def create_user_by_account_admin(username, email, is_admin, **kwargs):
user_check_exist_in_user = repositories.user.find_one_by_email_or_username_in_user(
email=email, username=username)
user_check_exist_in_signup = repositories.signup.find_one_by_email_or_username_in_signup_request(
email=email, username=username)
if (user_check_exist_in_user or user_check_exist_in_signup):
raise exceptions.BadRequestException(
message='Username or email already exist')
else:
new_user = repositories.user.add_user_by_username_and_email(
username=username,
email=email,
is_admin=is_admin,
)
if new_user:
print(new_user)
password = new_user['password']
content_mail = "Your Password: "******"New Account", content_mail, email)
if send_mail:
return {'message': 'success'}
else:
raise exceptions.HTTPException(message='Send mail error')
else:
raise exceptions.BadRequestException(message='Database error')
def delete_user_by_account_admin(token, username, email, **kwargs):
try:
data = jwt.decode(token, config.FLASK_APP_SECRET_KEY)
user_admin = repositories.user.find_user_by_id(data['userid'])
if user_admin.is_admin:
if (
user_admin.username != username
or
user_admin.email != email
):
user = repositories.user.find_user_by_username_and_email(username=username, email=email)
if (user):
repositories.user.delete_one_by_email_or_username_in_user(user=user)
return {
'message': 'success'
}
else:
raise exceptions.BadRequestException("Not found user")
else:
raise exceptions.BadRequestException("This is your account, delete error")
else:
raise exceptions.UnAuthorizedException(message='not authorized')
except jwt.ExpiredSignature:
repositories.usertoken.delete_token_by_tokenstring(token)
raise exceptions.UnAuthorizedException('expired token, auto logout')
except jwt.exceptions.InvalidTokenError:
raise exceptions.BadRequestException('Invalid Token')
def inner(*args, **kwargs):
for k, v in kwargs.items():
if (k == "username" and Username(v).is_valid() == False):
raise exceptions.BadRequestException("Data invalid!")
elif (k == "email" and Email(v).is_valid() == False):
raise exceptions.BadRequestException("Data invalid!")
elif (k == "password" and Password(v).is_valid() == False):
raise exceptions.BadRequestException("Data invalid!")
elif (k == "newpassword" and NewPassword(v).is_valid() == False):
raise exceptions.BadRequestException("Data invalid!")
return func(*args, **kwargs)
def decode(access_token):
try:
token_data = jwt.decode(access_token, config.FLASK_APP_SECRET_KEY)
return token_data
except jwt.ExpiredSignature:
delete_signup_request = r.signup.delete.by_token(access_token)
if delete_signup_request:
raise exceptions.UnAuthorizedException('expired token, delete account')
else:
raise exceptions.BadRequestException('database error')
except jwt.exceptions.InvalidTokenError:
raise exceptions.BadRequestException('Invalid Token')
def make_response(token, email):
data_user_info = get_user_info(access_token=token)
if data_user_info['email'] == email:
existed_user = repositories.user.find_one_by_email_or_username_in_user(
email=email, username="")
existed_user_not_verify = repositories.signup.find_one_by_email_or_username_in_signup_request(
email=email, username="")
if (
existed_user
):
user_token = repositories.usertoken.create_token_by_user(existed_user)
timestr = datetime.timestamp(user_token.expired_time)
return {
'token': user_token.token,
'expired_time': timestr,
'username': existed_user.username,
'isAdmin': existed_user.is_admin,
}
elif existed_user_not_verify:
raise exceptions.BadRequestException(
"Email {email} already existed!".format(
email=email
)
)
else:
current_username = email.split('@')[0]
username = create_username(current_username)
password = create_password()
if validate_username_email(username=username, email=email, password=password):
data = {
'username': username,
'email': email,
'password': password,
'is_admin': False,
'is_active': True
}
user = repositories.user.add(data)
if user:
user_token = repositories.usertoken.create_token_by_user(user)
timestr = datetime.timestamp(user_token.expired_time)
return {
'token': user_token.token,
'expired_time': timestr,
'isAdmin': user.is_admin,
}
else:
raise exceptions.BadRequestException('Invalid email')
def exist_username_or_email_in_signup_request(new_username='', new_email=''):
if r.signup.find.by_email_or_username(
username=new_username,
email=new_email,
):
raise e.BadRequestException('User name or email already exist')
else:
return True
def decode(access_token):
try:
return jwt.decode(access_token, config.FLASK_APP_SECRET_KEY)
except jwt.ExpiredSignature:
r.usertoken.delete.by_token_string(access_token)
raise e.UnAuthorizedException('expired token, auto logout')
except jwt.exceptions.InvalidTokenError:
raise e.BadRequestException('invalid token')
def exist_account(username='', email=''):
user = r.user.find.by_username_and_email(
username=username,
email=email,
)
if user:
return user
else:
raise e.BadRequestException("account not exist!")
