def get_plot_data(user_id=None, token=None): """ :param: category of analysis ie blocked/(unblocked/warned) :parameter: user_id: the user making the request :parameter: token: the user token for each request :rtype: object """ f = do_get_auth(user_id, token) if not isinstance(f, bool): return f else: if f is not True: return make_response(jsonify({"error": 'Invalid User id.', "data": False}), 200) ips = get_plots().find({}) if ips: ibl_list = [] for x in ips: x['id'] = x['_id'] del x['_id'] ibl_list.append(x) create_log(find_user(user_id), request, "retrieved analysis data", LOG_USER_TYPE) return make_response(jsonify({"error": False, "token": get_request_token(user_id), "data": json.dumps(ibl_list, cls=JSONEncoder)}), 200) return make_response(jsonify({"error": False, "token": get_request_token(user_id), "data": False}), 200)
def delete_logs(user_id, log_type="user", retain=None, token=None): """ :param token: :param user_id :param log_type :param retain :rtype: object """ f = do_get_auth(user_id, token) if not isinstance(f, bool): return f else: if f is not True: return make_response( jsonify({ "error": 'Invalid User id.', "data": False }), 200) logs = get_logs() try: """ To change this so that deleting is limited to certain date to use retain """ data = logs.delete_many({ 'type': log_type, "lastAccessTime": { "$lt": "2018-04-03 19:33:53" } }) if not data or data.deleted_count < 1: return make_response( jsonify({ "error": 'Unable to delete records. No records found ', "token": get_request_token(user_id), "data": False })) user = find_user(_id=user_id) if user: create_log(user, request, "accessed " + log_type + " logs", LOG_SYSTEM_TYPE) except IndexError: return make_response( jsonify({ "error": 'No data found for deletion', "token": get_request_token(user_id), "data": False })) return make_response( jsonify({ "error": False, "token": get_request_token(user_id), "data": data.deleted_count }))
def fetch_logs(user_id=None, log_type="user", token=None): """ :param token: :param user_id :param log_type :return: """ f = do_get_auth(user_id, token) if not isinstance(f, bool): return f else: if f is not True: return make_response( jsonify({ "error": 'Invalid User id.', "data": False }), 200) logs = get_logs() try: user = find_user(_id=user_id) if user: create_log(user, request, "accessed " + log_type + " logs", LOG_SYSTEM_TYPE) data = logs.find({ 'type': log_type }, { '_id': 0 }).sort("lastAccessTime", -1) if not data or data.count() < 1: return make_response( jsonify({ "error": 'No logs found..', "token": get_request_token(user_id), "data": False })) data = [x for x in data] except IndexError: return make_response( jsonify({ "error": 'No data found', "token": get_request_token(user_id), "data": False })) return make_response( jsonify({ "error": False, "token": get_request_token(user_id), "data": data }))
def change_password(): """ :parameter: request request: {user_id, token, old_password, new_password, new_password_verify} :rtype: object """ user_id = request.json['user_id'] cond = ("old_password", "new_password", "new_password_verify") if not all(val in request.json.keys() for val in cond): return make_response( jsonify({ "error": 'Some data was missing in the submitted request. ', "token": get_request_token(user_id), "data": False }), 200) user = find_user(user_id) if not user: return make_response( jsonify({ "error": 'Could not find this user. Please logout and in again', "token": get_request_token(user_id), "data": False }), 200) if not request.json['new_password'] == request.json['new_password_verify']: return make_response( jsonify({ "error": 'Passwords do not match.', "token": get_request_token(user_id), "data": False }), 200) if verify_password(request.json['old_password'], user['password']): get_users().update_one({"email": user['email']}, { "$set": { "password": hash_password(request.json['new_password']) } }) create_log(find_user(user_id), request, "changed his password", LOG_USER_TYPE) return make_response( jsonify({ "error": False, "token": get_request_token(user_id), "data": "Password change has been successful." }), 200) return make_response( jsonify({ "error": "Old password is not valid. please correct it.", "token": get_request_token(user_id), "data": False }), 200)
