def me():
LOGGER.info("called api/1.0/auth/me endpoint ...")
login = request.args.get('login_token', None)
if not login:
abort(400, "login_token should be in url params")
accounts = app.data.driver.db['persons']
user = accounts.find_one(
{"tokens.login": {
"$elemMatch": {
"$eq": str(login)
}
}})
if not user:
error = 'user not loggedin or not registered'
abort(401, error)
LOGGER.info("user:{0}".format(user))
json_user = convert_object_dates_to_string(
user, ['_id', 'created_date', 'modified_date', 'last_modified_by', ''])
del_some_keys = delete_some_keys_from_dict(
json_user, ['password', 'fav_stores', 'fav_coupons'])
response = jsonify(error='', data=del_some_keys)
response.status_code = 200
return response
def email_activation():
if 'user_id' not in request.json:
message = "user_id not found in payload"
abort(400, message)
if 'token' not in request.json:
message = "token not found in payload"
abort(400, message)
LOGGER.info("payload is:{0}".format(request.json))
accounts = app.data.driver.db['persons']
user = accounts.find_one({'_id': ObjectId(str(request.json['user_id']))})
if not user:
message = "user not found in database records"
abort(400, message)
if user['email_confirmed']:
message = "email already confirmed."
abort(400, message)
user = accounts.find_one({
'_id': ObjectId(str(request.json['user_id'])),
"tokens.registration": request.json['token']
})
if not user:
message = "invalid token or user_id."
abort(400, message)
LOGGER.info("found user for forgot password:{0}".format(user))
accounts.update(
{'_id': ObjectId(str(request.json['user_id']))},
{"$set": {
'tokens.registration': "",
"email_confirmed": True
}})
message = "email has been confirmed."
response = jsonify(error='', data=message)
response.status_code = 200
return response
def forgotpassword():
try:
if 'email' not in request.json:
raise ReturnException(message="email not found in payload",
status_code=400)
LOGGER.info("payload email is:{0}".format(request.json['email']))
accounts = app.data.driver.db['persons']
user = accounts.find_one({'email': request.json['email']})
if not user:
raise ReturnException(message="email not found in database.",
status_code=400,
payload=request.json)
LOGGER.info("found user for forgot password:{0}".format(user))
token = str(uuid.uuid4())
if user['tokens']['forgot_password']:
token = str(user['tokens']['forgot_password'])
LOGGER.info(
"updating forgot password token:{0} for user id:{1}".format(
token, user['_id']))
accounts.update({'_id': ObjectId(str(user['_id']))},
{'$set': {
'tokens.forgot_password': token
}})
# forgot password email code.
if send_dl_emails(
title=CONFIG_DATA['FORGOT_PASSWORD_TITLE'],
recipients=[request.json['email']],
sender=CONFIG_DATA['FAB_SUPPORT_TEAM'],
user_id=str(user['_id']),
email=user['email'],
first_name=user['first_name'],
last_name=user['last_name'],
token=token,
server_url=SERVER_URL,
template=CONFIG_DATA['FORGOT_PASSWORD_EMAIL_TEMPLATE']):
response = jsonify(error='',
data={
"token": token,
"user_id": str(user['_id'])
})
response.status_code = 200
return response
else:
accounts.update({'_id': ObjectId(str(user['_id']))},
{'$set': {
'tokens.forgot_password': ""
}})
abort(500,
"failed to send forgot password email, please try again...")
except Exception as e:
LOGGER.error(str(e))
abort(401, str(e))
def change_password():
if 'user_id' not in request.json:
message = "user_id not found in payload"
abort(400, message)
if 'token' not in request.json:
message = "token not found in payload"
abort(400, message)
if 'new_password' not in request.json:
message = "new_password not found in payload"
abort(400, message)
LOGGER.info("payload is:{0}".format(request.json))
accounts = app.data.driver.db['persons']
q = {'_id': ObjectId(str(request.json['user_id']))}
LOGGER.info("find query:{}".format(q))
user = accounts.find_one(q)
if user and 'tokens' in user and 'login' in user['tokens'] and user[
'tokens']['login']:
if str(user['_id']) != str(request.json['user_id']):
message = "something went wrong, please login and logout"
abort(400, message)
else:
q.update({"tokens.forgot_password": request.json['token']})
user = accounts.find_one(q)
if not user:
message = "invalid token or user_id."
abort(400, message)
LOGGER.info("found user for forgot password:{0}".format(user))
payload = {
'password': {
'password':
str(generate_password_hash(request.json['new_password'])),
'password_raw': str(request.json['new_password']),
'last_password_updated_date': datetime.now()
}
}
accounts.update({'_id': ObjectId(str(user['_id']))},
{'$set': {
'tokens.forgot_password': ""
}})
accounts.update({'_id': ObjectId(str(user['_id']))}, {'$set': payload})
response = jsonify(error='',
data={
"new_password": request.json['new_password'],
"message": "password has been changed."
