def initialize_data(self) -> None:
with transaction(commit=True) as db:
# Active User
active_user = Users(id=self.active_user_id,
password=self.password).save(db)
# Leave User
leave_user = Users(
id=self.leave_user_id,
password=self.password,
leave=Users.LEAVE,
leave_dt=datetime.now().strftime('%Y-%m-%d %H:%M:%S')).save(db)
setattr(self, 'active_uid', active_user.row_id)
setattr(self, 'leave_uid', leave_user.row_id)
for i in range(0, 2):
response = client.put("/v1/users/session",
json={
'id': self.active_user_id,
'password': self.password
})
assert response.status_code == HTTPStatus.OK
# 테스트 메소드 수 만큼 setup 호출로 테스트 완료가 조금 걸린다
time.sleep(1)
def friends():
current_user_id = get_jwt_identity()
vals = {}
friends = []
suggestions = []
for val in Users_Friends.select().where(
Users_Friends.user == current_user_id):
user = Users.get_or_none(Users.id == val.friend)
friends.append({
'id': user.id,
'name': user.name,
'avatar': user.avatar
})
for user_event in Users_Events.select().where(
Users_Events.user == current_user_id):
user_events_new = Users_Events.select().where(
Users_Events.event == user_event.event)
for val in user_events_new:
user = Users.get_or_none(Users.id == val.user)
if user.id is not current_user_id:
suggestions.append({
'id': user.id,
'name': user.name,
'avatar': user.avatar
})
for i in friends:
try:
suggestions.remove(i)
except ValueError:
pass
result = {'friends': friends, 'suggestions': suggestions}
return jsonify({'success': True, 'message': result}), 200
def agregarcarrito():
sesion = Session()
usuario = request.headers.get('username')
token_angular = request.headers.get('Authorization')
#Verificamos si el usuario tiene una sesión activa
if token_angular:
if sesion.exist_session(usuario, token_angular):
car = Carrito()
user = Users()
datos_user = user.get_user(usuario)
datos = request.get_json()
res = car.exist_prod(datos_user['id'], datos['id_prod'])
if res == 1:
car.agg_prod(datos_user['id'], datos['id_prod'])
db.session.add(car)
respuesta = {
'error': False,
'mensaje': 'Producto agregado exitosamente.'
}
else:
respuesta = {
'error': False,
'mensaje': 'Cantidad aumentada exitosamente.'
}
db.session.commit()
return json.dumps(respuesta)
respuesta = {'error': True, 'mensaje': 'Debes iniciar sesión.'}
return json.dumps(respuesta)
def create_session(self, username, token,admin): self.username = username self.token = token user = Users() usuario = user.get_user(username) self.email = usuario['email'] self.admin = admin
def log_user():
sesion = Session()
new = request.get_json()
usuario = new['username']
token_angular = request.headers.get('Authorization')
#Verificamos si el usuario tiene una sesión activa
if token_angular:
if sesion.exist_session(usuario, token_angular):
respuesta = {'error': True, 'mensaje': 'Ya has iniciado sesión.'}
return json.dumps(respuesta)
user = Users()
clave = new['password']
if sesion.exist_sesion(usuario):
deletesesion = sesion.delete_session(usuario)
db.session.delete(deletesesion)
db.session.commit()
if user.login(usuario, clave):
res = create_session(usuario, user.is_Admin(usuario))
respuesta = {
'error': False,
'mensaje': 'Inicio de sesión exitoso.',
'token': res
}
return json.dumps(respuesta)
else:
respuesta = {
'error': True,
'mensaje': 'Usuario o Contraseña incorrectos.'
