Exemple #1
0
def get_current_admin(token: str = Depends(oauth2_scheme),
                      db: Session = Depends(get_db)) -> UserVerify:
    """ Verify User Authentication"""
    credentials_exception = HTTPException(
        status_code=status.HTTP_401_UNAUTHORIZED,
        detail="Could not validate credentials",
        headers={"WWW-Authenticate": "Bearer"},
    )
    expire_exception = HTTPException(
        status_code=status.HTTP_401_UNAUTHORIZED,
        detail="access expired",
        headers={"WWW-Authenticate": "Bearer"},
    )
    require_exception = HTTPException(
        status_code=status.HTTP_401_UNAUTHORIZED,
        detail="access denied",
        headers={"WWW-Authenticate": "Bearer"},
    )
    if token:
        try:
            payload = access_token.decode_access_token(token=token)
            token_validity = payload.get("exp")
            if get_int_from_datetime(datetime.utcnow()) >= token_validity:
                raise expire_exception
            email: str = payload.get("sub")
            if email is None:
                raise credentials_exception
            token_data = TokenData(email=email)
        except exceptions.JWTException as e:
            raise credentials_exception

        user = crud_users.verify_user(email=token_data.email, db=db)
        if user is None:
            raise credentials_exception

        if user.is_admin == False:
            raise credentials_exception

        return user
    else:
        raise require_exception
Exemple #2
0
def reset_password(
    reset_data: schemas.UserPasswordReset, db: Session = Depends(deps.get_db)
) -> JSONResponse:
    """
    Reset password
    """
    credentials_exception = HTTPException(
        status_code=status.HTTP_401_UNAUTHORIZED,
        detail="Could not validate credentials",
        headers={"WWW-Authenticate": "Bearer"},
    )
    expire_exception = HTTPException(
        status_code=status.HTTP_401_UNAUTHORIZED,
        detail="access expired",
        headers={"WWW-Authenticate": "Bearer"},
    )
    try:
        payload = access_token.verify_password_reset_token(
            token=reset_data.token)
        token_validity = payload.get("exp")
        if get_int_from_datetime(datetime.utcnow()) >= token_validity:
            raise expire_exception
        token_email: str = payload.get("sub")
        if token_email is None:
            raise credentials_exception
    except exceptions.JWTException as e:
        print(e)
        raise credentials_exception
    db_user = crud_users.verify_user(email=token_email, db=db)
    if db_user is None:
        raise credentials_exception

    data = crud_users.update_user_password(email=token_email,
                                           password=reset_data.password,
                                           db=db)
    if data is None:
        return JSONResponse(status_code=500,
                            content={"message": "Internal Server Error"})
    return JSONResponse(status_code=200, content={"message": "success"})