def update_user(): """ :parameter: request request {user_id, token, user:object} user: object{update_user_id, username, first_name, last_name, status } :return: """ user_id = request.json['user_id'] if "update_user_id" not in request.json: return make_response( jsonify({ "error": "User update cannot be performed due to required missing " "field(update_user_id)", "token": get_request_token(user_id), "data": False }), 200) update_user_id = request.json['update_user_id'] cond = ("username", "first_name", "last_name", "status") updates = {} for ob in cond: if ob in request.json: updates[ob] = request.json[ob] if not updates: return make_response( jsonify({ "error": "Update was unsuccessful. No valid updates provided", "token": get_request_token(user_id), "data": False }), 200) if not find_user(update_user_id): return make_response( jsonify({ "error": "Could not find the user you want to update", "token": get_request_token(user_id), "data": False }), 200) users = get_users() users.find_one_and_update({"_id": ObjectId(update_user_id)}, {"$set": updates}, upsert=True) return make_response( jsonify({ "error": False, "token": get_request_token(user_id), "data": "User update has been successful." }), 200)
def redirect_domain_handle(): user_id = request.json['user_id'] if "domain" not in request.json: return make_response(jsonify({"error": 'Incorrect data sent to server. domain is missing', "token": get_request_token(user_id), "data": False}), 200) domain = request.json['domain'] res = get_domains().find_one_and_update({"_id": domain}, {"redirected": True}) if not res: return make_response(jsonify({"error": "Could not find the domain specified.", "token": get_request_token(user_id), "data": False}), 200) redirect_domain(domain) return make_response(jsonify({"error": False, "token": get_request_token(user_id), "data": "Domain {0} has been zoned for redirection.".format(domain)}), 200)
def deactivate_user(email, user_id=None, token=None): """ :parameter: user_id: the user making the request :parameter: email: the email of user to deactivate :parameter: token: the user token for each request :rtype: object """ f = do_get_auth(user_id, token) if not isinstance(f, bool): return f else: if f is not True: return make_response( jsonify({ "error": 'Invalid User id.', "data": False }), 200) email = email.replace('-', '@') if not validate_email(email): return make_response( jsonify({ "error": "Email is invalid. ex. [email protected]", "token": get_request_token(user_id), "data": False }), 200) if deactivate_user_status(email): create_log(find_user(user_id), request, "deactivated an account of {0}".format(email), LOG_USER_TYPE) return make_response( jsonify({ "error": False, "token": get_request_token(user_id), "data": "User has been deactivated successfully" }), 200) return make_response( jsonify({ "error": "Sorry. Could not deactivate user. Something happened", "token": get_request_token(user_id), "data": False }), 200)
def fetch_single_user(user_email_id, user_id=None, token=None): """ :parameter: user_id: the user making the request :parameter: token: the user token for each request :param: user_email_id: user id to update :rtype: object """ f = do_get_auth(user_id, token) if not isinstance(f, bool): return f else: if f is not True: return make_response( jsonify({ "error": 'Invalid User id.', "data": False }), 200) if not user_email_id or not len(user_email_id) == 24: return make_response( jsonify({ "error": 'A valid User id is required', "token": get_request_token(user_id), "data": False }), 200) user = find_user(user_email_id) if user: user['id'] = user['_id'] del user['_id'] del user['password'] create_log(find_user(user_id), request, "retrieved user data", LOG_USER_TYPE) return make_response( jsonify({ "error": False, "token": get_request_token(user_id), "data": json.dumps(user, cls=JSONEncoder) }), 200) return make_response( jsonify({ "error": "Could not find the requested user.", "token": get_request_token(user_id), "data": False }), 200)
def confirm_email(token): """ :param token :rtype: object """ if not token: return make_response( jsonify({ "error": "Confirmation link is invalid or has expired.", "data": False }), 200) email = confirm_token(token) users = get_users() user = users.find_one({"email": email}) if user: if user['confirmed'] is True: return make_response( jsonify({ "error": False, "token": get_request_token(user['_id']), "data": "Account already confirmed. Please login" }), 200) else: users.update_one({"email": email}, { "$set": { "status": "active", "confirmation_token": "", "confirmed": True, "confirmed_on": make_date_time() } }) return make_response( jsonify({ "error": False, "token": get_request_token(user['_id']), "data": "You have confirmed your account! Thanks" }), 200) return make_response( jsonify({ "error": "Confirmation link is invalid or has expired.", "data": False }), 200)
