def update(cls, url, target_usr, token, update_data, Etag): auth = security.authorize(url=url, method="PUT", token=token, target_usr=target_usr) logger.debug("auth: " + str(auth)) if auth: cur_usr_info = user_svc.get_by_email(target_usr) cur_usr_info = json.dumps(cur_usr_info, sort_keys=True) logger.debug("cur_usr_info: " + str(cur_usr_info)) etag = security.ETag(Etag=Etag, cur_usr_info=cur_usr_info) if etag: hashed_pw = security.hash_password( {"password": update_data['password']}) update_data["password"] = hashed_pw logger.debug("************" + str(update_data["password"])) try: result = user_svc.update_user(update_data, target_usr) s_info = user_svc.get_by_email(update_data['email']) tok = security.generate_token(s_info) return "success", tok, s_info except: return "exception", None, None else: return "Content Conflict", None, None else: return "No authentication", None, None
def register(cls, data): hashed_pw = security.hash_password({"password": data['password']}) data["password"] = hashed_pw result = user_svc.create_user(data) s_info = user_svc.get_by_email(data['email']) tok = security.generate_token(s_info) return result, tok
def update_user(cls, email, data): # hash password before updating if 'password' in data: data['password'] = security.hash_password({"password" : data['password']}) if 'status' in data: print('updating status to', data['status']) result = UsersRDB.update_user(email=email, data=data) return result
def login(cls, login_info): test = security.hash_password({"password" : login_info['password']}) s_info = user_svc.get_by_email(login_info['email']) if test == s_info['password'].encode(): tok = security.generate_token(s_info) return tok else: return False
def login(cls, login_info): test = security.hash_password({"password": login_info['password']}) s_info = user_svc.get_by_email(login_info['email']) if s_info is None: return None, None if str(test) == s_info['password']: etag = security.generate_etag(s_info) tok = security.generate_token(s_info) return tok, etag else: return None, None
def login(cls, login_info): # Why hash that? Is that password informal? test = security.hash_password({"password" : login_info['password']}) # test = login_info['password'] logger.debug("LOGIN_INFO" + str(test)) s_info = user_svc.get_by_email(login_info['email']) logger.debug("SLOGIN_INFO" + str(s_info)) test = str(test) if s_info and str(test) == s_info['password']: tok = security.generate_token(s_info) return tok, s_info else: return False
def t2(): pwd = security.hash_password({"password": '******'}) usr = { "last_name": "Baggins", "first_name": "Frodo", "id": str(uuid.uuid4()), "email": "*****@*****.**", "status": "PENDING", "password": pwd } res = UsersRDB.create_user(user_info=usr)
def register(cls, data): hashed_pw = security.hash_password({"password" : data['password']}) data["password"] = hashed_pw try: result = user_svc.create_user(data) logger.debug("CREATE RESULT: " + str(result)) s_info = user_svc.get_by_email(data['email']) logger.debug("CREATE S_INFO: " + str(s_info)) tok = security.generate_token(s_info) logger.debug("CREATE TOK: " + str(tok)) return tok, s_info except Exception as e: logger.error("CREATE ERROR: " + str(e)) return None
def user_email(email): global _user_service inputs = log_and_extract_input(demo, {"parameters": email}) logging.debug(inputs) rsp_data = None rsp_status = None rsp_txt = None try: user_service = _get_user_service() auth_service = _get_authentication_service() logger.debug("/email: _user_service = " + str(user_service)) if inputs["method"] == "GET": rsp = user_service.get_by_email(email) if rsp is not None: rsp_json = json.dumps(rsp, sort_keys=True) logger.debug("RSP_JSON: " + str(rsp_json)) para = inputs["query_params"] usr_first_name = para["usr_first_name"] usr_last_name = para["usr_last_name"] token = para["token"] ETag = security_middleware.hash_password({"Etag": rsp_json}) first_name = rsp['first_name'] last_name = rsp['last_name'] email = rsp['email'] usrid = rsp['id'] rsp_data = render_template("profile.html", usr_first_name=usr_first_name, usr_last_name=usr_last_name, search_first_name=first_name, search_last_name=last_name, search_email=email, search_id=usrid, token=token, ETag=ETag) rsp_status = 200 rsp_txt = "OK" else: rsp_data = None rsp_status = 404 rsp_txt = "NOT FOUND" if "links" not in rsp: rsp["links"] = [] link_to_profile = linked_data_assembler(rsp["id"]) rsp["links"].append(link_to_profile) elif inputs["method"] == "PUT": # update_data = inputs["body"] para = inputs["form"] token = para["token"] update_data = { "email": para["new_email"], "first_name": para["new_first_name"], "last_name": para["new_last_name"], "password": para["new_password"] } logging.debug("PUT DEBUG: " + str(update_data)) Etag = para["Etag"] rsp = auth_service.update(url="/email", target_usr=email, token=token, update_data=update_data, Etag=Etag) # rsp = user_service.update_user(=update_data, email=email) print(rsp) if rsp[0] == "success": token = rsp[1] first_name = rsp[2]['first_name'] last_name = rsp[2]['last_name'] email = rsp[2]['email'] usrid = rsp[2]['id'] rsp_json = json.dumps(rsp[2], sort_keys=True) logger.debug("RSP_JSON_PUT: " + str(rsp_json)) new_ETag = security_middleware.hash_password( {"Etag": rsp_json}) rsp_data = render_template("profile.html", usr_first_name=first_name, usr_last_name=last_name, search_first_name=first_name, search_last_name=last_name, search_email=email, search_id=usrid, token=token, ETag=new_ETag) rsp_status = 200 rsp_txt = "OK" if "links" not in rsp: rsp["links"] = [] link_to_profile = linked_data_assembler(rsp["id"]) rsp["links"].append(link_to_profile) elif rsp[0] == "Content Conflict": rsp_data = None rsp_status = 409 rsp_txt = "Content Conflict" elif rsp[0] == "No authentication": rsp_data = None rsp_status = 401 rsp_txt = "No authentication" else: rsp_data = None rsp_status = 403 rsp_txt = "CANNOT UPDATE" elif inputs["method"] == "DELETE": para = inputs["form"] token = para["token"] rsp = auth_service.delete(url="/email", target_usr=email, token=token) logger.debug("DELETE RSP: " + str(rsp)) if rsp is not None: rsp_data = rsp rsp_status = 200 rsp_txt = "OK" else: rsp_data = None rsp_status = 403 rsp_txt = "CANNOT DELETE" else: rsp_data = None rsp_status = 501 rsp_txt = "NOT IMPLEMENTED" if rsp_data is not None: full_rsp = make_response(rsp_data) full_rsp.statue = rsp_status full_rsp.content_type = "text/html" # full_rsp = Response(json.dumps(rsp_data, default=str), # status=rsp_status, content_type="application/json") else: full_rsp = Response(rsp_txt, status=rsp_status, content_type="text/plain") except Exception as e: log_msg = "/email: Exception = " + str(e) logger.error(log_msg) rsp_status = 500 rsp_txt = "INTERNAL SERVER ERROR. Please take COMSE6156 -- Cloud Native Applications." full_rsp = Response(rsp_txt, status=rsp_status, content_type="text/plain") log_response("/email", rsp_status, rsp_data, rsp_txt) return full_rsp