def forgotpassword(): try: if 'email' not in request.json: raise ReturnException(message="email not found in payload", status_code=400) LOGGER.info("payload email is:{0}".format(request.json['email'])) accounts = app.data.driver.db['persons'] user = accounts.find_one({'email': request.json['email']}) if not user: raise ReturnException(message="email not found in database.", status_code=400, payload=request.json) LOGGER.info("found user for forgot password:{0}".format(user)) token = str(uuid.uuid4()) if user['tokens']['forgot_password']: token = str(user['tokens']['forgot_password']) LOGGER.info( "updating forgot password token:{0} for user id:{1}".format( token, user['_id'])) accounts.update({'_id': ObjectId(str(user['_id']))}, {'$set': { 'tokens.forgot_password': token }}) # forgot password email code. if send_dl_emails( title=CONFIG_DATA['FORGOT_PASSWORD_TITLE'], recipients=[request.json['email']], sender=CONFIG_DATA['FAB_SUPPORT_TEAM'], user_id=str(user['_id']), email=user['email'], first_name=user['first_name'], last_name=user['last_name'], token=token, server_url=SERVER_URL, template=CONFIG_DATA['FORGOT_PASSWORD_EMAIL_TEMPLATE']): response = jsonify(error='', data={ "token": token, "user_id": str(user['_id']) }) response.status_code = 200 return response else: accounts.update({'_id': ObjectId(str(user['_id']))}, {'$set': { 'tokens.forgot_password': "" }}) abort(500, "failed to send forgot password email, please try again...") except Exception as e: LOGGER.error(str(e)) abort(401, str(e))
def signup(): items = request.json if not isinstance(items, list): abort(400, 'payload should be list') for payload in items: LOGGER.info("signup payload request:{0}".format(payload)) if 'password' not in payload: message = '{0} field not found in input payload'.format( 'password', payload) abort(400, message) if 'admin_creation_token' in payload: admin_creation_token = payload['admin_creation_token'] del payload['admin_creation_token'] else: admin_creation_token = None payload['password'] = { 'password': str(generate_password_hash(payload['password'])), 'password_raw': str(payload['password']), 'last_password_updated_date': datetime.now() } payload['tokens'] = { 'registration': '', 'login': '', 'forgot_password': '' } payload['created_date'] = datetime.now() payload['email_confirmed'] = False if admin_creation_token and admin_creation_token == PASSWORD_CRYPTION_TOKEN: payload['email_confirmed'] = True payload['pictures'] = {'thumbnail': '', 'large': '', 'medium': ''} payload['modified_date'] = datetime.now() payload['status'] = 'active' # check logged user can assign role or not otherwise default role will be 'user' can_assign = False if 'user_level' in payload and 'loggin_token' in payload: user = accounts.find_one( {"tokens.login": str(payload['login_token'])}) if user and user['user_level'] in CONFIG_DATA['CREATE_USER_ROLES']: can_assign = True if not can_assign: payload['user_level'] = "user" if admin_creation_token and admin_creation_token == PASSWORD_CRYPTION_TOKEN: payload['user_level'] = "admin" validation = Validations('persons') violations = validation.validate_schema(payload, ['default', 'unique']) if violations: abort(400, str(violations)) accounts = app.data.driver.db['persons'] user = accounts.find_one({'email': payload['email']}) if user: abort(400, "email:{0} already exists.".format(user['email'])) user = accounts.find_one({'mobile_number': payload['mobile_number']}) if user: abort( 400, "mobile_number:{0} already exists.".format( user['mobile_number'])) try: user_id = str(accounts.insert(payload)) LOGGER.info("user successfully created:{0}".format(user_id)) ##################################################################### # if user creation failed, don't send email and remove created user ##################################################################### if admin_creation_token and admin_creation_token == PASSWORD_CRYPTION_TOKEN: if send_admin_emails( title=CONFIG_DATA['ADMIN_CREATION_TITLE'], recipients=[payload['email']], sender=CONFIG_DATA['FAB_SUPPORT_TEAM'], user_id=user_id, email=payload['email'], first_name=payload['first_name'], template=CONFIG_DATA['ADMIN_CREATION_EMAIL_TEMPLATE']): payload['mail_sent'] = True payload['main_sent_error'] = '' payload['is_created'] = True payload['_id'] = str(user_id) else: accounts.remove({'_id': ObjectId(user_id)}) payload['mail_sent'] = False payload['is_created'] = False payload[ 'main_sent_error'] = "failed to send registration email, please try again..." else: ################################################ # normal user signup not admin ################################################ registration_token = str(uuid.uuid4()) LOGGER.info( "updating registration token:{0} for user id:{1}".format( registration_token, user_id)) accounts.update( {'_id': ObjectId(user_id)}, {'$set': { 'tokens.registration': registration_token }}) # registration email code. if send_dl_emails( title=CONFIG_DATA['REGISTRATION_TITLE'], recipients=[payload['email']], sender=CONFIG_DATA['FAB_SUPPORT_TEAM'], user_id=str(user_id), email=payload['email'], first_name=payload['first_name'], token=registration_token, server_url=SERVER_URL, template=CONFIG_DATA['REGISTRATION_EMAIL_TEMPLATE']): payload['mail_sent'] = True payload['main_sent_error'] = '' payload['is_created'] = True payload['_id'] = str(user_id) else: accounts.remove({'_id': ObjectId(user_id)}) payload['mail_sent'] = False payload['is_created'] = False payload[ 'main_sent_error'] = "failed to send registration email, please try again..." payload['error'] = '' print(payload, '********************') except Exception as e: accounts.remove({'_id': ObjectId(user_id)}) LOGGER.error("got exception in signup:{0}".format(e)) payload['is_created'] = False payload['error'] = str(e) response = jsonify(errors=[], data=items) response.status_code = 201 return response