}
return json.dumps(respuesta)
def create_user(self):
"""Helper function creates user for tests"""
user = Users(username=self.test_user,
name=self.test_user_name,
email=self.test_user_email,
password=generate_password_hash(self.test_user_password))
user.add()
def create_session(username, admin):
user = Users()
token = user.create_password("secret")
sesion = Session()
sesion.create_session(username, token, admin)
db.session.add(sesion)
db.session.commit()
return token
def __init__(self, config, api_response, mongo_connection):
self.config = config
self.startTime = datetime.now()
self.api_response = api_response
self.users = Users(mongo_connection, False)
self.parser = reqparse.RequestParser()
def add_user(self, user: UserCreate) -> Users:
user_in = Users(
username=user.username,
name=user.name,
email=user.email,
hashed_password=get_password_hash(user.password),
)
res = db.users.insert_one(user_in.dict(by_alias=True))
return res
def retrieve(uid: int):
try:
with transaction() as db:
user = Users(row_id=uid).find_by_row_id(db)
return user.to_dict()
except NotFoundUserException:
raise
except Exception as e:
raise InternalServerException(message=f"서버 에러가 발생했습니다",
exc_detail=str(e))
def init_database_models(self):
db_conf = config.app_cfg['postgresql_teamleader']
table_names = config.app_cfg['table_names']
self.companies = Companies(db_conf, table_names)
self.contacts = Contacts(db_conf, table_names)
self.departments = Departments(db_conf, table_names)
self.events = Events(db_conf, table_names)
self.invoices = Invoices(db_conf, table_names)
self.projects = Projects(db_conf, table_names)
self.users = Users(db_conf, table_names)
def login(data):
try:
with transaction(commit=True) as db:
user = Users(id=data.id,
password=data.password).find_by_id_password(db)
user.login(db)
return {"uid": user.row_id}
except NotFoundUserException:
raise
except Exception as e:
raise InternalServerException(message=f"서버 에러가 발생했습니다",
exc_detail=str(e))
def approve_pin_cleaned():
pin_id = int(request.form['pin_id'])
query = Pins.update(status=2).where(Pins.id == pin_id)
query.execute()
user = Users.get_or_none(Users.id == Pins.get(Pins.id == pin_id).user)
var = (user.points + 20)
query = Users.update(points=var, places_cleaned=(user.places_cleaned + 1))
query.execute()
assign_badge_clean(user.id)
return jsonify({'success': True, 'message': 'Successfully approved!'}), 200
def register(username: str = Body(...),
email: str = Body(...),
password: str = Body(...),
name: str = Body(...),
optIn: bool = Body(...),
db: Session = Depends(get_db)):
try:
user = db.query(Users).filter(Users.email == email).first()
if not user:
# check user has valid login in CCB
req = {
'username': username,
'password': password,
'keep_me_logged_in': True
}
res = requests.post('https://thirdave.ccbchurch.com/api/login',
json=req)
if res.status_code == 200:
# add new user to db
new_user = Users(username=username,
email=email,
name=name,
password=get_password_hash(password),
wants_emails=optIn)
db.add(new_user)
db.commit()
db.refresh(new_user)
# generate auth token
access_token_expires = timedelta(minutes=120 * 24 * 8)
auth_token = create_access_token(
data={"user_uuid": str(new_user.uuid)},
expires_delta=access_token_expires)
return {
"access_token": auth_token.decode(),
"message": "Successfully registered.",
"status": "Success",
"user": new_user.to_json()
}
else:
return 404
else:
return 400
except Exception as e:
print(e)
db.rollback()
return 500
finally:
db.close()
def log_user():
if request.method == 'POST':
user = Users()
usuario = request.form['usuario']
clave = request.form['clave']
if user.exist_user(usuario,clave):
respuesta = {'error':False,'mensaje':'Usuario logueado'}
return json.dumps(respuesta)
else:
respuesta = {'error':True,'mensaje':'Contrasena o Usuario incorrectos'}
return json.dumps(respuesta)
return render_template('login.html')
def unregister(uid):
try:
with transaction(commit=True) as db:
user = Users(row_id=uid).find_by_row_id(db)
if user.leave == Users.ACTIVE:
user.unregister(db)
return {"uid": user.row_id, "leave_dt": user.leave_dt}
except NotFoundUserException:
raise
except Exception as e:
raise InternalServerException(message=f"서버 에러가 발생했습니다",
exc_detail=str(e))
def register():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = RegistrationForm()
if form.validate_on_submit():
user = Users(email=form.email.data)
