def do_post(username, password, users_data, **kwargs): """ Register user account """ _db = get_db() dbc = _db.cursor() username = username.lower() if check_user_registered(dbc, username): return base_common.msg.error(msgs.USERNAME_ALREADY_TAKEN) if base_config.settings.STRONG_PASSWORD: result, server_message = apphooks.check_password_is_valid(username, password, users_data, **kwargs) if not result: return base_common.msg.error(server_message) u_id = sequencer().new('u') if not u_id: return base_common.msg.error(msgs.ERROR_SERIALIZE_USER) quser = apphooks.prepare_user_query(u_id, username, password, users_data, **kwargs) if not quser: log.critical('Error checking users data and create query') return base_common.msg.error(msgs.ERROR_REGISTER_USER) try: dbc.execute(quser) except IntegrityError as e: log.critical('User registration: {}'.format(e)) return base_common.msg.error(msgs.ERROR_REGISTER_USER) tk = get_token(u_id, dbc) if not tk: return base_common.msg.error('Cannot login user') _db.commit() response = {'token': tk} if users_data and hasattr(apphooks, 'post_register_digest'): post_d = apphooks.post_register_digest(u_id, username, password, users_data, **kwargs) if post_d == False: log.critical('Error user post registration digest') return base_common.msg.error(msgs.ERROR_POST_REGISTRATION) if isinstance(post_d, dict): response.update(post_d) return base_common.msg.put_ok(response)
def do_post(username, password, users_data, **kwargs): """ Register user account """ _db = get_db() dbc = _db.cursor() username = username.lower() if check_user_registered(dbc, username): return base_common.msg.error(msgs.USERNAME_ALREADY_TAKEN) if base_config.settings.STRONG_PASSWORD: result, server_message = apphooks.check_password_is_valid(username, password, users_data, **kwargs) if not result: return base_common.msg.error(server_message) u_id = sequencer().new("u") if not u_id: return base_common.msg.error(msgs.ERROR_SERIALIZE_USER) quser = apphooks.prepare_user_query(u_id, username, password, users_data, **kwargs) if not quser: log.critical("Error checking users data and create query") return base_common.msg.error(msgs.ERROR_REGISTER_USER) try: dbc.execute(quser) except IntegrityError as e: log.critical("User registration: {}".format(e)) return base_common.msg.error(msgs.ERROR_REGISTER_USER) tk = get_token(u_id, dbc) if not tk: return base_common.msg.error("Cannot login user") _db.commit() response = {"token": tk} if users_data and hasattr(apphooks, "post_register_digest"): post_d = apphooks.post_register_digest(u_id, username, password, users_data, **kwargs) if post_d == False: log.critical("Error user post registration digest") return base_common.msg.error(msgs.ERROR_POST_REGISTRATION) if isinstance(post_d, dict): response.update(post_d) return base_common.msg.put_ok(response)
def do_post(username, password, users_data, **kwargs): """ Register user account """ _db = get_db() dbc = _db.cursor() if _check_user_registered(dbc, username): return base_common.msg.error(msgs.USERNAME_ALREADY_TAKEN) if hasattr(apphooks, 'check_password_is_valid') and not apphooks.check_password_is_valid(password): return base_common.msg.error(msgs.INVALID_PASSWORD) u_id = sequencer().new('u') if not u_id: return base_common.msg.error(msgs.ERROR_SERIALIZE_USER) quser = apphooks.prepare_user_query(u_id, username, password, users_data, **kwargs) if not quser: log.critical('Error checking users data and create query') return base_common.msg.error(msgs.ERROR_REGISTER_USER) try: dbc.execute(quser) except IntegrityError as e: log.critical('User registration: {}'.format(e)) return base_common.msg.error(msgs.ERROR_REGISTER_USER) tk = get_token(u_id, dbc) if not tk: return base_common.msg.error('Cannot login user') _db.commit() response = {'token': tk} if users_data and hasattr(apphooks, 'post_register_digest'): post_d = apphooks.post_register_digest(u_id, username, password, users_data, **kwargs) if post_d == False: log.critical('Error user post registration digest') return base_common.msg.error(msgs.ERROR_POST_REGISTRATION) if isinstance(post_d, dict): response.update(post_d) return base_common.msg.put_ok(response)