def blocked_or_warned(category=None, order=None, user_id=None, token=None): """ :param token: :param user_id: :param category: category of analysis ie blocked/(unblocked/warned) :param order: order of the category: ie network or ip :parameter: user_id: the user making the request :parameter: token: the user token for each request :rtype: object """ f = do_get_auth(user_id, token) if not isinstance(f, bool): return f else: if f is not True: return make_response(jsonify({"error": 'Invalid User id.', "data": False}), 200) if not category or not order: return make_response(jsonify({"error": False, "token": get_request_token(user_id), "data": False}), 200) ips = None if category == "warned" or category == "unblocked": if order == "ip": ips = get_warned_by_ip().find({}) elif order == "network": ips = get_warned_by_network().find({}) elif category == "blocked": if order == "ip": ips = get_blocked_by_ip().find({}) elif order == "network": ips = get_blocked_by_network().find({}) if ips: ibl = ips.sort([("block_date", DESCENDING), ("attempts", ASCENDING)]) ibl_list = [] for x in ibl: x['id'] = x['_id'] del x['_id'] ibl_list.append(x) create_log(find_user(user_id), request, "retrieved analysis data", LOG_USER_TYPE) return make_response(jsonify({"error": False, "token": get_request_token(user_id), "data": json.dumps(ibl_list, cls=JSONEncoder)}), 200) return make_response(jsonify({"error": False, "token": get_request_token(user_id), "data": False}), 200)
def activate_user(): """ :parameter: user_id: the user making the request :parameter: email: the email of user to activate :parameter: token: the user token for each request :rtype: object """ keys = ("email", "user_id") user_id = request.json['user_id'] email = request.json['email'] if not set(keys).issubset(set(request.json)): return make_response( jsonify({ "error": 'Some fields are missing', "token": get_request_token(user_id), "data": False }), 200) if not validate_email(email): return make_response( jsonify({ "error": "Email is invalid. ex. [email protected]", "token": get_request_token(user_id), "data": False }), 200) if activate_user_status(email): create_log(find_user(user_id), request, "Activated account of {0}".format(email), LOG_USER_TYPE) return make_response( jsonify({ "error": False, "token": get_request_token(user_id), "data": "User has been activated successfully" }), 200) return make_response( jsonify({ "error": "Sorry. Could not activate user. Something happened", "token": get_request_token(user_id), "data": False }), 200)
def update_settings(): user_id = request.json['user_id'] if "settings" not in request.json: return make_response(jsonify({"error": 'Incorrect data sent to server. settings are missing', "token": get_request_token(user_id), "data": False}), 200) settings = request.json['settings'] if not isinstance(settings, dict): return make_response(jsonify({"error": 'a settings dictionary was expected but got {0}'.format(type(settings)), "token": get_request_token(user_id), "data": False}), 200) res = save_settings(settings) if not res: return make_response(jsonify({"error": "Could not update settings. Try again later", "token": get_request_token(user_id), "data": False}), 200) return make_response(jsonify({"error": False, "token": get_request_token(user_id), "data": "Settings have been updated successfully."}), 200)
def fetch_all_users(user_id=None, token=None): """ :parameter: user_id: the user making the request :parameter: token: the user token for each request :rtype: object """ f = do_get_auth(user_id, token) if not isinstance(f, bool): return f else: if f is not True: return make_response( jsonify({ "error": 'Invalid User id.', "data": False }), 200) users = get_users().find({}) if users: users = users.sort([("status", ASCENDING), ("first_name", ASCENDING), ("last_name", ASCENDING)]) user_list = [] for x in users: x['id'] = x['_id'] del x['_id'] del x['password'] user_list.append(x) create_log(find_user(user_id), request, "retrieved user data", LOG_USER_TYPE) return make_response( jsonify({ "error": False, "token": get_request_token(user_id), "data": json.dumps(user_list, cls=JSONEncoder) }), 200) return make_response( jsonify({ "error": False, "token": get_request_token(user_id), "data": False }), 200)
def block_ip(): user_id = request.json['user_id'] if "data" not in request.json: return make_response(jsonify({"error": 'No data sent to server', "token": get_request_token(user_id), "data": False}), 200) data = request.json['data'] if not isinstance(data, dict): return make_response(jsonify({"error": 'Data is not json formatted.', "token": get_request_token(user_id), "data": False}), 200) keys = ("ip", "network") if not set(keys).issubset(set(data)): return make_response(jsonify({"error": 'the data submitted must contain both the `ip` and `network` fields ', "token": get_request_token(user_id), "data": False}), 200) ip, network = validate_ips(ip=data['ip'], network=data['network']) if not ip or not network: return make_response(jsonify({"error": 'Invalid address has been forwarded. please check your data.', "token": get_request_token(user_id), "data": False}), 200) net_data = get_warned_by_network().find_one({"source_ip": ip, "source_network": network}) feed = [] if net_data and len(net_data) > 0: feed.clear() feed.append(net_data) block_all(networks=feed) else: ip_data = get_warned_by_ip().find_one({"source_ip": ip, "source_network": network}) if ip_data and len(ip_data) > 0: feed.clear() feed.append(ip_data) block_all(ips=feed) else: return make_response(jsonify({"error": False, "token": get_request_token(user_id), "data": "Cant find this record. Unable to take action on the provided data."}), 200) return make_response(jsonify({"error": False, "token": get_request_token(user_id), "data": "Address has been black-listed "}), 200)
