def reset_password(
token: str = Body(...),
email: str = Body(...),
password: str = Body(...),
session: Session = Depends(dependencies.get_database_session),
):
error = HTTPException(400, "Invalid token")
user_with_email: User = (
session.query(User).filter(User.email == email).one_or_none()
)
if not user_with_email:
raise HTTPException(404, "User not found")
try:
payload = util.get_payload_from_token(token)
token_type = payload["type"]
if token_type != PASSWORD_RESET_TOKEN_VALUE:
raise error
token_email = payload["email"]
if token_email != user_with_email.email:
raise error
user_password = util.hash_password(password)
user_with_email.hashed_password = user_password
session.commit()
except PyJWTError:
raise error
except KeyError:
raise error
def update_password(self, session: Session, user: User, old_password: str,
new_password: str) -> User:
if not util.password_is_match(old_password, user.hashed_password):
raise ApplicationError("Wrong password")
new_hashed_password = util.hash_password(new_password)
return self.user_service.update(session,
user,
hashed_password=new_hashed_password)
def admin(session: Session, admin_create_data: dict) -> User:
create_data = {**admin_create_data}
hashed_password = util.hash_password(create_data["password"])
del create_data["password"]
del create_data["role"]
create_data["hashed_password"] = hashed_password
admin = Admin(**create_data)
session.add(admin)
session.commit()
assert session.query(Admin).get(admin.id)
return admin
def landlord(session: Session, landlord_create_data: dict) -> Landlord:
create_data = {**landlord_create_data}
hashed_password = util.hash_password(create_data["password"])
del create_data["password"]
del create_data["role"]
create_data["hashed_password"] = hashed_password
landlord = Landlord(**create_data)
session.add(landlord)
session.commit()
assert session.query(Landlord).get(landlord.id)
return landlord
def tenant(session: Session, tenant_create_data: dict) -> Tenant:
create_data = {**tenant_create_data}
hashed_password = util.hash_password(create_data["password"])
del create_data["password"]
del create_data["role"]
create_data["hashed_password"] = hashed_password
tenant = Tenant(**create_data)
session.add(tenant)
session.commit()
assert session.query(Tenant).get(tenant.id)
return tenant
def create_admin(
self,
session: Session,
first_name: str,
last_name: str,
dob: date,
email: str,
phone_number: str,
password: str,
):
hashed_password = util.hash_password(password)
return self.admin_service.create(
session,
first_name=first_name,
last_name=last_name,
dob=dob,
email=email,
phone_number=phone_number,
hashed_password=hashed_password,
)
def test_password_is_match():
password = "******"
hashed_password = util.hash_password(password)
assert not util.password_is_match("wrong", hashed_password)
assert util.password_is_match(password, hashed_password)
def test_hash_password():
password = "******"
hashed_password = util.hash_password(password)
assert password != hashed_password