def decode(access_token=''):
try:
jwt.decode(access_token, config.FLASK_APP_SECRET_KEY)
if r.usertoken.delete.by_token_string(
token_string=access_token
):
return {
"message": "logout success",
}
else:
raise exceptions.BadRequestException('token not exist')
except jwt.ExpiredSignature:
r.usertoken.delete.by_token_string(
token_string=access_token
)
raise exceptions.UnAuthorizedException('expired token, auto logout')
except jwt.exceptions.InvalidTokenError:
raise exceptions.BadRequestException('Invalid Token')
def exist_account(username='', password=''):
account = r.user.find.by_username(username=username)
if account:
if account.check_password(password):
return account
else:
raise exceptions.BadRequestException(message="Password invalid")
else:
raise exceptions.UnAuthorizedException(message="Not found user")
def exist_username_or_email_in_user(
user_id,
new_username='',
new_email='',
):
list_orther_user = r.user.find.list_orther_user(user_id=user_id)
for user in list_orther_user:
if (user.username == new_username or user.email == new_email):
raise e.BadRequestException('User name or email already exist')
return True
def edit_user(old_username, new_username, new_email, is_admin, **kwargs):
user = repositories.user.find_user_by_username(old_username)
if user:
if repositories.user.check_orther_user_had_username_email(
user.id, new_username, new_email):
if (user.username != new_username or user.email != new_email
or user.is_admin != is_admin):
if repositories.user.edit_username_email_is_admin_in_user(
new_username, new_email, is_admin, user):
return {'message': 'edit success'}
else:
raise exceptions.BadRequestException('server error')
else:
raise exceptions.BadRequestException('User Unchanged')
else:
raise exceptions.BadRequestException(
'User name or email already exist')
else:
raise exceptions.BadRequestException('Not found user')
def change_information(
user,
new_username='',
new_email='',
new_is_admin=False,
):
if (user.username == new_username and user.email == new_email
and user.is_admin == new_is_admin):
raise e.BadRequestException('Information Unchanged')
else:
return True
def no_exist_in_user_model(
username='',
email='',
):
if r.user.find.by_email_or_username(
username=username,
email=email,
):
raise e.BadRequestException('Username or email already exist')
else:
return True
def check_token_from_logout_request(tokenstring):
try:
jwt.decode(tokenstring, config.FLASK_APP_SECRET_KEY)
repositories.usertoken.delete_token_by_tokenstring(tokenstring)
return {
"message": "logout success",
}
except jwt.ExpiredSignature:
repositories.usertoken.delete_token_by_tokenstring(tokenstring)
raise exceptions.UnAuthorizedException('expired token, auto logout')
except jwt.exceptions.InvalidTokenError:
raise exceptions.BadRequestException('Invalid Token')
def inner(*args, **kwargs):
for k, v in kwargs.items():
if (
(k == "username" or k == "new_username")
and
False == (Username(v).is_valid())
):
raise exceptions.BadRequestException("Data invalid!")
elif (
(k == "email" or k == "new_email")
and
False == (Email(v).is_valid())
):
raise exceptions.BadRequestException("Data invalid!")
elif (
(k == "password" or k == "new_password")
and
False == (Password(v).is_valid())
):
raise exceptions.BadRequestException("Data invalid!")
return func(*args, **kwargs)
def token_data_with_email(
access_token='',
email='',
):
token_data = tokengoogle.decode(
access_token=access_token
)
if token_data['email'] == email:
return True
else:
raise e.BadRequestException(
message='Invalid email'
)
def verify(token_string):
try:
token_data = jwt.decode(token_string, config.FLASK_APP_SECRET_KEY)
except jwt.ExpiredSignature:
check_del_signup_request = repositories.signup.delete_by_token_in_signup_request(
token_string)
if check_del_signup_request:
raise exceptions.UnAuthorizedException(
'expired token, delete account')
else:
raise exceptions.BadRequestException('database error')
except jwt.exceptions.InvalidTokenError:
raise exceptions.BadRequestException('Invalid Token')
username = token_data["username"]
user = repositories.signup.find_one_by_email_or_username_in_signup_request(
email="", username=username)
if user:
repositories.signup.delete_one_by_email_or_username_in_signup_request(
user)
now = datetime.timestamp(datetime.now())
expired = datetime.timestamp(user.expired_time)
if expired - now >= 0:
#function add info to user and delete Signup_Request
user_in_tb_user = repositories.signup.save_user_to_user(
username=user.username,
email=user.email,
password=user.password_hash)
if user_in_tb_user is None:
raise exceptions.BadRequestException("database error")
else:
repositories.checkhistorypass.save_history_pass(
user_in_tb_user.id, user_in_tb_user.password_hash, True)
return {
'message': 'success',
}
raise exceptions.NotFoundException(message="not found user")
def check_info_and_res(token="", password="", newpassword="", **kwarg):
try:
token_data = jwt.decode(token, config.FLASK_APP_SECRET_KEY)
except jwt.ExpiredSignature:
repositories.usertoken.delete_token_by_tokenstring(token)
raise exceptions.UnAuthorizedException('expired token, auto logout')
except jwt.exceptions.InvalidTokenError:
raise exceptions.BadRequestException('Invalid Token')
user_id = token_data["userid"]
user = repositories.user.find_user_by_id(user_id)
if user is None:
raise exceptions.BadRequestException("User not exist!")
