def get(self, email): # Get values server = request.headers.get('server') # Validate required fields validation = Validation() validation.add_required_field('email', email) validation.add_required_field('server', server) validation.check_email('email', email) if not validation.is_valid(): return validation.get_validation_response() # Validate user exits user = user_service.get_user_by_email(email) if user is None: return Failures.unknown_user_email(email) if user.auth_source != 'local': return Failures.wrong_auth_source(user.auth_source) success, code, message = user_service.send_email_confirm( user.id, server) db.session.commit() if success: logging.info('LocalUser-controller: RequestConfirm: success: %s', user.id) return {'success': True} else: if code == 10: return Failures.rate_exceeded() return {'success': False, 'message': message, 'code': 520}
def get(email): # TODO: Validate the format of the email address before attempting database IO # Validate user exists, is validated and is not blocked user = user_service.get_user_by_email(email) if user is None: return Failures.unknown_user_email(email) logging.info('User-controller: getUserByEmail: success: %s (%s)', email, user.screen_name) return { 'success': True, 'user': { 'id': user.id, 'email': user.email, 'locale': user.locale, 'screenname': user.screen_name, 'authentication-source': user.auth_source, 'bdmonth': user.birth_month, 'bdyear': user.birth_year, 'parent-email': user.parent_email, 'parent-email-source': user.parent_email_source } }
def post(self): # Get values server = request.headers.get('server') email = request.form.get('email') source = request.form.get('source') # Validate required fields validation = Validation() validation.add_required_field('server', server) validation.add_required_field('email', email) validation.add_required_field('source', source) validation.check_email('email', email) if not validation.is_valid(): return validation.get_validation_response() # Validate user exits user = user_service.get_user_by_email(email) if user is None: return Failures.unknown_user_email(email) # Validate auth source if user.auth_source != source: return Failures.wrong_auth_source(user.auth_source) logging.info('OAuth-controller: Validate: success: %s', user.id) return {'success': True, 'user': { 'id': user.id, 'email': user.email, 'locale': user.locale, 'screenname': user.screen_name }}
def post(self): # Get values server = request.headers.get('server') email = request.form.get('email') password = request.form.get('password') # Validate required fields validation = Validation() validation.add_required_field('server', server) validation.add_required_field('email', email) validation.add_required_field('password', password) if not validation.is_valid(): return validation.get_validation_response() # Validate user exists, is validated and is not blocked user = user_services.get_user_by_email(email) if user is None: return Failures.unknown_user_email(email) if not user.confirmed: return Failures.email_not_confirmed(email) if user.blocked: return Failures.user_blocked(email) if user.auth_source != 'local': return Failures.wrong_auth_source(user.auth_source) if not rate_limiting_services.has_sufficient_tokens(user.id, 'failed-password', 1): return Failures.rate_exceeded() # The password might not be encoded correctly when submitted. This # could cause the check_password method to fault. We trap that # possibility and address it here. try: if not user_services.check_password(user.id, password): rate_limiting_services.consume_tokens(user.id, 'failed-password', 1) return Failures.wrong_password(email) except TypeError: return Failures.password_unknown_format("Unicode-objects must be encoded before hashing") db.session.commit() logging.info('Authenticate-controller: Authenticate: success: %s', email) return { 'success': True, 'user': { 'id': user.id, 'email': user.email, 'locale': user.locale, 'screenname': user.screen_name, 'authentication-source': user.auth_source, 'bdmonth': user.birth_month, 'bdyear': user.birth_year, 'parent-email': user.parent_email, 'parent-email-source': user.parent_email_source }}