def unblock_network(): user_id = request.json['user_id'] if "network" not in request.json: return make_response(jsonify({"error": 'Incorrect data sent to server. network value is missing', "token": get_request_token(user_id), "data": False}), 200) ip, network = validate_ips(network=request.json['network']) if not network: return make_response(jsonify({"error": 'Invalid network address', "token": get_request_token(user_id), "data": False}), 200) fn = get_blocked_by_ip().find({"source_network": network}) if fn and fn.count() > 0: unblock_all(ips=list(fn)) fn_2 = get_blocked_by_network().find({"source_network": network}) if fn_2 and fn_2.count() > 0: unblock_all(ips=list(fn_2)) return make_response(jsonify({"error": False, "token": get_request_token(user_id), "data": "Network `{0}` has been white-listed ".format(network)}), 200)
def block_by_country(country=None, user_id=None, token=None): f = do_get_auth(user_id, token) if not isinstance(f, bool): return f else: if f is not True: return make_response(jsonify({"error": 'Invalid User id.', "data": False}), 200) if not country or not len(country.strip()) == 2: return make_response(jsonify({"error": 'Incorrect data sent to server', "token": get_request_token(user_id), "data": False}), 200) block_all(by_country=country) return make_response(jsonify({"error": False, "token": get_request_token(user_id), "data": "Country `{0}` has been black-listed ".format(country)}), 200)
def get_global_notifications(user_id=None, token=None): """ :param: category of analysis ie blocked/(unblocked/warned) :parameter: user_id: the user making the request :parameter: token: the user token for each request :rtype: object """ f = do_get_auth(user_id, token) if not isinstance(f, bool): return f else: if f is not True: return make_response(jsonify({"error": 'Invalid User id.', "data": False}), 200) ips = get_new_global_alerts() return make_response(jsonify({"error": False, "token": get_request_token(user_id), "data": json.dumps(ips, cls=JSONEncoder)}), 200)
def fetch_domains(user_id, token): """ :param: category of analysis ie blocked/(unblocked/warned) :parameter: user_id: the user making the request :parameter: token: the user token for each request :rtype: object """ f = do_get_auth(user_id, token) if not isinstance(f, bool): return f else: if f is not True: return make_response(jsonify({"error": 'Invalid User id or token', "data": False}), 200) ips = get_domains().find() data = [] for d in ips: data.append(d) return make_response(jsonify({"error": False, "token": get_request_token(user_id), "data": json.dumps(data, cls=JSONEncoder)}), 200)
def confirm_password_reset(): """ request: {forgot__token, new_password, new_password_verify} :return: """ if not request or not request.json: return not_json_request() cond = ("forgot_token", "new_password", "new_password_verify") if not all(val in request.json.keys() for val in cond): return make_response( jsonify({ "error": 'Some data was missing in the submitted request. ', "token": "", "data": False }), 200) token = request.json['forgot_token'] password = request.json['new_password'] password_2 = request.json['new_password_verify'] email = confirm_token(token) if not email: return make_response( jsonify({ "error": 'This token has already expired. please request a new token', "token": "", "data": False }), 200) user = find_user(email=email) if not user or ("forgot_token" not in user) or not (user['forgot_token'] == token): return make_response( jsonify({ "error": 'Could not find this user. The token you provided could be corrupt', "token": "", "data": False }), 200) if not password == password_2: return make_response( jsonify({ "error": 'Passwords do not match.', "token": "", "data": False }), 200) update = get_users().find_one_and_update( {"email": email}, {"$set": { "forgot_token": "", "password": hash_password(password) }}) if update: create_log(find_user(email=email), request, "Reset his password", LOG_USER_TYPE) return make_response( jsonify({ "error": False, "token": get_request_token(user['_id']), "data": "Password change has been successful. You can now login." }), 200) return make_response( jsonify({ "error": "Password reset Failed. Consult the admin.", "token": "", "data": False }), 200)
