def create_admin(password='******'): """ Create default data. """ role_admin = Role.query.filter(Role.role_name == "admin").first() if (role_admin is None): role_admin = Role(role_name='admin', display_name="Admin") db.session.add(role_admin) db.session.flush() role_user = Role.query.filter(Role.role_name == "user").first() if (role_user is None): role_user = Role(role_name='user', display_name="User") db.session.add(role_user) db.session.flush() user = User.query.filter(User.user_name == "admin").first() if user is None: # create salt letters = string.ascii_lowercase user_salt = ''.join(random.choice(letters) for i in range(64)) print("user_salt", user_salt) # create user password user_password = auth.encrypt_password(password, user_salt) #create user user = User(user_name='admin', full_name="Admin User", email="*****@*****.**",\ password=user_password, salt=user_salt) db.session.add(user) db.session.commit() return
def login(): username = request.json['parent'] password = request.json['child'] token = User.check_user(User, username, password) if token: return {'token': token} else: return {'token': False}
def user_register(request=None, Model=None, result=None, **kw): currentUser = auth.current_user(request) if (currentUser is None): return json( { "error_code": "SESSION_EXPIRED", "error_message": "Hết phiên làm việc, vui lòng đăng nhập lại!" }, status=520) if result['id'] is not None: param = request.json role_admin = Role.query.filter(Role.role_name == "admin").first() role_user = Role.query.filter(Role.role_name == "user").first() role_employee = Role.query.filter(Role.role_name == "employee").first() role_leader = Role.query.filter(Role.role_name == "leader").first() # print("model==========",result) letters = string.ascii_lowercase user_salt = ''.join(random.choice(letters) for i in range(64)) print("user_salt", user_salt) user_password = auth.encrypt_password(param['password'], user_salt) user = User(email=param['email'], password=user_password, salt=user_salt, user_name=param['user_name'], full_name=param['full_name']) if (param['position'] == 'employee' or param['position'] is None): user.roles = [role_employee] if (param['position'] == 'leader'): user.roles = [role_leader] employee = db.session.query(Employee).filter( Employee.id == result['id']).first() employee.user = [user] db.session.add(employee) db.session.commit()
def add(): name = request.get("admin") if name != "admin": return "Insufficient permissions" uid = request.get("id") name = request.get("name") pwd = request.get("password") u = select(u for u in User if u.id == uid) if u: u.name = name u.password = pwd else: User(name=name, password=pwd) commit() return url_for('.index')
def add_loan_officer(): first_name = request.json["first_name"] surname = request.json["surname"] sex = request.json["sex"] email = request.json["email"] telephone = request.json["telephone"] role = request.json["user_role"] password = request.json["password"] officer = LoanOfficer(first_name, surname, sex, email, telephone, role) user = User(telephone, password, role, officer) if officer and user: return {'state': False} else: return {'state': True}
def before_request(): if str(request) == "<Request 'http://10.0.2.2:9090/login/' [POST]>": pass elif str(request ) == "<Request 'http://10.0.2.2:9090/login_client/' [POST]>": pass elif str(request ) == "<Request 'http://10.0.2.2:9090/client/signup' [POST]>": pass else: token = request.headers.get('Authorization') if token: token = token.replace("Bearer ", "") user_ojukua = User.verify_auth_token(token) user_client = UserClient.verify_auth_token(token) if user_ojukua: pass elif user_client: pass else: return abort(401) else: return abort(401)
def change_password(username): new_password = request.json['childling'] old_password = request.json['old'] User.change_password(User, username, old_password, new_password) return request.json