def post(self, **kwargs):
args = login_parser.parse_args()
username, password = args["username"], args["password"]
user_obj = User()
try:
user = user_obj.get_by_username(username)
# compare input password with password in db
if bcrypt.checkpw(password.encode('utf8'),
bytes(user.password.encode())):
login_user(user)
# if login success save login history
login_history = LoginHistory(user=user.dbUser)
login_history.save()
user_id = str(user.id)
data = {
"success": True,
"id": user_id,
"role": user.user_role,
"next": url_for('bp_index.show')
}
return data, 200
else:
data = {
"success": False,
"error": "Wrong username or password"
}
return data, 401
except Exception as exc:
logger.info("error {}".format(exc))
data = {"success": False, "error": "login failed"}
return data, 401
def post(self, **kwargs):
args = login_parser.parse_args()
username, password = args["username"], args["password"]
user_obj = User()
try:
user = user_obj.get_by_username(username)
# compare input password with password in db
if bcrypt.checkpw(password.encode('utf8'),
bytes(user.password.encode())):
login_user(user)
# if login success save login history
login_history = LoginHistory(user=user.dbUser)
login_history.save()
user_id = str(user.id)
data = {
"success": True,
"id": user_id,
"next": url_for('bp_index.show')
}
return data, 200
else:
data = {
"success": False,
"error": "Wrong username or password"
}
return data, 401
except Exception as exc:
logger.info("error {}".format(exc))
data = {
"success": False,
"error": "login failed"
}
return data, 401
def post(self, **kwargs):
args = user_create_parser.parse_args()
username, password = args["username"], args["password"]
role, active = args["role"], args["active"]
balance = args["balance"]
active = active == "true"
salt = app.config.get("SALT", b"")
password = bcrypt.hashpw(password.encode('utf8'), bytes(salt.encode()))
status = "OK"
user_id = ""
try:
user = User(username,
password,
is_admin=role == ADMIN,
role=role,
active=active,
balance=balance)
user.save()
user_id = user.id
except Exception as exc:
logger.error("exc %s", exc)
status = "FAIL"
return {"status": status, "id": user_id}, 200
def post(self, **kwargs):
args = register_parser.parse_args()
username, password = args["username"], args["password"]
salt = app.config.get("SALT", b"")
password = bcrypt.hashpw(password.encode('utf8'), bytes(salt.encode()))
default_active = not ENABLE_EMAIL_ACTIVE
try:
user = User(username, password, active=default_active)
user_id = user.save()
user = user.get_by_id(user_id)
data = {
"username": user.username,
"apikey": str(user.id),
"isActivated": user.active,
"balance": user.balance,
"success": True
}
return data, 200
except Exception as exc:
logger.error("exc %s", exc)
data = {
"success": False,
"error": "register failed"
}
return data, 400
def post(self, username):
args = user_password_parser.parse_args()
new_password = args["password"]
curUser = args["curUser"]
curPassword = args["curPassword"]
op_log_handler = OperatorLogHandler()
opName = 'ResetUserPassword'
opObject = "User"
operator = "admin"
opDetails = {}
opDetails['username'] = username
cur_time = datetime.datetime.utcnow()
user_obj = User()
userCurrent = user_obj.get_by_username(curUser)
# compare input password with password in db
if not bcrypt.checkpw(curPassword.encode('utf8'),
bytes(userCurrent.dbUser.password.encode())):
error_msg = "Wrong password"
op_log_handler.record_operating_log(opDate=cur_time,
opName=opName,
opObject=opObject,
resCode=400,
operator=operator,
errorMsg=error_msg,
opDetails=opDetails)
return {"error": "Wrong password", "success": False}, 400
user = user_obj.get_by_username(username)
if not user:
error_msg = "No such User"
op_log_handler.record_operating_log(opDate=cur_time,
opName=opName,
opObject=opObject,
resCode=400,
operator=operator,
errorMsg=error_msg,
opDetails=opDetails)
return {"error": "No such User", "success": False}, 400
salt = app.config.get("SALT", b"")
