def create_user_by_account_admin(username, email, is_admin, **kwargs): user_check_exist_in_user = repositories.user.find_one_by_email_or_username_in_user( email=email, username=username) user_check_exist_in_signup = repositories.signup.find_one_by_email_or_username_in_signup_request( email=email, username=username) if (user_check_exist_in_user or user_check_exist_in_signup): raise exceptions.BadRequestException( message='Username or email already exist') else: new_user = repositories.user.add_user_by_username_and_email( username=username, email=email, is_admin=is_admin, ) if new_user: print(new_user) password = new_user['password'] content_mail = "Your Password: "******"New Account", content_mail, email) if send_mail: return {'message': 'success'} else: raise exceptions.HTTPException(message='Send mail error') else: raise exceptions.BadRequestException(message='Database error')
def delete_user_by_account_admin(token, username, email, **kwargs): try: data = jwt.decode(token, config.FLASK_APP_SECRET_KEY) user_admin = repositories.user.find_user_by_id(data['userid']) if user_admin.is_admin: if ( user_admin.username != username or user_admin.email != email ): user = repositories.user.find_user_by_username_and_email(username=username, email=email) if (user): repositories.user.delete_one_by_email_or_username_in_user(user=user) return { 'message': 'success' } else: raise exceptions.BadRequestException("Not found user") else: raise exceptions.BadRequestException("This is your account, delete error") else: raise exceptions.UnAuthorizedException(message='not authorized') except jwt.ExpiredSignature: repositories.usertoken.delete_token_by_tokenstring(token) raise exceptions.UnAuthorizedException('expired token, auto logout') except jwt.exceptions.InvalidTokenError: raise exceptions.BadRequestException('Invalid Token')
def inner(*args, **kwargs): for k, v in kwargs.items(): if (k == "username" and Username(v).is_valid() == False): raise exceptions.BadRequestException("Data invalid!") elif (k == "email" and Email(v).is_valid() == False): raise exceptions.BadRequestException("Data invalid!") elif (k == "password" and Password(v).is_valid() == False): raise exceptions.BadRequestException("Data invalid!") elif (k == "newpassword" and NewPassword(v).is_valid() == False): raise exceptions.BadRequestException("Data invalid!") return func(*args, **kwargs)
def decode(access_token): try: token_data = jwt.decode(access_token, config.FLASK_APP_SECRET_KEY) return token_data except jwt.ExpiredSignature: delete_signup_request = r.signup.delete.by_token(access_token) if delete_signup_request: raise exceptions.UnAuthorizedException('expired token, delete account') else: raise exceptions.BadRequestException('database error') except jwt.exceptions.InvalidTokenError: raise exceptions.BadRequestException('Invalid Token')
def make_response(token, email): data_user_info = get_user_info(access_token=token) if data_user_info['email'] == email: existed_user = repositories.user.find_one_by_email_or_username_in_user( email=email, username="") existed_user_not_verify = repositories.signup.find_one_by_email_or_username_in_signup_request( email=email, username="") if ( existed_user ): user_token = repositories.usertoken.create_token_by_user(existed_user) timestr = datetime.timestamp(user_token.expired_time) return { 'token': user_token.token, 'expired_time': timestr, 'username': existed_user.username, 'isAdmin': existed_user.is_admin, } elif existed_user_not_verify: raise exceptions.BadRequestException( "Email {email} already existed!".format( email=email ) ) else: current_username = email.split('@')[0] username = create_username(current_username) password = create_password() if validate_username_email(username=username, email=email, password=password): data = { 'username': username, 'email': email, 'password': password, 'is_admin': False, 'is_active': True } user = repositories.user.add(data) if user: user_token = repositories.usertoken.create_token_by_user(user) timestr = datetime.timestamp(user_token.expired_time) return { 'token': user_token.token, 'expired_time': timestr, 'isAdmin': user.is_admin, } else: raise exceptions.BadRequestException('Invalid email')
def exist_username_or_email_in_signup_request(new_username='', new_email=''): if r.signup.find.by_email_or_username( username=new_username, email=new_email, ): raise e.BadRequestException('User name or email already exist') else: return True
def decode(access_token): try: return jwt.decode(access_token, config.FLASK_APP_SECRET_KEY) except jwt.ExpiredSignature: r.usertoken.delete.by_token_string(access_token) raise e.UnAuthorizedException('expired token, auto logout') except jwt.exceptions.InvalidTokenError: raise e.BadRequestException('invalid token')
def exist_account(username='', email=''): user = r.user.find.by_username_and_email( username=username, email=email, ) if user: return user else: raise e.BadRequestException("account not exist!")