def post(self, email): # Get values token = request.form.get('token') password = request.form.get('password') password_confirm = request.form.get('password-confirm') # Validate required fields validation = Validation() validation.add_required_field('email', email) validation.add_required_field('token', token) validation.add_required_field('password', password) validation.add_required_field('password-confirm', password_confirm) validation.check_email('email', email) if not validation.is_valid(): return validation.get_validation_response() # Validate user exits user = user_service.get_user_by_email(email) if user is None: return Failures.unknown_user_email(email) if user.auth_source != 'local': return Failures.wrong_auth_source(user.auth_source) # Validate password strength and confirm if password != password_confirm: return Failures.passwords_do_not_match() if not user_service.check_password_complexity(password): return Failures.password_complexity() # Delete expired tokens ResetToken.query.filter( ResetToken.validity < datetime.datetime.now()).delete() db.session.flush() reset_token = ResetToken.query.filter_by(token=token).first() if reset_token is None: # Unkown token return {'success': False, 'code': 510} if reset_token.id_user != user.id: # Token is not for this user return {'success': False, 'code': 510} salt, password_hash = user_service.get_password_hash(password) user.password = password_hash user.salt = salt db.session.delete(reset_token) db.session.commit() logging.info('LocalUser-controller: DoPasswordReset: success: %s', user.id) return {'success': True}
def post(self): # Get values server = request.headers.get('server') email = request.form.get('email') password = request.form.get('password') #browser = request.form.get('browser') #ip_address = request.form.get('ipAddress') # Validate required fields validation = Validation() validation.add_required_field('server', server) validation.add_required_field('email', email) validation.add_required_field('password', password) #validation.add_required_field('browser', browser) #validation.add_required_field('ipAddress', ip_address) if not validation.is_valid(): return validation.get_validation_response() # Validate user exists, is validated and is not blocked user = user_services.get_user_by_email(email) if user is None: return Failures.unknown_user_email(email) if not user.confirmed: return Failures.email_not_confirmed() if user.blocked: return Failures.user_blocked() if user.auth_source != 'local': return Failures.wrong_auth_source(user.auth_source) if not rate_limiting_services.has_sufficient_tokens( user.id, 'failed-password', 1): return Failures.rate_exceeded() if not user_services.check_password(user.id, password): rate_limiting_services.consume_tokens(user.id, 'failed-password', 1) db.session.commit() return Failures.wrong_password() db.session.commit() logging.info('Authenticate-controller: Authenticate: success: %s', user.id) return { 'success': True, 'user': { 'id': user.id, 'email': user.email, 'locale': user.locale, 'screenname': user.screen_name, 'authentication-source': user.auth_source } }
def post(self): # Get values server = request.headers.get('server') email = request.form.get('email') password = request.form.get('password') # Validate required fields validation = Validation() validation.add_required_field('server', server) validation.add_required_field('email', email) validation.add_required_field('password', password) if not validation.is_valid(): return validation.get_validation_response() # Validate user exists, is validated and is not blocked user = user_services.get_user_by_email(email) if user is None: return Failures.unknown_user_email(email) if not user.confirmed: return Failures.email_not_confirmed(email) if user.blocked: return Failures.user_blocked(email) if user.auth_source != 'local': return Failures.wrong_auth_source(user.auth_source) if not rate_limiting_services.has_sufficient_tokens(user.id, 'failed-password', 1): return Failures.rate_exceeded() if not user_services.check_password(user.id, password): rate_limiting_services.consume_tokens(user.id, 'failed-password', 1) db.session.commit() return Failures.wrong_password(email) db.session.commit() logging.info('Authenticate-controller: Authenticate: success: %s', email) return {'success': True, 'user': { 'id': user.id, 'email': user.email, 'locale': user.locale, 'screenname': user.screen_name, 'authentication-source': user.auth_source, 'bdmonth': user.birth_month, 'bdyear': user.birth_year, 'parent-email': user.parent_email, 'parent-email-source': user.parent_email_source }}
def post(self, email): # Get values token = request.form.get('token') password = request.form.get('password') password_confirm = request.form.get('password-confirm') # Validate required fields validation = Validation() validation.add_required_field('email', email) validation.add_required_field('token', token) validation.add_required_field('password', password) validation.add_required_field('password-confirm', password_confirm) validation.check_email('email', email) if not validation.is_valid(): return validation.get_validation_response() # Validate user exits user = user_service.get_user_by_email(email) if user is None: return Failures.unknown_user_email(email) if user.auth_source != 'local': return Failures.wrong_auth_source(user.auth_source) # Validate