def login(): if not request.is_json or not (request.json.keys() & {"username", "password"}): return make_response( jsonify({ "error": 'request is missing information', "data": False }), 200) username = request.json['username'] password = request.json['password'] if not username or not password: return make_response( jsonify({ "error": 'required fields are not provided', "data": False }), 200) try: users = get_users() user = users.find_one( {"$or": [{ "username": username }, { "email": username }]}) if not user: return make_response( jsonify({ "error": 'Wrong username', "data": False }), 200) if not verify_password(password, user['password']): return make_response( jsonify({ "error": 'Invalid user credentials', "data": False })) if 'status' not in user.keys() or not user['status'] == "active": return make_response( jsonify({ "error": 'Access denied. User was deactivated.', "data": False }), 200) user['id'] = user['_id'] del user['_id'] del user['password'] if user_has_session(user['id']): if is_session_active(user_id=user['id']): return make_response( jsonify({ "error": False, "data": "already logged in", "token": get_request_token(user['id']), "user": json.dumps(user, cls=JSONEncoder) }), 200) return session_expired() session['username'] = user['username'] session['email'] = user['email'] session['is_logged_in'] = True session['user_id'] = user['id'] session['token'] = generate_token() session['expiration'] = make_date_time(SESSION_LIFETIME) update_last_login(user['email']) create_log(user, request, "Logged in", LOG_USER_TYPE) except IndexError: return make_response(jsonify({ "error": 'No data found', "data": False })) return make_response( jsonify({ "error": False, "token": session["token"], "data": json.dumps(user, cls=JSONEncoder) }))
def add_user(): """ :parameter: user_id: the user making the request :parameter: token: the user token for each request :param: request request: POST {first_name, last_name, email, username, password, password_verify, user_id, token} :return: """ keys = ("username", "password", "password_verify", "first_name", "last_name", "email", "user_id") user_id = request.json['user_id'] if not set(keys).issubset(set(request.json)): return make_response( jsonify({ "error": 'Some fields are missing', "token": get_request_token(user_id), "data": False }), 200) username = request.json['username'] password = request.json['password'] password_verify = request.json['password_verify'] email = request.json['email'] first_name = request.json['first_name'] last_name = request.json['last_name'] if not validate(username, 1): return make_response( jsonify({ "error": 'Username should only contain letters', "token": get_request_token(user_id), "data": False }), 200) if not validate_email(email): return make_response( jsonify({ "error": "Email is invalid. ex. [email protected]", "token": get_request_token(user_id), "data": False }), 200) if user_exists(email): return make_response( jsonify({ "error": "Email already in used. Use another email", "token": get_request_token(user_id), "data": False }), 200) if not password == password_verify: return make_response( jsonify({ "error": 'Passwords do not match.', "token": get_request_token(user_id), "data": False }), 200) if not validate_password(password, 6): return make_response( jsonify({ "error": 'Password should only be alphanumeric and min length 6', "token": get_request_token(user_id), "data": False }), 200) """ Need to implement permissions on each user add permissions object/dict """ conf_token = generate_confirmation_token(email) user_object = { "username": username, "first_name": first_name, "last_name": last_name, "email": email, "password": hash_password(password), "status": "pending", "confirmation_token": conf_token, "confirmed_on": "", "confirmed": False } mess = EMAIL_CONFIRM_LINK + conf_token + "/" mess = "<b style='color: blue'>Use this link to activate your account :</b> " \ "<br> <br> <a href='" + mess + "' target='_blank' >" + mess + "</a>" if not send_mail(email, mess): return make_response( jsonify({ "error": "Unable to create user, failed to send an email to this user. " "Cant connect to mail server.", "token": get_request_token(user_id), "data": False }), 200) if create_user(user_object): us = find_user(request.json['user_id']) create_log(us, request, "Added new user", LOG_USER_TYPE) return make_response( jsonify({ "error": False, "token": get_request_token(user_id), "data": "New user has been created. User should confirm his/her" " email by visiting the link sent to him." }), 200) return make_response( jsonify({ "error": "Something went wrong. Unable to create new user.", "token": get_request_token(user_id), "data": False }), 200)