def renew_token(device_id, refresh_token):
if device_id and refresh_token:
LOG.info(device_id)
device, status = get_device(device_id, refresh_token)
LOG.info(device)
# LOG.info(device)
if device:
user = User.query.filter_by(id=device.user_id).first()
if user:
auth_token = User.encode_auth_token(
user.id, user.role, user.account_type)
response_object = {
# 'status': 'success',
# 'message': 'Successfully renew token',
'token': auth_token.decode()
}
return build_json_result(response_object, 200,
'Successfully renew token')
else:
return build_json_result(None, 500, 'Can not renew')
else:
return build_json_result(None, 500, 'Can not renew')
else:
return build_json_result(None, 403,
'Provide a valid refresh token.')
def post(self):
post_data = request.get_json(force=True)
isOk, message = update_email(get_data(post_data, 'account_id'),
get_data(post_data, 'email'))
if isOk:
return build_json_result(None, 200, message)
else:
return build_json_result(None, 404, 'Twoja sesja wygasła',
'Your token is invalid')
def get(self, token):
# get auth token
isExist, email = check_token(token)
if isExist:
isOk, message = active_user(email)
if isOk:
return build_json_result(None, 200, message)
else:
return build_json_result(None, 500, message)
else:
return build_json_result(None, 404, 'Twoja sesja wygasła',
'Your token is invalid')
def post(self, account_id):
user = get_a_user(account_id)
if not user:
return build_json_result(None, 404, 'Nie znaleziono użytkownika',
'User not found')
# send_email_by_sendinblue(
# user.email, 'Active your account', build_active_link(user.email, None))
active_token = generate_rand_token()
save_token(active_token, user.email)
send_email_by_sendinblue(
user.email, 'KIDAGO.PL - AKTYWACJA KONTA',
build_active_link(None, active_token, user.role))
return build_json_result(None, 200, 'Wysłano wiadomość email',
'email sent')
def generate_token(user):
try:
# generate the auth token
auth_token = User.encode_auth_token(user.id, user.role)
response_object = {
'user_id': user.id,
# 'status': 'success',
# 'message': 'Successfully registered.',
'token': auth_token.decode()
}
return build_json_result(response_object, 201,
'Successfully registered.')
except Exception as e:
return build_json_result(None, 401,
'Some error occurred. Please try again.')
def logout_user(data, user_id, device_id):
if data:
auth_token = data.split(" ")[1]
else:
auth_token = ''
if auth_token:
delete_device(user_id, device_id)
if save_token_to_black_list(auth_token, user_id):
return build_json_result(None, 200, 'Udane wylogowanie',
'Successfully logged out.')
else:
return build_json_result(None, 500,
'Błąd serwera. Spróbuj jeszcze raz.',
'Server has error')
else:
return build_json_result(None, 403, 'Provide a valid auth token.')
def post(self):
post_data = request.get_json(force=True)
isExist, user = check_email_role(get_data(post_data, 'email'),
get_data(post_data, 'role'))
if isExist:
save_pass_token(token=None, email=get_data(post_data, 'email'))
html_content = build_pass_link(get_data(post_data, 'email'), None,
user.role)
LOG.info(html_content)
send_email_by_sendinblue(get_data(post_data, 'email'),
'Zresetuj hasło', html_content)
return build_json_result(None, 200, 'Wysłano wiadomość email',
'email sent')
else:
return build_json_result(None, 404, 'Nie znaleziono adresu email',
'email not exist')
def save_new_social_user(data):
user = User.query.filter_by(email=data['email']).first()
if not user:
facebook_id = None
google_id = None
full_name = None
avatar = None
if 'facebook_id' in data:
facebook_id = data['facebook_id']
if 'google_id' in data:
google_id = data['google_id']
if 'full_name' in data:
full_name = data['full_name']
if 'avatar' in data:
avatar = data['avatar']
if 'avatar' in data:
avatar = data['avatar']
new_user = User(
email=data['email'],
username=data['username'],
password=data['password'],
registered_on=datetime.datetime.utcnow(),
last_logged=datetime.datetime.utcnow(),
role=data['role'],
account_type=data['account_type'],
facebook_id=facebook_id,
google_id=google_id,
full_name=full_name,
avatar=avatar,
is_active=True,
active_on=datetime.datetime.utcnow(),
)
result = save_changes(new_user)
if not result:
return generate_token(new_user)
else:
return build_json_result(None, 500, result)
else:
response_object = {
'status': 'fail',
'user_id': user.id,
# 'message': 'User already exists. Please Log in.',
}
return build_json_result(
response_object, 409,
'Ten email jest już w naszej bazie. Spróbuj się zalogować.',
'User already exists. Please Log in.')