password strength and confirm if password != password_confirm: return Failures.passwords_do_not_match() if not user_service.check_password_complexity(password): return Failures.password_complexity() # Delete expired tokens ResetToken.query.filter(ResetToken.validity < datetime.datetime.now()).delete() db.session.flush() reset_token = ResetToken.query.filter_by(token=token).first() if reset_token is None: # Unkown token return {'success': False, 'code': 510} if reset_token.id_user != user.id: # Token is not for this user return {'success': False, 'code': 510} salt, password_hash = user_service.get_password_hash(password) user.password = password_hash user.salt = salt db.session.delete(reset_token) db.session.commit() logging.info('LocalUser-controller: DoPasswordReset: success: %s', user.id) return {'success': True}
def post(self): # Get values email = request.form.get('email') # User account email address token = request.form.get( 'token') # Token assigned to account during account registration # Validate required fields validation = Validation() validation.add_required_field('email', email) validation.add_required_field('token', token) validation.check_email('email', email) if not validation.is_valid(): return validation.get_validation_response() # Validate user exits user = user_service.get_user_by_email(email) if user is None: return Failures.unknown_user_email(email) if user.auth_source != 'local': return Failures.wrong_auth_source(user.auth_source) # Delete expired tokens ConfirmToken.query.filter( ConfirmToken.validity < datetime.datetime.now()).delete() db.session.flush() confirm_token = ConfirmToken.query.filter_by(token=token).first() if confirm_token is None: # Unknown token return {'success': False, 'code': 510} if confirm_token.id_user != user.id: # Token is not for this user return {'success': False, 'code': 510} # Set user account status to 'Confirmed' user.confirmed = True # Delete the account confirmation token; it is no longer required db.session.delete(confirm_token) # Commit the user account changes db.session.commit() logging.info('LocalUser-controller: DoConfirm: success: %s', user.id) return {'success': True}
def post(self): # Get values server = request.headers.get('server') email = request.form.get('email') password = request.form.get('password') password_confirm = request.form.get('password-confirm') locale = request.form.get('locale') screen_name = request.form.get('screenname') # Validate required fields validation = Validation() validation.add_required_field('server', server) validation.add_required_field('email', email) validation.add_required_field('password', password) validation.add_required_field('password-confirm', password_confirm) validation.add_required_field('locale', locale) validation.add_required_field('screenname', screen_name) validation.check_email('email', email) if not validation.is_valid(): return validation.get_validation_response() # Validate email is not yet used existing_user = user_service.get_user_by_email(email) if existing_user is not None: return Failures.email_already_in_use(email) # Validate screen name is not yet used existing_user = user_service.get_user_by_screen_name(screen_name) if existing_user is not None: return Failures.screen_name_already_in_use(screen_name) # Validate password strength and confirm if password != password_confirm: return Failures.passwords_do_not_match() if not user_service.check_password_complexity(password): return Failures.password_complexity() id_user = user_service.create_local_user(server, email, password, locale, screen_name) user_service.send_email_confirm(id_user, server) db.session.commit() logging.info('User-controller: register success: %s', id_user) # Create user return {'success': True, 'user': id_user}
def post(self): # Get values email = request.form.get('email') # User account email address token = request.form.get('token') # Token assigned to account during account registration # Validate required fields validation = Validation() validation.add_required_field('email', email) validation.add_required_field('token', token) validation.check_email('email', email) if not validation.is_valid(): return validation.get_validation_response() # Validate user exits user = user_service.get_user_by_email(email) if user is None: return Failures.unknown_user_email(email) if user.auth_source != 'local': return Failures.wrong_auth_source(user.auth_source) # Delete expired tokens ConfirmToken.query.filter(ConfirmToken.validity < datetime.datetime.now()).delete() db.session.flush() confirm_token = ConfirmToken.query.filter_by(token=token).first() if confirm_token is None: # Unknown token return {'success': False, 'code': 510} if confirm_token.id_user != user.id: # Token is not for this user return {'success': False, 'code': 510} # Set user account status to 'Confirmed' user.confirmed = True # Delete the account confirmation token; it is no longer required db.session.delete(confirm_token) # Commit the user account changes db.session.commit() logging.info('LocalUser-controller: DoConfirm: success: %s', user.id) return {'success': True}
