such user ",
"data": ""
}
else:
answer = {"success": False, "message": "Missing data", "data": ""}
return json.dumps(answer), 200
def recover_password(username):
if request.method == 'GET':
headers = request.headers
if database_helper.check_user_exists_email(username):
#Generate new password
temp_pwd = secrets.token_hex(16)
if database_helper.change_password_temp(username, temp_pwd):
#Created a bot gmail account ...
address = "*****@*****.**"
pwd = "common6project6"
#Setup and login SMTP server
s = smtplib.SMTP(host='smtp.gmail.com', port=25) #Or 465
s.starttls()
s.login(address, pwd)
msg = MIMEMultipart()
#Initialize and set message template value
#message_template = read_template("template_recovery.txt")
#message = message_template.substitute(PERSON_NAME=username, NEW_PASSWORD=temp_pwd)
# setup the parameters of the message
msg['From'] = address
msg['To'] = username
msg['Subject'] = "Twidder : Password Recovery"
# add in the message body
msg.attach(
MIMEText(
"Dear " + username +
",\n\n You seem to have forgotten your password,\n here is a temporary one that you can use to login :\n "
+ temp_pwd +
"\nDon't forget to change your password once you're logged in ! \nLove, \nMom",
'plain'))
# send the message via the server set up earlier.
s.send_message(msg)
del msg
answer = {
"success": True,
"message": "Successfuly reset password, check your emails",
"data": ""
}
else:
answer = {
"success": False,
"message": "Error : Unable to change password",
"data": ""
}
else:
answer = {"success": False, "message": "No such user", "data": ""}
return json.dumps(answer), 200
else:
abort(404)
def post_message():
if request.method == 'POST':
data = request.get_json()
headers = request.headers
if 'username' in data and 'message' in data and 'token' in headers:
receiver = data['username']
message = data['message']
token = headers['token']
if database_helper.check_user_logged_in_token(token):
if re.search(r"^\w+([\.-]?\w+)*@\w+([\.-]?\w+)*(\.\w{2,3})+$",
receiver):
writer = database_helper.get_username_from_token(token)
if database_helper.check_user_exists_email(receiver):
if database_helper.post_message(receiver, writer, message):
answer = {
"success": True,
"message": "Sucessfully posted message ",
"data": ""
}
notify_socket_message(writer)
notify_socket_message(receiver)
else:
answer = {
"success": False,
"message": "Unable to post message ",
"data": ""
}
else:
answer = {
"success": False,
"message": "No such user in the system",
"data": ""
}
else:
answer = {
"success": False,
"message": "The username is not an email adress ",
"data": ""
}
else:
answer = {
"success": False,
"message": "You are not logged in anymore",
"data": ""
}
return json.dumps(answer), 200
else:
abort(404)
def get_user_messages_by_email(username):
if request.method == 'GET':
headers = request.headers
if 'token' in headers:
token = headers['token']
if database_helper.check_user_logged_in_token(token):
if re.search(r"^\w+([\.-]?\w+)*@\w+([\.-]?\w+)*(\.\w{2,3})+$",
username):
if database_helper.check_user_exists_email(username):
data = database_helper.retrieve_message_email(username)
if not data:
answer = {
"success": False,
"message": "You don't have any messages",
"data": None
}
else:
answer = {
"success": True,
"message": "Here are the messages",
"data": data
}
else:
answer = {
"success": False,
"message": "No such user in the system",
"data": ""
}
else:
answer = {
"success": False,
"message": "The username is not an email adress ",
"data": ""
}
else:
answer = {
"success": False,
"message": "You are not logged in anymore",
"data": ""
}
return json.dumps(answer), 200
else:
abort(404)
def sign_in():
if request.method == 'POST':
data = request.get_json()
if 'username' in data and 'password' in data:
username = data['username']
if database_helper.check_user_exists_email(username):
if database_helper.get_password(username) == data['password']:
new_token = secrets.token_hex(16)
if database_helper.check_user_logged_in_email(username):
database_helper.overwrite_token(username, new_token)
else:
database_helper.save_token(username, new_token)
answer = {
"success": True,
"message": "Sucessfully signed in !",
"data": new_token
}
else:
answer = {
"success": False,
"message": "Wrong username or password",
"data": ""
}
else:
answer = {
"success": False,
"message": "Wrong username or password",
"data": ""
}
else:
answer = {
"success": False,
"message": "Missing one or more field",
"data": ""
}
return json.dumps(answer), 200
else:
abort(404)
def sign_up():
if request.method == 'POST':
data = request.get_json()
if 'username' in data and 'password' in data and 'firstName' in data and 'lastName' in data and 'gender' in data and 'city' in data and 'country' in data:
username = data['username']
password = data['password']
firstName = data['firstName']
lastName = data['lastName']
gender = data['gender']
city = data['city']
country = data['country']
infos = [
username, password, firstName, lastName, gender, city, country
]
if len(username) > 30 or len(password) > 40 or len(
firstName) > 20 or len(lastName) > 20 or len(
gender) > 10 or len(city) > 20 or len(country) > 20:
answer = {
"success": False,
"message": "One of the fields is too long",
"data": ""
}
else:
if re.search(r"^\w+([\.-]?\w+)*@\w+([\.-]?\w+)*(\.\w{2,3})+$",
username):
if not database_helper.check_user_exists_email(username):
if len(password) < 10:
answer = {
"success": False,
"message": "Password too short",
"data": ""
}
else:
database_helper.save_user(infos)
database_helper.set_profile_visits_user(username)
answer = {
"success": True,
"message": "Sucessfully signed up !",
"data": ""
}
else:
answer = {
"success": False,
"message": "User already exists",
"data": ""
}
else:
answer = {
"success": False,
"message": "The username is not an email adress ",
"data": ""
}
else:
answer = {
"success": False,
"message": "Missing one or more field",
"data": ""
}
return json.dumps(answer), 200
else:
abort(404)