def get_logged_in_user(new_request):
# get the auth token
auth_token = new_request.headers.get('Authorization')
if auth_token:
resp = User.decode_auth_token(auth_token)
if not isinstance(resp, str):
user = User.query.filter_by(id=resp).first()
data = {
'user_id': user.id,
'email': user.email,
'admin': user.admin,
'registered_on': str(user.registered_on)
}
return build_json_result(data, 200)
return build_json_result(None, 401, resp)
else:
return build_json_result(None, 401, 'Provide a valid auth token.')
def get(self, public_id):
"""get a user given its identifier"""
LOG.error('=================---------------------- get a user..')
user = get_a_user(public_id)
if not user:
api.abort(404, message='Nie znaleziono użytkownika')
else:
return build_json_result(user)
def delete_account_by_id(id):
try:
profile = User.query.filter_by(id=id).first()
if profile:
if not check_owner_resource(id):
return build_json_result(
None, 401, 'You have not permission to access this api')
delete_all_device_by_user(id)
db.session.delete(profile)
db.session.commit()
return build_json_result(None, 200, 'Profile deleted')
else:
return build_json_result(None, 404, 'Profile not found')
except Exception as e:
LOG.exception(e)
db.session.rollback()
return build_json_result(None, 500, e.args)
def get(self):
limit = request.args.get('limit')
offset = request.args.get('offset')
"""List all registered users"""
LOG.error('=================---------------------- getting all user..')
LOG.warning(
'=================---------------------- getting all user..')
LOG.info(request.headers)
return build_json_result(get_all_users(limit, offset))
def post(self, token):
post_data = request.get_json(force=True)
ok, err = change_pass_validate(post_data)
if not ok:
return build_json_error(err, 400, 'Błąd walidacji',
'Validation failed')
isExist, email = check_pass_token(token)
if isExist:
isOk, message = update_password(email,
get_data(post_data, 'password'))
if isOk:
return build_json_result(None, 200, message)
else:
return build_json_result(None, 500, message)
else:
return build_json_result(None, 404, 'Twoja sesja wygasła',
'Your token is invalid')
def save_new_user(data):
user = User.query.filter_by(email=data['email']).first()
if not user or not user.is_active:
if user and not user.is_active:
Device.query.filter_by(user_id=user.id).delete()
User.query.filter_by(email=data['email']).delete()
facebook_id = None
google_id = None
full_name = None
avatar = None
if 'facebook_id' in data:
facebook_id = data['facebook_id']
if 'google_id' in data:
google_id = data['google_id']
if 'full_name' in data:
full_name = data['full_name']
if 'avatar' in data:
avatar = data['avatar']
if 'avatar' in data:
avatar = data['avatar']
new_user = User(email=data['email'],
username=data['username'],
password=data['password'],
registered_on=datetime.datetime.utcnow(),
last_logged=datetime.datetime.utcnow(),
role=data['role'],
account_type=data['account_type'],
facebook_id=facebook_id,
google_id=google_id,
full_name=full_name,
avatar=avatar)
result = save_changes(new_user)
if not result:
return generate_token(new_user)
else:
return build_json_result(None, 500, result)
else:
response_object = {
'user_id': user.id,
# 'status': 'fail',
# 'message': 'User already exists. Please Log in.',
}
return build_json_result(response_object, 409,
'User already exists. Please Log in.')
