Example #1
0
    def post(self):
        parser = reqparse.RequestParser()
        id = int(requests.get(f"{api_url}/users/count").text)
        parser.add_argument('sessionUserID')
        parser.add_argument('form')
        args = parser.parse_args()

        sessionUserID = args['sessionUserID']
        formData = args['form']
        formDict = Helper.ParseArgs(formData)

        try:
            usertype = formDict['usertype']
        except:
            usertype = 'regular_user'
        firstname = formDict['firstname']
        lastname = formDict['lastname']
        email = formDict['email']
        time = datetime.now()
        year = time.strftime("%Y")[2:4]
        month = time.strftime("%m")
        username = firstname[0].lower() + lastname.lower() + month + year
        avatarlink = formDict['avatarlink']
        password_expiration_date = time + timedelta(days=7)
        password_Ex = password_expiration_date.strftime('%Y-%m-%d')
        if (avatarlink == ''):
            avatarlink = 'https://www.jennstrends.com/wp-content/uploads/2013/10/bad-profile-pic-2-768x768.jpeg'
        try:
            password = formDict['password']
        except:
            password = Helper.GeneratePassword()

        hashed_password = generate_password_hash(password)
        engine.execute(
            f"""INSERT INTO Users (id, username, email, usertype, firstname, lastname, avatarlink, is_active, 
                                            is_password_expired, reactivate_user_date, hashed_password, failed_login_attempts, password_expiration_date) 
                        VALUES ({id}, '{username}', '{email}','{usertype}', '{firstname}', '{lastname}', '{avatarlink}', 1, 0, '1900-01-01', '{hashed_password}', 0,'{password_Ex}');
                        INSERT INTO Passwords (id, password) VALUES ({id}, '{hashed_password}');"""
        )

        message = f"User created"
        data = {
            'SessionUserID': sessionUserID,
            'UserID': id,
            'AccountNumber': 0,
            'Amount': 0,
            'Event': message
        }
        requests.post(f"{api_url}/events/create", json=data)

        msg = Message('Hello from appdomainteam3!', recipients=[email])
        msg.body = f"Hello, your login for appdomainteam3 is:\nUsername: {username}\nPassword: {password}"
        mail.send(msg)
Example #2
0
    def post(self):
        parser = reqparse.RequestParser()
        parser.add_argument('form')
        parser.add_argument('sessionUserID')
        args = parser.parse_args()
        formDict = Helper.ParseArgs(args['form'])
        sessionUserID = args['sessionUserID']
        username = formDict['username']
        email = formDict['email']
        response = requests.get(f"{api_url}/users/{username}")
        if (response.status_code != 200):
            return Response("No user with that username!",
                            status=404,
                            mimetype='application/json')
        if (response.json()[0]['email'] != email):
            return Response(
                f"Email does not match email on file for {username}!",
                status=406,
                mimetype='application/json')
        id = response.json()[0]['id']
        password = Helper.GeneratePassword()
        msg = Message('Hello from appdomainteam3!', recipients=[email])
        msg.body = f"Hello, your login for appdomainteam3 is:\nUsername: {username}\nPassword: {password}"
        mail.send(msg)
        password = generate_password_hash(password)
        engine.execute(
            f"""UPDATE Users SET hashed_password = '******' WHERE id = {id}; INSERT INTO Passwords (id, password) VALUES ({id}, '{password}');"""
        )

        message = 'Used forgot password function'
        data = {
            'SessionUserID': sessionUserID,
            'UserID': id,
            'AccountNumber': 0,
            'Amount': 0,
            'Event': message
        }
        requests.post(f"{api_url}/events/create", json=data)

        return Response(f"Temporary password sent!",
                        status=200,
                        mimetype='application/json')