# reset user's passwordop_log_handler = OperatorLogHandler()
new_password = bcrypt.hashpw(new_password.encode('utf8'),
bytes(salt.encode()))
user.update_password(new_password.decode())
data = {"success": True}
op_log_handler.record_operating_log(opDate=cur_time,
opName=opName,
opObject=opObject,
resCode=200,
operator=operator,
opDetails=opDetails)
return data, 200
def post(self, user_id):
args = user_password_parser.parse_args()
origin_password, new_password = \
args["old_password"], args["new_password"]
op_log_handler = OperatorLogHandler()
opName = 'ChangePassword'
opObject = "User"
opDetails = {}
cur_time = datetime.datetime.utcnow()
user_obj = User()
user = user_obj.get_by_id(user_id)
operator = user.username
if not user:
error_msg = "No such User"
op_log_handler.record_operating_log(opDate=cur_time,
opName=opName,
opObject=opObject,
resCode=400,
operator=operator,
errorMsg=error_msg,
opDetails=opDetails)
return {"error": "No such User", "success": False}, 400
salt = app.config.get("SALT", b"")
password = bcrypt.hashpw(origin_password.encode('utf8'),
bytes(salt.encode()))
if not password.decode() == user.dbUser.password:
error_msg = "Invalid origin password"
op_log_handler.record_operating_log(opDate=cur_time,
opName=opName,
opObject=opObject,
resCode=400,
operator=operator,
errorMsg=error_msg,
opDetails=opDetails)
return {"error": "Invalid origin password", "success": False}, 400
new_password = bcrypt.hashpw(new_password.encode('utf8'),
bytes(salt.encode()))
user.update_password(new_password.decode())
data = {"success": True}
op_log_handler.record_operating_log(opDate=cur_time,
opName=opName,
opObject=opObject,
resCode=200,
operator=operator,
opDetails=opDetails)
return data, 200
def post(self, **kwargs):
# add operating log
cur_time = datetime.datetime.utcnow()
opName = 'CreateUser'
opObject = "User"
operator = "admin"
opDetails = {}
op_log_handler = OperatorLogHandler()
args = user_create_parser.parse_args()
username, password = args["username"], args["password"]
opDetails['username'] = username
role, active = args["role"], args["active"]
balance = args["balance"]
active = active == "true"
salt = app.config.get("SALT", b"")
password = bcrypt.hashpw(password.encode('utf8'), bytes(salt.encode()))
status = "OK"
user_id = ""
try:
user = User(username,
password,
is_admin=role == ADMIN,
role=role,
active=active,
balance=balance)
user.save()
user_id = user.id
op_log_handler.record_operating_log(opDate=cur_time,
opName=opName,
opObject=opObject,
resCode=200,
operator=operator,
opDetails=opDetails)
except Exception as exc:
logger.error("exc %s", exc)
error_msg = "Fail to create user"
status = "FAIL"
op_log_handler.record_operating_log(opDate=cur_time,
opName=opName,
opObject=opObject,
resCode=500,
operator=operator,
errorMsg=error_msg,
opDetails=opDetails)
return {"status": status, "id": user_id}, 200
def get(self, user_id):
user_obj = User()
user = user_obj.get_by_id(user_id)
if not user:
return {"error": "No such User", "success": False}, 400
data = {
"username": user.username,
"apikey": str(user.id),
"isActivated": user.active,
"balance": user.balance,
"success": True
}
return data, 200
def main():
HOME_DIRECTORY = os.path.expanduser("~")
user = User(os.path.join(HOME_DIRECTORY, ".aws", "credentials"))
eth = Eth(os.path.join(HOME_DIRECTORY, ".aws", "eth_credentials"))
backupProgram = BackupProgram(user, eth)
backupProgram.run()
def post(self, user_id):
args = user_password_parser.parse_args()
new_password = args["new_password"]
user_obj = User()
user = user_obj.get_by_id(user_id)
if not user:
return {"error": "No such User", "success": False}, 400
salt = app.config.get("SALT", b"")
new_password = bcrypt.hashpw(new_password.encode('utf8'),
bytes(salt.encode()))
user.update_password(new_password.decode())
data = {"success": True}
return data, 200
def put(self, user_id):
"""
Update user profile
:param user_id: user id of User to update profile
:return: api response, status code
"""
args = update_profile_parser.parse_args()
name, email_addr = args["name"], args["email"]