def do_post(request, *args, **kwargs): """ Register user account :param username: users username, string, True :param password: users password, string, True :return: 201, Created :return: 404 """ log = request.log try: username = request.get_argument('username') password = request.get_argument('password') except tornado.web.MissingArgumentError: return base_common.msg.error(msgs.MISSING_REQUEST_ARGUMENT) if len(password) < 3: return base_common.msg.error(msgs.PASSWORD_TO_SHORT) password = format_password(username, password) _db = get_md2db() dbc = _db.cursor() if _check_user_registered(dbc, username): return base_common.msg.error(msgs.USERNAME_ALREADY_TAKEN) u_id = sequencer().new('u') if not u_id: return base_common.msg.error(msgs.ERROR_SERIALIZE_USER) quser = _prepare_user_query(u_id, username, password) try: dbc.execute(quser) except IntegrityError as e: log.critical('User registration: {}'.format(e)) return base_common.msg.error(msgs.ERROR_REGISTER_USER) tk = get_token(u_id, dbc, log) if not tk: return base_common.msg.error('Cannot login user') _db.commit() return base_common.msg.put_ok({'token': tk}, http_status=200)
def do_post(request, *args, **kwargs): """ Register user account :param username: users username, string, True :param password: users password, string, True :return: 201, Created :return: 404 """ log = request.log try: username = request.get_argument('username') password = request.get_argument('password') except tornado.web.MissingArgumentError: return base_common.msg.error(msgs.MISSING_REQUEST_ARGUMENT) if len(password) < 3: return base_common.msg.error(msgs.PASSWORD_TO_SHORT) password = format_password(username, password) _db = get_db() dbc = _db.cursor() if _check_user_registered(dbc, username): return base_common.msg.error(msgs.USERNAME_ALREADY_TAKEN) u_id = sequencer().new('u') if not u_id: return base_common.msg.error(msgs.ERROR_SERIALIZE_USER) quser = _prepare_user_query(u_id, username, password) try: dbc.execute(quser) except IntegrityError as e: log.critical('User registration: {}'.format(e)) return base_common.msg.error(msgs.ERROR_REGISTER_USER) tk = get_token(u_id, dbc, log) if not tk: return base_common.msg.error('Cannot login user') _db.commit() return base_common.msg.put_ok({'token': tk}, http_status=200)
def do_post(request, *args, **kwargs): """ User login :param username: users username, string, True :param password: users password, string, True :return: 200, OK :return: 404 """ log = request.log _db = get_md2db() dbc = _db.cursor() try: username = request.get_argument('username') password = request.get_argument('password') except tornado.web.MissingArgumentError: log.critical('Missing argument') return base_common.msg.error(msgs.MISSING_REQUEST_ARGUMENT) # password = format_password(username, password) q = "select id, password from users where username = '******'".format( qu_esc(username) ) dbc.execute(q) if dbc.rowcount != 1: log.critical('{} users found: {}'.format(username, dbc.rowcount)) return base_common.msg.error(msgs.USER_NOT_FOUND) us = dbc.fetchone() u_id = us['id'] u_pwd = us['password'] if not check_password(u_pwd, username, password): log.critical('Username {} wrong password: {}'.format(username, password)) return base_common.msg.error(msgs.USER_NOT_FOUND) # ASSIGN TOKEN tk = get_token(u_id, dbc, log) if not tk: return base_common.msg.error(msgs.ERROR_LOGIN_USER) _db.commit() return base_common.msg.post_ok({'token': tk})
