def userManagementChangePassword(request, response):
# VARIABLE DECLARATION
userInstance = None
daoInstance = None
try:
#****************************************************************
# Step 1. CHECK IF VALID USER SESSION
#****************************************************************
logging.info("STEP0 - CHECK IF VALID USER....")
userID = request.cookies.get('userID')
sessionToken = request.cookies.get('sessionToken')
UserSessionManager().isValidUser(userID, sessionToken)
# ****************************************************************
# Step 2.READ THE NEW PASS
# ****************************************************************
logging.info("STEP1 - READ PARAMS AND CHECK IF USER ALREADY EXISTS...")
password = request.form.get("password")
from hashlib import sha1
password = sha1(password.encode('ascii')).hexdigest()
daoInstance = UserDAO()
userInstance = daoInstance.findByID(userID)
if userInstance == None:
raise CredentialException(
"The email or password you entered is incorrect.")
# ****************************************************************
# Step 3. UPDATE THE MODEL
# ****************************************************************
userInstance.setPassword(password)
daoInstance.update(userInstance, {})
response.setContent({"success": True})
except CredentialException as ex:
handleException(response, ex, __file__, "userManagementChangePassword",
200)
except Exception as ex:
handleException(response, ex, __file__, "userManagementChangePassword")
finally:
if (daoInstance != None):
daoInstance.closeConnection()
return response
def userManagementSignIn(request, response):
#VARIABLE DECLARATION
userInstance = None
daoInstance = None
try:
#****************************************************************
# Step 1.READ PARAMS AND CHECK IF USER ALREADY EXISTS
#****************************************************************
logging.info("STEP1 - READ PARAMS AND CHECK IF USER ALREADY EXISTS...")
formFields = request.form
email = formFields.get("email")
password = formFields.get("password")
from hashlib import sha1
password = sha1(password.encode('ascii')).hexdigest()
daoInstance = UserDAO()
userInstance = daoInstance.findByEmail(email, {"password": password})
if userInstance == None:
raise CredentialException(
"The email or password you entered is incorrect.")
#TODO: LINK PARA ACTIVAR CUENTAS
# elif userInstance.isActivated() == False:
# raise CredentialException("Account not activated, please check your email inbox and follow the instructions for account activation.")
logging.info(
"STEP1 - READ PARAMS AND CHECK IF USER ALREADY EXISTS...OK USER EXISTS"
)
#****************************************************************
# Step 2. REGISTER NEW SESSION
#****************************************************************
logging.info("STEP2 - GETTING A NEW SESSION TOKEN...")
sessionToken = UserSessionManager().registerNewUser(
userInstance.getUserId())
#Update the last login date at the database
from time import strftime
today = strftime("%Y%m%d")
userInstance.setLastLogin(today)
daoInstance.update(userInstance, {"fieldList": ["last_login"]})
logging.info("STEP2 - GETTING A NEW SESSION TOKEN...DONE")
#****************************************************************
# Step 3. GET INIT SESSION MESSAGE
#****************************************************************
logging.info("STEP2 - GETTING NEW SESSION MESSAGE...")
daoInstance = MessageDAO()
loginMessage = daoInstance.findByType(message_type="login_message")
response.setContent({
"success": True,
"userID": userInstance.getUserId(),
"userName": userInstance.getUserName(),
"sessionToken": sessionToken,
"loginMessage": loginMessage
})
except CredentialException as ex:
handleException(response, ex, __file__, "userManagementSignIn", 200)
except Exception as ex:
handleException(response, ex, __file__, "userManagementSignIn")
finally:
if (daoInstance != None):
daoInstance.closeConnection()
return response