bio, url = args["bio"], args["url"]
location = args["location"]
user_obj = User()
user = user_obj.get_by_id(user_id)
if not user:
return {"error": "No such User", "success": False}, 400
else:
user.update_profile(name=name, email=email_addr,
bio=bio, url=url, location=location)
return {"success": True}, 200
def post(self, user_id):
args = user_password_parser.parse_args()
new_password = args["new_password"]
user_obj = User()
user = user_obj.get_by_id(user_id)
if not user:
return {"error": "No such User", "success": False}, 400
salt = app.config.get("SALT", b"")
new_password = bcrypt.hashpw(new_password.encode('utf8'),
bytes(salt.encode()))
user.update_password(new_password.decode())
data = {
"success": True
}
return data, 200
def put(self, user_id):
"""
Update user profile
:param user_id: user id of User to update profile
:return: api response, status code
"""
args = update_profile_parser.parse_args()
name, email_addr = args["name"], args["email"]
bio, url = args["bio"], args["url"]
location = args["location"]
user_obj = User()
user = user_obj.get_by_id(user_id)
if not user:
return {"error": "No such User", "success": False}, 400
else:
user.update_profile(name=name,
email=email_addr,
bio=bio,
url=url,
location=location)
return {"success": True}, 200
def post(self, **kwargs):
args = user_create_parser.parse_args()
username, password = args["username"], args["password"]
role, active = args["role"], args["active"]
balance = args["balance"]
active = active == "true"
salt = app.config.get("SALT", b"")
password = bcrypt.hashpw(password.encode('utf8'), bytes(salt.encode()))
status = "OK"
user_id = ""
try:
user = User(username, password, is_admin=role == ADMIN,
role=role, active=active, balance=balance)
user.save()
user_id = user.id
except Exception as exc:
logger.error("exc %s", exc)
status = "FAIL"
return {"status": status, "id": user_id}, 200
def post(self):
args = register_parser.parse_args()
mobile = args.get('mobile')
email = args.get('email')
# 验证手机格式
if not re.match('^1[3456789]\d{9}$', mobile):
return {'stat': '400', 'msg': '手机号格式错误'}
if not re.match(
'^[a-zA-Z0-9_.-]+@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)*\.[a-zA-Z0-9]{2,6}$',
email):
return {'stat': '400', 'msg': '邮箱格式错误'}
# 验证手机是否存在
try:
user = User().get_by_mobile(mobile)
if user:
return {'stat': '400', 'msg': '该手机号已提交申请,请耐心等待审核!'}
except Exception as e:
logger.error(e)
return {'stat': '400', 'msg': '读取数据库错误'}
# 存储用户
args['password'] = mobile[-6:]
try:
user = User(**args, role=1)
user.save()
except Exception as e:
logger.error(e)
return {'stat': '400', 'msg': '数据库存储错误'}
data = {"stat": 200, 'msg': '申请成功'}
return data
def post(self, **kwargs):
args = register_parser.parse_args()
username, password = args["username"], args["password"]
salt = app.config.get("SALT", b"")
password = bcrypt.hashpw(password.encode('utf8'), bytes(salt.encode()))
try:
user = User(username, password)
user_id = user.save()
user = user.get_by_id(user_id)
data = {
"username": user.username,
"apikey": str(user.id),
"isActivated": user.active,
"balance": user.balance,
"success": True
}
return data, 200
except Exception as exc:
logger.error("exc %s", exc)
data = {"success": False, "error": "register failed"}
return data, 400
def get(self):
"""
search user with username
If user is existed return user info
else return user_exists False
:return:
"""
args = user_search_parser.parse_args()
username = args["username"]
user_obj = User()
user = user_obj.get_by_username(username)
if not user:
return {"user_exists": False}, 200
data = {
"username": user.username,
"apikey": str(user.id),
"isActivated": user.active,
"balance": user.balance,
"user_exists": True
}
return data, 200
def post(self):
args = user_password_parser.parse_args()
origin_password, new_password, new_password2 = \
args["origin_password"], args["new_password"], args["new_password2"]
if new_password != new_password2:
return {'stat': -1, 'msg': '两次密码输入不一致'}
user_obj = User()
user = user_obj.get_by_id(current_identity.id)