})
response.status_code = 200
return response
def signup():
items = request.json
if not isinstance(items, list):
abort(400, 'payload should be list')
for payload in items:
LOGGER.info("signup payload request:{0}".format(payload))
if 'password' not in payload:
message = '{0} field not found in input payload'.format(
'password', payload)
abort(400, message)
if 'admin_creation_token' in payload:
admin_creation_token = payload['admin_creation_token']
del payload['admin_creation_token']
else:
admin_creation_token = None
payload['password'] = {
'password': str(generate_password_hash(payload['password'])),
'password_raw': str(payload['password']),
'last_password_updated_date': datetime.now()
}
payload['tokens'] = {
'registration': '',
'login': '',
'forgot_password': ''
}
payload['created_date'] = datetime.now()
payload['email_confirmed'] = False
if admin_creation_token and admin_creation_token == PASSWORD_CRYPTION_TOKEN:
payload['email_confirmed'] = True
payload['pictures'] = {'thumbnail': '', 'large': '', 'medium': ''}
payload['modified_date'] = datetime.now()
payload['status'] = 'active'
# check logged user can assign role or not otherwise default role will be 'user'
can_assign = False
if 'user_level' in payload and 'loggin_token' in payload:
user = accounts.find_one(
{"tokens.login": str(payload['login_token'])})
if user and user['user_level'] in CONFIG_DATA['CREATE_USER_ROLES']:
can_assign = True
if not can_assign:
payload['user_level'] = "user"
if admin_creation_token and admin_creation_token == PASSWORD_CRYPTION_TOKEN:
payload['user_level'] = "admin"
validation = Validations('persons')
violations = validation.validate_schema(payload, ['default', 'unique'])
if violations:
abort(400, str(violations))
accounts = app.data.driver.db['persons']
user = accounts.find_one({'email': payload['email']})
if user:
abort(400, "email:{0} already exists.".format(user['email']))
user = accounts.find_one({'mobile_number': payload['mobile_number']})
if user:
abort(
400, "mobile_number:{0} already exists.".format(
user['mobile_number']))
try:
user_id = str(accounts.insert(payload))
LOGGER.info("user successfully created:{0}".format(user_id))
#####################################################################
# if user creation failed, don't send email and remove created user
#####################################################################
if admin_creation_token and admin_creation_token == PASSWORD_CRYPTION_TOKEN:
if send_admin_emails(
title=CONFIG_DATA['ADMIN_CREATION_TITLE'],
recipients=[payload['email']],
sender=CONFIG_DATA['FAB_SUPPORT_TEAM'],
user_id=user_id,
email=payload['email'],
first_name=payload['first_name'],
template=CONFIG_DATA['ADMIN_CREATION_EMAIL_TEMPLATE']):
payload['mail_sent'] = True
payload['main_sent_error'] = ''
payload['is_created'] = True
payload['_id'] = str(user_id)
else:
accounts.remove({'_id': ObjectId(user_id)})
payload['mail_sent'] = False
payload['is_created'] = False
payload[
'main_sent_error'] = "failed to send registration email, please try again..."
else:
################################################
# normal user signup not admin
################################################
registration_token = str(uuid.uuid4())
LOGGER.info(
"updating registration token:{0} for user id:{1}".format(
registration_token, user_id))
accounts.update(
{'_id': ObjectId(user_id)},
{'$set': {
'tokens.registration': registration_token
}})
# registration email code.
if send_dl_emails(
title=CONFIG_DATA['REGISTRATION_TITLE'],
recipients=[payload['email']],
sender=CONFIG_DATA['FAB_SUPPORT_TEAM'],
user_id=str(user_id),
email=payload['email'],
first_name=payload['first_name'],
token=registration_token,
server_url=SERVER_URL,
template=CONFIG_DATA['REGISTRATION_EMAIL_TEMPLATE']):
payload['mail_sent'] = True
payload['main_sent_error'] = ''
payload['is_created'] = True
payload['_id'] = str(user_id)
else:
accounts.remove({'_id': ObjectId(user_id)})
payload['mail_sent'] = False
payload['is_created'] = False
payload[
'main_sent_error'] = "failed to send registration email, please try again..."
payload['error'] = ''
print(payload, '********************')
except Exception as e:
accounts.remove({'_id': ObjectId(user_id)})
LOGGER.error("got exception in signup:{0}".format(e))
payload['is_created'] = False
payload['error'] = str(e)
response = jsonify(errors=[], data=items)
response.status_code = 201
return response
def API():
LOGGER.info("called api/1.0")
data = {"name": "digital-library-api", "version": "1.0"}
response = jsonify(data=data)
response.status_code = 200
return response
def fallback(dummy):
LOGGER.info("called dummy end point:{}".format(dummy))
if dummy == 'admin':
return app.send_static_file('public/admin/index.html')
return app.send_static_file('public/customer/index.html')
def admin_fallback(dummy):
LOGGER.info("called Admin dummy end point:{}".format(dummy))
return app.send_static_file('public/admin/index.html')
def admin_index():
LOGGER.info("called ADMIN panel index point")
return app.send_static_file('public/admin/index.html')
def customer_index():
LOGGER.info("called Customer panel index point")
return app.send_static_file('public/customer/index.html')