user.set_password(form.password.data)
db.session.add(user)
db.session.commit()
send_confirmation_email(user)
flash(Markup('A confirmation email has been sent to you by email.'), "info")
return redirect(url_for('auth.login'))
return render_template('auth/register.html', title='Register', form=form)
def hello():
with db.auto_commit():
a = Users()
b =Topic()
db.session.add(b)
a.email="1213s21aa2"
a.password="******"
db.session.add(a)
return "嘻嘻嘻"
def initialize_data(self) -> None:
with transaction(commit=True) as db:
# Active User
active_user = Users(id=self.active_user_id, password=self.password).save(db)
# Leave User
leave_user = Users(
id=self.leave_user_id,
password=self.password,
leave=Users.LEAVE,
leave_dt=datetime.now().strftime('%Y-%m-%d %H:%M:%S')).save(db)
setattr(self, 'active_uid', active_user.row_id)
setattr(self, 'leave_uid', leave_user.row_id)
def perfil():
sesion = Session()
new = request.get_json()
usuario = request.headers.get('username')
token_angular = request.headers.get('Authorization')
print(usuario)
#Verificamos si el usuario tiene una sesión activa
if token_angular:
if sesion.exist_session(usuario, token_angular):
user = Users()
datos = user.get_user(usuario)
return json.dumps(datos)
respuesta = {'error': True, 'mensaje': 'No has iniciado sesión.'}
return json.dumps(respuesta)
def register(data):
try:
with transaction(commit=True) as db:
user = Users(id=data.id, password=data.password)
user.save(db)
return {
"uid": user.row_id,
"created_at": user.created_dt.strftime("%Y-%m-%d %H:%M:%S"),
}
except ConflictUserException:
raise
except Exception as e:
raise InternalServerException(message=f"서버 에러가 발생했습니다",
exc_detail=str(e))
def going():
user_id = get_jwt_identity()
event_id = request.form['event_id']
tmp = Users_Events.get_or_none(Users_Events.user == user_id and Users_Events.event == event_id)
if tmp is not None:
return jsonify({'success': False, 'message': 'Already going'}), 200
Users_Events.create(user=user_id, event=event_id)
points = Users.get(id=user_id).points + 10
query = Users.update(points=points).where(Users.id == user_id)
query.execute()
return jsonify({'success': True, 'message': 'Created successfully'}), 200
def token():
server_error = {
'status_code': 500
}
if request.method == 'POST':
if not request.form['email']:
flash('Please enter email', 'error')
else:
user = Users(request.form['email'], request.form["access_token"],
request.form["refresh_token"])
exists = db.session.query(Users).filter_by(
email=user.email).scalar() is not None
if exists:
query_user = Users.query.filter_by(email=user.email).first()
query_user.access_token = user.access_token
query_user.refresh_token = user.refresh_token
db.session.commit()
resp_dict = {
'status_code': 200,
'email': user.email,
'access_token': user.access_token,
'refresh_token': user.refresh_token
}
return json.dumps(resp_dict)
else:
resp_dict = {'status_code': 404, 'message': 'User not found'}
return json.dumps(resp_dict)
return json.dumps(server_error)
class AuthenticationToken(Resource):
def __init__(self, config, api_response, mongo_connection):
self.config = config
self.startTime = datetime.now()
self.api_response = api_response
self.users = Users(mongo_connection, False)
self.parser = reqparse.RequestParser()
def get(self):
return notFound(self.api_response.failed)
"""
@api {post} /auth/token fetch user information
@apiVersion 1.0.0
@apiName post-token
@apiGroup AUTHENTICATION
@apiPermission all
@apiDescription fetch user information via token
@apiParam (body) {String} key user key
"""
def post(self):
self.parser.add_argument('key', type=str)
data = self.parser.parse_args()
if self.checkRequiredPostParameters(data) is False:
return self.api_response.failed('data', ['key'])
try:
queryData = self.getData(data['key'])
if not bool(queryData):
return self.api_response.failed('token', '')
return self.api_response.success('token',
queryData,
startTime=self.startTime)
except Exception as e:
return self.api_response.failed('token', str(e))
def put(self):
return notFound(self.api_response.failed)
def delete(self):
return notFound(self.api_response.failed)
# ---------------------------------------------------------------------------------------------------------------------
def checkRequiredPostParameters(self, data):
if data['key'] is None:
return False
return True
def getData(self, kId):
return self.users.get({'key': kId})