if not user:
return {"msg": "用户不存在", "stat": -1}, 400
if user.check_password(user.dbUser.password, origin_password):
return {"msg": "原始密码错误", "stat": -1}, 400
password = user.set_password(new_password)
user.update_password(password)
data = {
'id': user.id,
"stat": -1,
'msg': '密码修改成功'
}
return data, 200
def get(self, user_id):
"""
Get user profile information
:param user_id: user id of User to query
:return: profile data, status code
"""
user_obj = User()
user = user_obj.get_by_id(user_id)
if not user:
return {"error": "No such User", "success": False}, 400
data = {
"result": {
"username": user.username,
"name": user.profile.name if user.profile else "",
"email": user.profile.email if user.profile else "",
"bio": user.profile.bio if user.profile else "",
"url": user.profile.url if user.profile else "",
"location": user.profile.location if user.profile else "",
},
"success": True
}
return data, 200
def get(self, user_id):
"""
Get user profile information
:param user_id: user id of User to query
:return: profile data, status code
"""
user_obj = User()
user = user_obj.get_by_id(user_id)
if not user:
return {"error": "No such User", "success": False}, 400
data = {
"result": {
"username": user.username,
"name": user.profile.name if user.profile else "",
"email": user.profile.email if user.profile else "",
"bio": user.profile.bio if user.profile else "",
"url": user.profile.url if user.profile else "",
"location": user.profile.location if user.profile else "",
},
"success": True
}
return data, 200
def put(self):
args = user_update_parser.parse_args()
password = args.get('password')
password2 = args.get('password2')
user_id = args.get('user_id')
apply_stat = args.get('apply_stat')
if password and password2:
if password2 == password:
hash_password = User.set_password(password)
args['password'] = hash_password
args['password2'] = None
else:
data = {'stat': 400, 'msg': '密码不一致'}
return data
elif password or password2:
data = {'stat': 400, 'msg': '缺少参数'}
return data
if apply_stat and int(apply_stat) == 1:
try:
user = UserModel.objects.get(id=user_id)
except Exception as e:
logger.error(e)
return {'msg': '用户不存在'}
mobile = user.mobile
# salt = ''.join(random.sample(string.ascii_letters + string.digits, 8))
# args['password'] = User.set_password(salt)
send_sms(mobile, str(mobile)[-6:])
args['user_id'] = None
update_fields = {arg: args[arg] for arg in args if args.get(arg)}
try:
UserModel.objects(id=user_id).update(**update_fields)
except Exception as exc:
logger.warning(exc)
return {'stat': 400, 'msg': '更新数据库失败'}
data = {'msg': '更新成功'}
return data
def post(self):
args = login_parser.parse_args()
mobile, password = args["mobile"], args["password"]
if not re.match('^1[3456789]\d{9}$', mobile):
return {'stat': '400', 'msg': '手机号格式错误'}
user_obj = User()
try:
user = user_obj.get_by_mobile(mobile)
if not user:
return {'stat': '400', 'msg': '用户不存在'}
logger.info('stat:{}'.format(user.apply_stat))
# compare input password with password in db
# if user.apply_stat == 0:
# return {'stat': '-1', 'msg': '正在审核中'}, 400
# elif user.apply_stat == -1:
# return {'stat': '-1', 'msg': '审核未通过'}, 400
#
if int(user.dbUser.apply_stat) == 0:
return {'stat': '400', 'msg': '审核中'}
if str(user.dbUser.apply_stat) == '-1':
return {'stat': '400', 'msg': '审核未通过'}
if user.check_password(user.password, password) and user.active:
# login_user(user)
# if login success save login history
# login_history = LoginHistory(user=user.dbUser)
# login_history.save()
user_id = str(user.id)
user_info = {
'id': user_id,
'username': user.username,
'mobile': user.mobile,
'isAdmin': user.isAdmin,
'role': user.role
}
token = jwt_encoding(user_info)
user_orgs_id = user.dbUser.orgs
cluster_id = ''
channel_id = ''
org_id = ''
if user_orgs_id:
logger.info('user_orgs_id:{}'.format(user_orgs_id))
org = OrgModel.objects.get(id=user_orgs_id[0])
cluster = org.cluster
channel = Channel.objects.get(cluster=cluster)
org_id = org.alias
cluster_id = str(cluster.id)
