def _login(username, password):
try:
odb_user = utils.neo4j_api_call('/users', {
"email": username,
}, 'GET')[0]
except NotFound:
# NOTE(apugachev) ODB returns 404 for non-existing email, lol.
return False
if not (odb_user['passwordHash'] ==
utils.create_hashed_password(password)):
return False
username = odb_user['username']
# NOTE(apugachev)
# odb username is Keystone user name
# password is the same as Keystone password
try:
clients.create_unscoped(username, password)
except Unauthorized:
return False
flask.session['user'] = (
flask.session['keystone_unscoped']['access']['user'])
flask.g.is_authenticated = True
flask.flash('You were logged in successfully.', 'success')
user_tenants = utils.user_tenants_list(
utils.get_keystone_user_by_username(username))
flask.session['tenants'] = user_tenants
# NOTE(apugachev)
# Principal identity name is Keystone user id
principal.identity_changed.send(
focus.app,
identity=principal.Identity(
flask.session['keystone_unscoped'][
'access']['user']['id']))
return True
def _login(username, password):
try:
odb_user = utils.neo4j_api_call('/users', {
"email": username,
}, 'GET')[0]
except NotFound:
# NOTE(apugachev) ODB returns 404 for non-existing email, lol.
return False
if not (odb_user['passwordHash']
== utils.create_hashed_password(password)):
return False
username = odb_user['username']
# NOTE(apugachev)
# odb username is Keystone user name
# password is the same as Keystone password
try:
clients.create_unscoped(username, password)
except Unauthorized:
return False
flask.session['user'] = (
flask.session['keystone_unscoped']['access']['user'])
flask.g.is_authenticated = True
flask.flash('You were logged in successfully.', 'success')
user_tenants = utils.user_tenants_list(
utils.get_keystone_user_by_username(username))
flask.session['tenants'] = user_tenants
# NOTE(apugachev)
# Principal identity name is Keystone user id
principal.identity_changed.send(
focus.app,
identity=principal.Identity(
flask.session['keystone_unscoped']['access']['user']['id']))
return True
def password_recovery_finish(recovery_hash):
"""
This will be called after user clicked link in email.
"""
try:
id, email, hash_code, complete = \
row_mysql_queries.get_recovery_request_by_hash(recovery_hash)
except TypeError:
# db returns None
flask.abort(404)
if complete == 1:
flask.flash('Password recovery token is expired', 'error')
return flask.redirect(flask.url_for('dashboard'))
odb_user = utils.neo4j_api_call('/users', {"email": email}, 'GET')[0]
new_hash = str(uuid.uuid4())
# set trash password in keystone
keystone_user = utils.get_keystone_user_by_username(odb_user['username'])
clients.admin_clients().keystone.users.update_password(keystone_user,
new_hash)
# set trash password in odb
utils.neo4j_api_call('/users', {
'id': odb_user['id'],
'login': odb_user['login'],
'username': odb_user['username'],
'email': odb_user['email'],
'passwordHash': utils.create_hashed_password(new_hash)},
'PUT')
# send trash password back to user
msg = mail.Message('Password recovery', recipients=[odb_user['email']])
msg.body = flask.render_template('RecoveryPasswordFinishEmail/body.txt',
new_pass=new_hash)
utils.send_msg(msg)
flask.flash('New password was sent to you', 'success')
return flask.redirect(flask.url_for('dashboard'))
def password_recovery_finish(recovery_hash):
"""
This will be called after user clicked link in email.
"""
try:
id, email, hash_code, complete = \
row_mysql_queries.get_recovery_request_by_hash(recovery_hash)
except TypeError:
# db returns None
flask.abort(404)
if complete == 1:
flask.flash('Password recovery token is expired', 'error')
return flask.redirect(flask.url_for('dashboard'))
odb_user = utils.neo4j_api_call('/users', {"email": email}, 'GET')[0]
new_hash = str(uuid.uuid4())
# set trash password in keystone
keystone_user = utils.get_keystone_user_by_username(odb_user['username'])
clients.admin_clients().keystone.users.update_password(
keystone_user, new_hash)
# set trash password in odb
utils.neo4j_api_call(
'/users', {
'id': odb_user['id'],
'login': odb_user['login'],
'username': odb_user['username'],
'email': odb_user['email'],
'passwordHash': utils.create_hashed_password(new_hash)
}, 'PUT')
# send trash password back to user
msg = mail.Message('Password recovery', recipients=[odb_user['email']])
msg.body = flask.render_template('RecoveryPasswordFinishEmail/body.txt',
new_pass=new_hash)
utils.send_msg(msg)
flask.flash('New password was sent to you', 'success')
return flask.redirect(flask.url_for('dashboard'))