def password_change(self, new_password):
from pyclaim.domain.aggregates.token.model.token import Token
self.user_name = user_reader.user_name_get_by_id(self._id)
bcrypt = Bcrypt(None)
password_hash = bcrypt.generate_password_hash(new_password)
self.password = password_hash
user_writer.password_change(self._id, password_hash)
Token.remove_by_user_id(self._id)
def password_remember(user_name):
from pyclaim.domain.aggregates.token.model.token import Token
user = User.get_by_user_name(user_name)
new_password = str(randint(10000000, 99999999))
bcrypt = Bcrypt(None)
password_hash = bcrypt.generate_password_hash(new_password)
user.password = new_password
user_writer.password_change(user._id, password_hash)
Token.remove_by_user_id(user._id)
return user
def execute(self):
from pyclaim.domain.aggregates.token.model.token import Token
from pyclaim.domain.aggregates.user.model.user import User
from pyclaim.domain.aggregates.resource.model.resource import Resource
token = Token.get_by_id(self.token_id)
if not token:
return "Not Authenticated"
user = User.get_by_id(token.user_id)
if not user:
return "Not Authenticated"
if user.is_sys_admin():
return "Authorized"
resource = Resource.get_by_name(self.resource_name)
if not resource:
return "Not Authorized"
for user_claim in user.claims:
for resource_claim in resource.claims:
if (
resource_claim["claim_type"]["_id"] == user_claim["claim_type"]["_id"]
and resource_claim["value"] == user_claim["value"]
):
return "Authorized"
return "Not Authorized"
def execute(self):
from pyclaim.domain.aggregates.token.model.token import Token
token = Token.get_by_id(self.token_id)
token_detail = None
if token:
token_detail = TokenDetail.create_from_token(token)
return token_detail
def execute(self):
from pyclaim.domain.aggregates.user.model.user import User
from pyclaim.domain.aggregates.token.model.token import Token
user = User.get_by_user_name_and_password(self.user_name, self.password)
if user is None:
result = UserErrorCodes.USER_NOT_AVAILABLE
result["data"] = "user_name: %s" % self.user_name
raise ValidationException([result])
if not user.is_inoperable():
user_token = Token.generate(user._id)
token = {"token_id": user_token.token_id,
"user_id": user_token.user_id,
"is_sys_admin": user.is_sys_admin()
}
object_coder = ObjectCoder(Config().secret_key)
hashed_token = object_coder.encode(token)
login_info = {"token": hashed_token, "user_id": user._id}
else:
result = UserErrorCodes.DEACTIVATED_USER
result["data"] = "user_name: %s" % self.user_name
raise ValidationException([result])
return login_info
def remove(self):
from pyclaim.domain.aggregates.token.model.token import Token
user_writer.delete(self._id)
Token.remove_by_user_id(self._id)
def password_change(self, new_password):
from pyclaim.domain.aggregates.token.model.token import Token
self.user_name = user_reader.user_name_get_by_id(self._id)
user_writer.password_change(self._id, new_password)
Token.remove_by_user_id(self._id)
def password_remember(user_name):
from pyclaim.domain.aggregates.token.model.token import Token
user = User.get_by_user_name(user_name)
Token.remove_by_user_id(user._id)
return user
def execute(self):
from pyclaim.domain.aggregates.token.model.token import Token
Token.remove_by_user_id(self.user_id)
def execute(self):
from pyclaim.domain.aggregates.token.model.token import Token
decrypted_token = ObjectCoder(Config().secret_key).decode(self.token)
token_id = decrypted_token["token_id"]
Token.remove(token_id)
return "Done"
def execute(self):
from pyclaim.domain.aggregates.token.app.v1_0.rest.view_model.detail.token import TokenDetail
from pyclaim.domain.aggregates.token.model.token import Token
token = Token.generate(self.user_id)
token_detail = TokenDetail.create_from_token(token)
return token_detail
def execute(self):
from pyclaim.domain.aggregates.token.model.token import Token
return Token.exist(self.token_id)