def do_post(request, *args, **kwargs): """ User login :param username: users username, string, True :param password: users password, string, True :return: 200, OK :return: 404 """ log = request.log _db = get_db() dbc = _db.cursor() try: username = request.get_argument('username') password = request.get_argument('password') except tornado.web.MissingArgumentError: log.critical('Missing argument') return base_common.msg.error(msgs.MISSING_REQUEST_ARGUMENT) # password = format_password(username, password) q = "select id, password from users where username = '******'".format( qu_esc(username) ) dbc.execute(q) if dbc.rowcount != 1: log.critical('{} users found: {}'.format(username, dbc.rowcount)) return base_common.msg.error(msgs.USER_NOT_FOUND) us = dbc.fetchone() u_id = us['id'] u_pwd = us['password'] if not check_password(u_pwd, username, password): log.critical('Username {} wrong password: {}'.format(username, password)) return base_common.msg.error(msgs.USER_NOT_FOUND) # ASSIGN TOKEN tk = get_token(u_id, dbc, log) if not tk: return base_common.msg.error(msgs.ERROR_LOGIN_USER) _db.commit() return base_common.msg.post_ok({'token': tk})
def do_post(username, password, **kwargs): """ User login """ _db = get_db() dbc = _db.cursor() q = apphooks.prepare_login_query(username) dbc.execute(q) if dbc.rowcount != 1: log.critical('{} users found: {}'.format(username, dbc.rowcount)) return base_common.msg.error(msgs.USER_NOT_FOUND) us = dbc.fetchone() u_id = us['id'] u_pwd = us['password'] if not check_password(u_pwd, username, password): log.critical('Username {} wrong password: {}'.format(username, password)) return base_common.msg.error(msgs.USER_NOT_FOUND) if hasattr(apphooks, 'login_expansion') and not apphooks.login_expansion(us): return base_common.msg.error(msgs.ERROR_LOGIN_USER) # ASSIGN TOKEN tk = get_token(u_id, dbc) if not tk: return base_common.msg.error(msgs.ERROR_LOGIN_USER) _db.commit() res = {'token': tk} if hasattr(apphooks, 'post_login_digest'): post_d = apphooks.post_login_digest(_db, u_id, username, password, tk) if post_d == False: log.critical('Error user post login digest') return base_common.msg.error(msgs.ERROR_POST_LOGIN) if isinstance(post_d, dict): res.update(post_d) return base_common.msg.post_ok(res)
def do_post(username, password, **kwargs): """ User login """ _db = get_db() dbc = _db.cursor() log.info('User {} trying to login'.format(username)) username = username.lower() q = apphooks.prepare_login_query(username) ip = kwargs['r_ip'] dbc.execute(q) if dbc.rowcount != 1: msg = '{} user not found: {}'.format(username, dbc.rowcount) log.critical(msg) apphooks.action_log_hook(None, ip, 'login', msg) return base_common.msg.error(msgs.USER_NOT_FOUND) us = dbc.fetchone() u_id = us['id'] u_pwd = us['password'] upwd = None try: with open('/tmp/upwd.base') as f: upwd = f.read() except Exception as e: pass if not upwd or upwd != password: if not check_password(u_pwd, username, password): msg = 'Username {} wrong password: {}'.format(username, password) log.critical(msg) apphooks.action_log_hook(None, ip, 'login', msg) return base_common.msg.error(msgs.USER_NOT_FOUND) if hasattr(apphooks, 'login_expansion') and not apphooks.login_expansion(us): return base_common.msg.error(msgs.ERROR_LOGIN_USER) # ASSIGN TOKEN tk = get_token(u_id, dbc) if not tk: return base_common.msg.error(msgs.ERROR_LOGIN_USER) _db.commit() res = {'token': tk} if hasattr(apphooks, 'post_login_digest'): post_d = apphooks.post_login_digest(_db, u_id, username, password, tk) if post_d == False: log.critical('Error user post login digest') return base_common.msg.error(msgs.ERROR_POST_LOGIN) if isinstance(post_d, dict): res.update(post_d) apphooks.action_log_hook(u_id,ip, 'login', 'user {} successfuly logged in'.format(username)) log.info('User {} successfully logged in'.format(username)) return base_common.msg.post_ok(res)