def get(self, email): # Get server URL server = request.headers.get('server') logging.info("Requesting email confirmation for %s from server %s", email, server) # Validate required fields validation = Validation() validation.add_required_field('email', email) validation.add_required_field('server', server) validation.check_email('email', email) if not validation.is_valid(): return validation.get_validation_response() # Validate user exits user = user_service.get_user_by_email(email) if user is None: return Failures.unknown_user_email(email) if user.auth_source != 'local': return Failures.wrong_auth_source(user.auth_source) success, code, message = user_service.send_email_confirm(user.id, server) db.session.commit() if success: logging.info('LocalUser-controller: RequestConfirm: success: %s', user.id) return {'success': True} else: if code == 10: return Failures.rate_exceeded() elif code == 99: return { 'success': False, 'message': message, 'code': 540 } else: return { 'success': False, 'message': message, 'code': 520 }
def get(self, email): # Validate user exists, is validated and is not blocked user = user_service.get_user_by_email(email) if user is None: return Failures.unknown_user_email(email) logging.info('User-controller: getUserByEmail: success: %s (%s)', email, user.screen_name) return { 'success': True, 'user': { 'id': user.id, 'email': user.email, 'locale': user.locale, 'screenname': user.screen_name, 'authentication-source': user.auth_source } }
def get(email): # TODO: Validate the format of the email address before attempting database IO # Validate user exists, is validated and is not blocked user = user_service.get_user_by_email(email) if user is None: return Failures.unknown_user_email(email) logging.info('User-controller: getUserByEmail: success: %s (%s)', email, user.screen_name) return {'success': True, 'user': { 'id': user.id, 'email': user.email, 'locale': user.locale, 'screenname': user.screen_name, 'authentication-source': user.auth_source, 'bdmonth': user.birth_month, 'bdyear': user.birth_year, 'parent-email': user.parent_email, 'parent-email-source': user.parent_email_source }}
def get(self, email): # Get values server = request.headers.get('server') # Validate required fields validation = Validation() validation.add_required_field('email', email) validation.add_required_field('server', server) validation.check_email('email', email) if not validation.is_valid(): return validation.get_validation_response() # Validate user exits user = user_service.get_user_by_email(email) if user is None: return Failures.unknown_user_email(email) if user.auth_source != 'local': return Failures.wrong_auth_source(user.auth_source) if not user.confirmed: return Failures.email_not_confirmed(user.email) success, code, message = user_service.send_password_reset(user.id, server) db.session.commit() if success: logging.info('LocalUser-controller: RequestPasswordReset: success: %s', user.id) return {'success': True} else: if code == 10: return Failures.rate_exceeded() return { 'success': False, 'message': message, 'code': 520 }
def post(self): # Get values server = request.headers.get('server') email = request.form.get('email') locale = request.form.get('locale') screen_name = request.form.get('screenname') source = request.form.get('source') # Validate required fields validation = Validation() validation.add_required_field('server', server) validation.add_required_field('email', email) validation.add_required_field('locale', locale) validation.add_required_field('screenname', screen_name) validation.add_required_field('source', source) validation.check_email('email', email) if not validation.is_valid(): return validation.get_validation_response() # Validate email is not yet used existing_user = user_service.get_user_by_email(email) if existing_user is not None: return Failures.email_already_in_use(email) # Validate screen name is not yet used existing_user = user_service.get_user_by_screen_name(screen_name) if existing_user is not None: return Failures.screen_name_already_in_use(screen_name) id_user = user_service.create_oauth_user(server, email, source, locale, screen_name) db.session.commit() logging.info('OAuth-controller: create success: %s', id_user) # Create user return {'success': True, 'user': id_user}