def get():
event_id = request.args['event_id']
event = Events.get_or_none(Events.id == event_id)
users_events = Users_Events.select().where(Users_Events.event == event_id)
users_list = []
for aux in users_events:
user = Users.get_or_none(Users.id == aux.user)
dict = {
'name': user.name,
'avatar': user.avatar,
'id': user.id
}
users_list.append(dict)
photos = []
pin = Pins.get_or_none(Pins.id == event.pin)
pictures = Pictures.select().where(Pictures.pin == pin.id)
for picture in pictures:
photos.append(picture.url)
result = {
'title': event.title,
'description': event.description,
'time_start': event.time_start,
'time_end': event.time_end,
'users': users_list,
'photos': photos,
}
return jsonify({'success': True, 'message': result}), 200
def tokenCheck():
if request.method == 'OPTIONS':
return
userData = {}
userString = request.headers.get(configs.SECRET_KEY, None)
if userString is None:
response = jsonify(api_response.failed('authentication', ''))
response.status_code = 401
return response
if 'auth' in request.url:
if userString != configs.SECRET_KEY_HASH:
response = jsonify(api_response.failed('authentication', ''))
response.status_code = 401
return response
else:
userKey = request.headers.get('user-key', None)
if userKey is None:
response = jsonify(api_response.failed('authentication', ''))
response.status_code = 401
return response
userData = Users(mongo, False).get({'key': str(userKey)})
if not bool(userData):
response = jsonify(api_response.failed('authentication', ''))
response.status_code = 401
return response
g.user = userData
def post(self):
name = request.json.get('name')
username = request.json.get('username')
user = Users(name=name, username=username)
db.session.add(user)
db.session.commit()
return {'result': 'User added.'}
def delete_account(token):
"""The function deletes a user's account"""
try:
user_id, data = Users.decode_token(token), request.json
if validation(data, ['password']):
user = Users.query.filter_by(id=user_id).first()
# check if the password provided matches the known
if check_password_hash(user.user_password,
valid_data['password']):
user.delete()
return jsonify({'Error': 'Account deleted'}), 200
else:
create_error({'Error': 'Incorrect password'}, 403)
return format_error['error']
except Exception as ex:
excepts = {
'TypeError': {
'Error': 'Please provide a password ' + 'key and value',
'e': 400
},
'BadRequest': {
'Error': 'Password is missing',
'e': 400
}
}
handle_exceptions(type(ex).__name__, excepts)
return format_error['error']
def get_user(token):
"""The function logs in a new user"""
try:
user_id = Users.decode_token(token)
user = Users.query.filter_by(id=user_id).first()
if (user):
user = {
"username": user.user_username,
"name": user.user_name,
"id": user_id,
"email": user.user_email
}
return jsonify({
"user": user,
"message": "user records found"
}), 200
return jsonify({"Error": "User record not found"}), 401
except Exception as ex:
excepts = {
'BadRequest': {
'Error':
'Please ensure all fieds are ' + 'correctly specified',
'e': 400
}
}
handle_exceptions(type(ex).__name__, excepts)
return format_error['error']
def reset_password(token):
"""The function updates a user's password"""
try:
data, user_id = request.json, Users.decode_token(token)
if validation(data,
['password', 'new_password', 'confirm_password'
]) and password_reset_verification(user_id):
objects['user'].user_password = generate_password_hash(
valid_data['new_password'])
objects['user'].update()
return jsonify({'message': 'Password was reset'}), 201
return format_error['error']
except Exception as ex:
excepts = {
'AttributeError': {
'Error': 'All attributes are expected',
'e': 400
},
'BadRequest': {
'Error': 'Parse all fields',
'e': 400
}
}
handle_exceptions(type(ex).__name__, excepts)
return format_error['error']
def post(self):
"""
POST Method for User
:return: JSON response
"""
try:
self.validate_fields(Users.required_fields(), request.form)
except ValueError:
return self.response(400, 'Required fields: ' + ' '.join(Users.required_fields()))
params = self.get_form_values(Users.get_columns(), request.form)
old_user = Users.query.filter_by(email=params['email']).first()
if old_user:
return self.response(400, ['e-mail already registered'])
new_user = Users(
name=params['name'],
email=params['email'],
password=params['password']
)
new_user.save()
return self.response(201)
