def post(cls, token: str):
data = request.get_json()
user = UserModel.find_by_token_2fa(token)
if user:
response = EmailSecondFA.check_2fa_code(token, data["code"])
if response:
password_salt, password_hash = PassCrypt.generate_password_hash(
data["new_password"])
user.password_salt = password_salt
user.password_hash = password_hash
user.token_2fa = None
user.session_key = None
user.save_to_db()
EmailSecondFA.force_revoke_2fa_code(token)
return {"message": response_quote("user_password_reset")}, 201
return {"message": response_quote("email2fa_failed")}, 401
return {"message": response_quote("code_404")}, 404
def post(cls, token: str):
data = request.get_json()
user = UserModel.find_by_token_2fa(token)
if user:
response = EmailSecondFA.check_2fa_code(token, data["code"])
if response:
session_key = hashlib.sha256(
str.encode(str(datetime.datetime.now()))).hexdigest()
user.session_key = session_key
user.token_2fa = None
user.save_to_db()
EmailSecondFA.force_revoke_2fa_code(token)
access_token = create_access_token(
identity=user.session_key,
expires_delta=datetime.timedelta(hours=4))
return {"access_token": access_token}, 200
return {"message": response_quote("email2fa_failed")}, 401
return {"message": response_quote("code_404")}, 404
def post(cls):
data = request.get_json()
user = UserModel.find_by_email(data["email"])
if user:
try:
token = hashlib.sha256(str.encode(user.email)).hexdigest()
code = EmailSecondFA.generate_2fa_code(token)
user.token_2fa = token
user.save_to_db()
user.password_reset_request(code)
return {"request_token": token}, 200
except MailGunException as e:
return {"message": str(e)}, 500
return {"message": response_quote("user_not_exist")}, 404
def post(cls, token: str):
data = request.get_json()
user = UserModel.find_by_token_2fa(token)
if user:
response = EmailSecondFA.check_2fa_code(token, data["code"])
if response:
access_token = create_access_token(identity=user.sha_private,
expires_delta=EXPIRES_DELTA)
refresh_token = create_refresh_token(identity=user.sha_private)
return {
"access_token": access_token,
"refresh_token": refresh_token
}, 200
return {"message": response_quote("email2fa_failed")}, 400
return {"message": response_quote("user_not_exist")}, 404
def post(cls):
data = request.get_json()
user = UserModel.find_by_email(data["email"])
if user and PassCrypt.check_password_hash(
user.password_hash, user.password_salt, data["password"]):
confirmation = user.most_recent_confirmation
if confirmation and confirmation.confirmed:
# в ключ сессии закладывается текущее время сервера во время авторизации.
user.session_key = hashlib.sha256(
str.encode(str(datetime.datetime.now()))).hexdigest()
user.save_to_db()
access_token = create_access_token(identity=user.session_key,
expires_delta=EXPIRES_DELTA)
refresh_token = create_refresh_token(identity=user.session_key)
if user.second_fa_enabled:
try:
token = hashlib.sha256(str.encode(
user.email)).hexdigest()
code = EmailSecondFA.generate_2fa_code(token)
user.token_2fa = token
user.session_key = None
user.save_to_db()
user.send_email_2fa_code(code)
return {"verification_token": token}, 202
except MailGunException as e:
return {"message": str(e)}
return {
"access_token": access_token,
"refresh_token": refresh_token
}, 201
else:
return {
"message":
response_quote("user_not_confirmed").format(user.username)
}, 400
else:
return {"message": response_quote("user_invalid_credentials")}, 401
def post(cls):
"""
:return: access_token, refresh_token
"""
data = request.get_json()
user = UserModel.find_by_email(data["email"])
if user and b_crypt.check_password_hash(user.password,
data["password"]):
confirmation = user.most_recent_confirmation
if confirmation and confirmation.confirmed:
access_token = create_access_token(identity=user.sha_private,
expires_delta=EXPIRES_DELTA)
refresh_token = create_refresh_token(identity=user.sha_private)
if user.second_fa_enabled:
try:
token = hashlib.sha256(str.encode(
user.sha_private)).hexdigest()
code = EmailSecondFA.generate_2fa_code(
token) # еще подумать над этим функционалом
user.token_2fa = token
user.save_to_db()
user.send_email_2fa_code(code)
return {"verification_token": token}
except MailGunException as e:
return {"message": str(e)}
return {
"access_token": access_token,
"refresh_token": refresh_token
}, 201
else:
return {
"message":
response_quote("user_not_confirmed").format(user.username)
}, 400
else:
return {"message": response_quote("user_invalid_credentials")}, 401