def post(): # Get values server = request.headers.get('server') email = request.form.get('email') password = request.form.get('password') password_confirm = request.form.get('password-confirm') locale = request.form.get('locale') screen_name = request.form.get('screenname') # COPPA support birth_month = request.form.get('bdmonth') birth_year = request.form.get('bdyear') parent_email = request.form.get('parent-email') parent_email_source = request.form.get('parent-email-source') # Validate required fields validation = Validation() validation.add_required_field('server', server) validation.add_required_field('email', email) validation.add_required_field('password', password) validation.add_required_field('password-confirm', password_confirm) validation.add_required_field('locale', locale) validation.add_required_field('screenname', screen_name) # COPPA support validation.add_required_field('bdmonth', birth_month) validation.add_required_field('bdyear', birth_year) if parent_email: validation.check_email('parent-email', parent_email) if not validation.is_valid(): return validation.get_validation_response() # Verify user email address validation.check_email('email', email) if not validation.is_valid(): return validation.get_validation_response() # Validate email is not yet used existing_user = user_service.get_user_by_email(email) if existing_user is not None: return Failures.email_already_in_use(email) # Validate screen name is not yet used existing_user = user_service.get_user_by_screen_name(screen_name) if existing_user is not None: return Failures.screen_name_already_in_use(screen_name) # Validate password strength and confirm if password != password_confirm: return Failures.passwords_do_not_match() if not user_service.check_password_complexity(password): return Failures.password_complexity() # Write user details to the database id_user = user_service.create_local_user(server, email, password, locale, screen_name, birth_month, birth_year, parent_email, parent_email_source) # Send a confirmation request email to user or parent (result, errno, mesg) = user_service.send_email_confirm(id_user, server) if result: # Commit the database record db.session.commit() logging.info('User-controller: register success: %s', id_user) # Create user return {'success': True, 'user': id_user} else: logging.error("Unable to register user. Error %s: %s", errno, mesg) return {'success': False, 'user': 0}
def post(): # Get values server = request.headers.get('server') email = request.form.get('email') password = request.form.get('password') password_confirm = request.form.get('password-confirm') locale = request.form.get('locale') screen_name = request.form.get('screenname') # COPPA support birth_month = request.form.get('bdmonth') birth_year = request.form.get('bdyear') parent_email = request.form.get('parent-email') parent_email_source = request.form.get('parent-email-source') # Validate required fields validation = Validation() validation.add_required_field('server', server) validation.add_required_field('email', email) validation.add_required_field('password', password) validation.add_required_field('password-confirm', password_confirm) validation.add_required_field('locale', locale) validation.add_required_field('screenname', screen_name) # COPPA support validation.add_required_field('bdmonth', birth_month) validation.add_required_field('bdyear', birth_year) if parent_email: validation.check_email('parent-email', parent_email) if not validation.is_valid(): return validation.get_validation_response() # Verify user email address validation.check_email('email', email) if not validation.is_valid(): return validation.get_validation_response() # Validate email is not yet used existing_user = user_service.get_user_by_email(email) if existing_user is not None: return Failures.email_already_in_use(email) # Validate screen name is not yet used existing_user = user_service.get_user_by_screen_name(screen_name) if existing_user is not None: return Failures.screen_name_already_in_use(screen_name) # Validate password strength and confirm if password != password_confirm: return Failures.passwords_do_not_match() if not user_service.check_password_complexity(password): return Failures.password_complexity() # Write user details to the database id_user = user_service.create_local_user( server, email, password, locale, screen_name, birth_month, birth_year, parent_email, parent_email_source) # Send a confirmation request email to user or parent (result, errno, mesg) = user_service.send_email_confirm(id_user, server) if result: # Commit the database record db.session.commit() logging.info('User-controller: register success: %s', id_user) # Create user return {'success': True, 'user': id_user} else: logging.error("Unable to register user. Error %s: %s", errno, mesg) return {'success': False, 'user': 0}