# channel_id = str(channel.id)
channel_id = channel.alias
result = {
'id': user_id,
'role': user.dbUser.role,
'username': user.dbUser.username,
'mobile': user.dbUser.mobile,
'company': user.dbUser.company,
'department': user.dbUser.department,
'active': user.dbUser.active,
'apply_stat': user.dbUser.apply_stat,
'isAdmin': user.dbUser.isAdmin,
'org_id': org_id,
'cluster_id': cluster_id,
'channel_id': channel_id
}
data = {
"stat": 200,
'data': {
'token': token,
'user_info': result
},
'msg': '登录成功'
}
return data
else:
data = {"stat": 401, "msg": "手机号或密码错误"}
return data
except Exception as exc:
logger.info("error {}".format(exc))
data = {"stat": 401, "msg": "登录失败"}
return data
def post(self):
user = utils._get_user()
user_id = str(user.dbUser.id)
args = user_create_parser.parse_args()
mobile = args.get('mobile')
email = args.get('email')
password = args.get('password')
org_id = args.get('org_id')
channel_id = args.get('channel_id')
cluster_id = args.get('cluster_id')
is_admin = args.get('is_admin', False)
if mobile:
if not re.match('^1[3456789]\d{9}$', mobile):
return {'stat': '400', 'msg': '手机号格式错误'}
if email:
if not re.match('^[a-zA-Z0-9_.-]+@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)*\.[a-zA-Z0-9]{2,6}$', email):
return {'stat': '400', 'msg': '邮箱格式错误'}
try:
user = UserModel.objects.get(mobile=mobile)
if user:
return {'stat': "400", 'msg': "手机号已存在"}
except Exception as exc:
logger.error(exc)
pass
try:
cluster = ClusterModel.objects.get(id=cluster_id)
org = OrgModel.objects.get(cluster=cluster, org_type='peer',alias=org_id)
except Exception as e:
logger.error(e)
return {'msg': '组织不存在', 'stat': 400}
try:
ChannelModel.objects.get(cluster=cluster, alias=channel_id)
except Exception as e:
logger.error(e)
return {'msg': '通道不存在', 'stat': 400}
args['password'] = User.set_password(password)
# args['orgs'] = [org_id]
args.pop('org_id')
args.pop('channel_id')
args.pop('is_admin')
args.pop('cluster_id')
if int(is_admin) == 1:
role = 2
else:
role = 3
try:
new_user = UserModel(**args, orgs=[org.id], apply_stat=1, active=True, role=role)
new_user.save()
except Exception as exc:
logger.error("exc %s", exc)
return {'stat': "-1", 'msg': "存储数据库失败"}
body = {
"BlockchainSign": str(org.cluster.id),
"ChannelId": channel_id,
"OrgId": str(org_id),
"UserId": str(new_user.id)
}
logger.info('add user info:{}'.format(body))
if not send_new_user_info(str(user_id), body=body):
new_user.delete()
return {'stat': 400, 'msg': '添加用户失败'}
org.update(add_to_set__users=[new_user])
data = {
'stat': 200,
'msg': '成功'
}
return data
def get(self):
# user = utils._get_user()
args = user_list_parser.parse_args()
page = args['pageNo']
per_page = args['pageSize']
mobile = args.get('mobile')
if mobile:
user = User().get_by_mobile(mobile)
# print(user.id)
user_info = {
'user_id': str(user.id),
'username': user.username,
'mobile': mobile
}
data = {'stat': 200, 'data': user_info, 'msg': '成功'}
return data
# sort_columns = 'timestamp'
# sort_columns = sort_columns.split(" ")
# sort_str = ''
# if len(sort_columns) > 1:
# sort_type = sort_columns[1]
# sort_field = sort_columns[0]
# if sort_type == "desc":
# sort_str = "-%s" % sort_field
# else:
# sort_str = sort_field
offset = (page - 1) * per_page
user_count = UserModel.objects.all().count() - 1
users = \
UserModel.objects(role__ne=0).skip(offset).limit(per_page).order_by('-timestamp')
users_list = []
sequence_num = (page * per_page) - (per_page - 1)
for user in users:
user_info = {
'id': sequence_num,
"user_id": str(user.id),
"username": user.username,
"mobile": user.mobile,
"company": user.company,
"department": user.department,
'email': user.email,
"reason": user.reason,
"isAdmin": user.isAdmin,
"apply_stat": user.apply_stat,
'role': user.role,
"active": user.active,
"timestamp": user.timestamp.strftime("%Y-%m-%d %H:%M:%S"),
}
users_list.append(user_info)
sequence_num += 1
result = {
"users": users_list,
"totalCount": user_count,
"pageSize": per_page,
"pageNo": page
}
data = {'stat': 200, 'data': result, 'msg': '成功'}
return data