else:
if (user.check_password(password)):
if repositories.changepassword.update_password(newpassword, user):
return {
"message": "Change password success",
}
else:
raise exceptions.UnAuthorizedException(
message="new password equal password")
else:
raise exceptions.UnAuthorizedException(message="Password invalid")
def email_not_exist_in_signup_model(
email='',
):
signup_request = r.signup.find.by_email_or_username(
email=email,
username="",
)
if signup_request:
raise e.BadRequestException(
"Email {email} already register!, check email and verify a".format(
email=email
)
)
else:
return True
def make_response(token, user_id, lock_time, **kwargs):
locker_id = check.locker_id_is_admin(access_token=token)
print(lock_time)
if (check.do_not_lock_myself(
locker_id=locker_id,
user_id=user_id,
)):
user = r.user.find.by_id(user_id=user_id)
if user:
r.user.edit.look_time_and_is_activate(user=user,
look_time=lock_time,
is_active=False)
return {'msg': 'success'}
else:
raise e.BadRequestException('database error')
def inner(token):
try:
data = jwt.decode(token, config.FLASK_APP_SECRET_KEY)
user = repositories.user.find_user_by_id(data['userid'])
if user.is_admin:
return func(token)
else:
raise exceptions.UnAuthorizedException(
message='not authorized')
except jwt.ExpiredSignature:
repositories.usertoken.delete_token_by_tokenstring(token)
raise exceptions.UnAuthorizedException(
'expired token, auto logout')
except jwt.exceptions.InvalidTokenError:
raise exceptions.BadRequestException('Invalid Token')
def no_account(email, username):
signup_request = r.signup.find.by_email_or_username(email, username)
user = r.user.find.by_email_or_username(email, username)
if (
signup_request
or
user
):
raise exceptions.BadRequestException(
"User with username {username} "
"or email {email} already existed!".format(
username=username,
email=email
)
)
else:
return True
def check_info_form_resetpassword_and_res(username, email, **kwargs):
user = repositories.user.find_user_by_username_and_email(username, email)
if user is None:
raise exceptions.BadRequestException("user not exist!")
else:
#update value user in database
if helpers.verify_look_account_by_user(user):
newpassword = repositories.resetpassword.change_password(user)
content_mail = "Your Password: "******"Reset Password", content_mail, email)
if check_password:
return {
'message': 'Reset password success. You can check mail: ' + email,
}
else:
raise exceptions.ForbiddenException(message="Send mail error")
else:
raise exceptions.UnAuthorizedException(message="Account locked")
def check_info_from_login_request(username, password, **kwargs):
user = repositories.user.find_user_by_username(username)
if user is None:
raise exceptions.UnAuthorizedException(message="Not found user")
else:
if(user.check_password(password)):
# function add token
if helpers.verify_look_account_by_user(user):
user_token = repositories.usertoken.create_token_by_user(user)
if user_token is None:
raise exceptions.UnAuthorizedException(message="Don't insert token")
else:
timestr = datetime.timestamp(user_token.expired_time)
return {
'token': user_token.token,
'expired_time': timestr,
'isAdmin': user.is_admin,
}
else:
raise exceptions.UnAuthorizedException(message="Account locked")
else:
raise exceptions.BadRequestException("Password invalid")
def create_user_to_signup_request(username, email, password, **kwargs):
existed_user = repositories.user.find_one_by_email_or_username_in_user(
email, username)
existed_user_not_verify = repositories.signup.find_one_by_email_or_username_in_signup_request(
email, username)
if existed_user or existed_user_not_verify:
raise exceptions.BadRequestException(
"User with username {username} "
"or email {email} already existed!".format(username=username,
email=email))
user = repositories.signup.save_user_to_signup_request(username=username,
email=email,
password=password,
**kwargs)
content_mail = '<a href="{0}/{1}/{2}">Click here</b>'.format(
config.BASE_URL, 'api/users/register/verify', user.user_token_confirm)
check_send_mail = helpers.send_mail("Information Veriry Account.",
content_mail, email, "verify")
if (check_send_mail):
return {
"message": "success",
}
else:
exceptions.ForbiddenException(message="Not found email!!!")
def user_exist(user_id):
user = r.user.find.by_id(user_id=user_id)
if user:
return user
else:
raise e.BadRequestException(message='not found user')
def do_not_delete_your_self(eraser_id, user_id):
if eraser_id == user_id:
raise e.BadRequestException(
message='This is your account, delete error')
else:
return True
def exist_account(user_id):
user = r.user.find.by_id(user_id=user_id)
if user:
return user
else:
raise e.BadRequestException("account not exist!")