def post(self):
# get auth token
LOG.debug('%s', request.headers)
LOG.debug('%s', request.args)
LOG.debug('%s', request.form)
LOG.debug('%s', request.values)
post_data = request.get_json(force=True)
LOG.debug('%s', post_data)
auth_header = request.headers.get('Authorization')
return build_json_result('Hello world')
def get(self):
# get auth token
LOG.debug('test log %s', request.headers)
LOG.debug('%s', request.args)
auth_header = request.headers.get('Authorization')
LOG.info('11111111111111111111')
LOG.info('222222222222222222222')
LOG.info('33333333333333333')
LOG.info('4444444444444444444444 \n')
LOG.info('55555555555555555555555555 \n')
return build_json_result('Hello world')
def post(self):
post_data = request.get_json(force=True)
ok, err = change_pass_validate(post_data)
if not ok:
return build_json_error(err, 400, 'Błąd walidacji',
'Validation failed')
isExist, email = check_pass(get_data(post_data, 'account_id'),
get_data(post_data, 'old_password'))
if isExist:
isOk, message = update_password(email,
get_data(post_data, 'password'))
if isOk:
return build_json_result(None, 200, message)
else:
return build_json_result(None, 500, message)
else:
return build_json_result(None, 404, 'Stare haslo jest niepoprawne',
'Your old password is not correct')
def delete_account_by_id(id):
try:
profile = User.query.filter_by(id=id).first()
if profile:
if not check_owner_resource(id):
return build_json_result(
None, 401, 'Nie masz uprawnień dostępu',
'You have not permission to access this api')
delete_all_device_by_user(id)
db.session.delete(profile)
db.session.commit()
return build_json_result(None, 200, 'Profil został skasowany',
'Profile deleted')
else:
return build_json_result(None, 404,
'Nie znaleziono profilu użytkownika',
'Profile not found')
except Exception as e:
# LOG.exception(e)
trace_log()
db.session.rollback()
return build_json_result(None, 500, e.args)
def post(self):
post_data = request.get_json(force=True)
ok, err = send_mail_validate(post_data)
if not ok:
return build_json_error(err, 400, 'Błąd walidacji',
'Validation failed')
user = get_user_by_email(post_data['email'])
# send_email_by_sendinblue(
# post_data['email'], 'Active your account', build_active_link(post_data['email'], None))
active_token = generate_rand_token()
save_token(active_token, post_data['email'])
#'Activate account'
send_email_by_sendinblue(
post_data['email'], 'KIDAGO.PL - AKTYWACJA KONTA',
build_active_link(None, active_token, user.role))
return build_json_result(None, 200, 'Wysłano wiadomość email',
'email sent')
def login_user(data):
try:
# fetch the user data
user = User.query.filter_by(email=data.get('email')).first()
if user and user.check_password(data.get('password')):
if user.account_type == 'facebook':
return build_json_result(
None, 403, 'Nie rozpoznano konta Facebook',
'You must login by facebook account')
if user.account_type == 'google':
return build_json_result(
None, 403, 'Nie rozpoznano konta Google',
'You must login by google account')
isOk, message = save_refresh_token(
user.id, get_data(data, 'device_id'),
get_data(data, 'device_name'),
get_data(data, 'device_model'))
update_logged_time(user)
if not user.is_active:
return build_json_result(
None, 403, 'Aby się zalogować, najpierw aktywuj konto',
'You need active your account to login')
auth_token = User.encode_auth_token(user.id, user.role,
user.account_type)
if auth_token:
response_object = {
'user_id': user.id,
'role': user.role,
'refresh_token': message,
'token': auth_token.decode()
}
# return response_object, 200
return build_json_result(response_object, 200,
'Zalogowano użytkownika',
'Successfully logged in.')
else:
return build_json_result(None, 401,
'Błąd serwera. Spróbuj jeszcze raz.',
'email or password does not match.')
except Exception as e:
print(e)
trace_log()
return build_json_result(
None, 500, 'Błąd serwera. Spróbuj jeszcze raz.',
'a server communication error has occurred please try again later'
)
def get(self):
"""List all registered users"""
LOG.error('=================---------------------- getting all user..')
LOG.warning(
'=================---------------------- getting all user..')
return build_json_result(get_all_users())
def login_facebook_user(post_data):
try:
if not 'token' in post_data:
return build_json_result(
None, 404, 'You need give me your facebook token')
else:
fb_token = post_data['token']
response = requests.get("https://graph.facebook.com/v3.3/me",
params={
'fields': 'id, name, email',
'access_token': fb_token
},
headers=None)
data = response.json()
LOG.info(data)
user_data = {}
if data and not 'error' in data:
fb_id = data['id']
fb_name = data['name']
if 'email' in data:
fb_email = data['email']
else:
fb_email = fb_id + '@facebook.com'
user = User.query.filter_by(facebook_id=fb_id).first()
LOG.info(user)
# login success
if user:
auth_token = User.encode_auth_token(
user.id, user.role, user.account_type)
isOk, message = save_refresh_token(
user.id, get_data(post_data, 'device_id'),
get_data(post_data, 'device_name'),
get_data(post_data, 'device_model'))
if auth_token:
# profile = get_user_profile(user.id, user.account_type)
response_object = {
"user_id": user.id,
# 'profile':profile,
# 'status': 'success',
# 'message': 'Successfully logged in.',
'token': auth_token.decode(),
'refresh_token': message
}
# LOG.info('aaaaaaaa')
profile = get_user_profile(user.id)
response_object['profile'] = profile
return build_json_result(
response_object, 200, 'Zalogowano użytkownika',
'Successfully logged in.')
else:
user_data['email'] = fb_email
user_data['username'] = fb_email
user_data['full_name'] = fb_name
user_data['facebook_id'] = fb_id
user_data['role'] = 'user'
user_data['account_type'] = 'facebook'
user_data['password'] = '******'
user_data['avatar'] = 'http://graph.facebook.com/' + \
fb_id+'/picture?type=square'
result = save_new_social_user(data=user_data)
isOk, message = save_refresh_token(
get_data(result, 'user_id'),
get_data(post_data, 'device_id'),
get_data(post_data, 'device_name'),
get_data(post_data, 'device_model'))
result[0]['resfresh_token'] = message
# profile = get_user_profile(
# get_data(result, 'user_id'), user_data['account_type'])
# result[0]['profile'] = profile
return result
else:
return build_json_result(None, 401,
'Your token is not valid')
except Exception as e:
trace_log()
# LOG.info(e)
return build_json_result(
None, 500, 'Błąd serwera. Spróbuj jeszcze raz.',
'a server communication error has occurred please try again later'
)
def login_google_user(post_data):
try:
if not 'token' in post_data:
return build_json_result(
None, 404, 'You need give me your facebook token')
else:
gg_token = post_data['token']
headers = {'Authorization': 'OAuth ' + gg_token}
response = requests.get(
"https://www.googleapis.com/oauth2/v1/userinfo",
None,
headers=headers)
data = response.json()
LOG.info(data)
user_data = {}
if data and not 'error' in data:
gg_id = data['id']
gg_name = data['name']
gg_avatar = data['picture']
if 'email' in data:
gg_email = data['email']
else:
gg_email = gg_id + '@google.com'
user = User.query.filter_by(google_id=gg_id).first()
LOG.info(user)
# login success
if user:
auth_token = User.encode_auth_token(
user.id, user.role, user.account_type)
isOk, message = save_refresh_token(
user.id, get_data(post_data, 'device_id'),
get_data(post_data, 'device_name'),
get_data(post_data, 'device_model'))
if auth_token:
response_object = {
"user_id": user.id,
# 'status': 'success',
# 'message': 'Successfully logged in.',
'token': auth_token.decode(),
'resfresh_token': message
}
profile = get_user_profile(user.id)
response_object['profile'] = profile
return build_json_result(
response_object, 200,
'Successfully logged in.')
else:
user_data['email'] = gg_email
user_data['username'] = gg_email
user_data['full_name'] = gg_name
user_data['google_id'] = gg_id
user_data['role'] = 'user'
user_data['account_type'] = 'google'
user_data['password'] = '******'
user_data['avatar'] = gg_avatar
result = save_new_social_user(data=user_data)
LOG.info(result)
if result[0]['meta']['code'] != 200 and result[0][
'meta']['code'] != 201:
return result
# return build_json_result(None, 409, 'Your email is used')
isOk, message = save_refresh_token(
get_data(result, 'user_id'),
get_data(post_data, 'device_id'),
get_data(post_data, 'device_name'),
get_data(post_data, 'device_model'))
LOG.info(result)
result[0]['resfresh_token'] = message
return result
else:
return build_json_result(None, 401,
'Your token is not valid')
except Exception as e:
# LOG.info(e)
return build_json_result(
None, 500, 'Błąd serwera. Spróbuj jeszcze raz.',
'a server communication error has occurred please try again later'
)