def decode(access_token=''): try: jwt.decode(access_token, config.FLASK_APP_SECRET_KEY) if r.usertoken.delete.by_token_string( token_string=access_token ): return { "message": "logout success", } else: raise exceptions.BadRequestException('token not exist') except jwt.ExpiredSignature: r.usertoken.delete.by_token_string( token_string=access_token ) raise exceptions.UnAuthorizedException('expired token, auto logout') except jwt.exceptions.InvalidTokenError: raise exceptions.BadRequestException('Invalid Token')
def exist_account(username='', password=''): account = r.user.find.by_username(username=username) if account: if account.check_password(password): return account else: raise exceptions.BadRequestException(message="Password invalid") else: raise exceptions.UnAuthorizedException(message="Not found user")
def exist_username_or_email_in_user( user_id, new_username='', new_email='', ): list_orther_user = r.user.find.list_orther_user(user_id=user_id) for user in list_orther_user: if (user.username == new_username or user.email == new_email): raise e.BadRequestException('User name or email already exist') return True
def edit_user(old_username, new_username, new_email, is_admin, **kwargs): user = repositories.user.find_user_by_username(old_username) if user: if repositories.user.check_orther_user_had_username_email( user.id, new_username, new_email): if (user.username != new_username or user.email != new_email or user.is_admin != is_admin): if repositories.user.edit_username_email_is_admin_in_user( new_username, new_email, is_admin, user): return {'message': 'edit success'} else: raise exceptions.BadRequestException('server error') else: raise exceptions.BadRequestException('User Unchanged') else: raise exceptions.BadRequestException( 'User name or email already exist') else: raise exceptions.BadRequestException('Not found user')
def change_information( user, new_username='', new_email='', new_is_admin=False, ): if (user.username == new_username and user.email == new_email and user.is_admin == new_is_admin): raise e.BadRequestException('Information Unchanged') else: return True
def no_exist_in_user_model( username='', email='', ): if r.user.find.by_email_or_username( username=username, email=email, ): raise e.BadRequestException('Username or email already exist') else: return True
def check_token_from_logout_request(tokenstring): try: jwt.decode(tokenstring, config.FLASK_APP_SECRET_KEY) repositories.usertoken.delete_token_by_tokenstring(tokenstring) return { "message": "logout success", } except jwt.ExpiredSignature: repositories.usertoken.delete_token_by_tokenstring(tokenstring) raise exceptions.UnAuthorizedException('expired token, auto logout') except jwt.exceptions.InvalidTokenError: raise exceptions.BadRequestException('Invalid Token')
def inner(*args, **kwargs): for k, v in kwargs.items(): if ( (k == "username" or k == "new_username") and False == (Username(v).is_valid()) ): raise exceptions.BadRequestException("Data invalid!") elif ( (k == "email" or k == "new_email") and False == (Email(v).is_valid()) ): raise exceptions.BadRequestException("Data invalid!") elif ( (k == "password" or k == "new_password") and False == (Password(v).is_valid()) ): raise exceptions.BadRequestException("Data invalid!") return func(*args, **kwargs)
def token_data_with_email( access_token='', email='', ): token_data = tokengoogle.decode( access_token=access_token ) if token_data['email'] == email: return True else: raise e.BadRequestException( message='Invalid email' )
def verify(token_string): try: token_data = jwt.decode(token_string, config.FLASK_APP_SECRET_KEY) except jwt.ExpiredSignature: check_del_signup_request = repositories.signup.delete_by_token_in_signup_request( token_string) if check_del_signup_request: raise exceptions.UnAuthorizedException( 'expired token, delete account') else: raise exceptions.BadRequestException('database error') except jwt.exceptions.InvalidTokenError: raise exceptions.BadRequestException('Invalid Token') username = token_data["username"] user = repositories.signup.find_one_by_email_or_username_in_signup_request( email="", username=username) if user: repositories.signup.delete_one_by_email_or_username_in_signup_request( user) now = datetime.timestamp(datetime.now()) expired = datetime.timestamp(user.expired_time) if expired - now >= 0: #function add info to user and delete Signup_Request user_in_tb_user = repositories.signup.save_user_to_user( username=user.username, email=user.email, password=user.password_hash) if user_in_tb_user is None: raise exceptions.BadRequestException("database error") else: repositories.checkhistorypass.save_history_pass( user_in_tb_user.id, user_in_tb_user.password_hash, True) return { 'message': 'success', } raise exceptions.NotFoundException(message="not found user")
def check_info_and_res(token="", password="", newpassword="", **kwarg): try: token_data = jwt.decode(token, config.FLASK_APP_SECRET_KEY) except jwt.ExpiredSignature: repositories.usertoken.delete_token_by_tokenstring(token) raise exceptions.UnAuthorizedException('expired token, auto logout') except jwt.exceptions.InvalidTokenError: raise exceptions.BadRequestException('Invalid Token') user_id = token_data["userid"] user = repositories.user.find_user_by_id(user_id) if user is None: raise exceptions.BadRequestException("User not exist!") else: if (user.check_password(password)): if repositories.changepassword.update_password(newpassword, user): return { "message": "Change password success", } else: raise exceptions.UnAuthorizedException( message="new password equal password") else: raise exceptions.UnAuthorizedException(message="Password invalid")
def email_not_exist_in_signup_model( email='', ): signup_request = r.signup.find.by_email_or_username( email=email, username="", ) if signup_request: raise e.BadRequestException( "Email {email} already register!, check email and verify a".format( email=email ) ) else: return True
def make_response(token, user_id, lock_time, **kwargs): locker_id = check.locker_id_is_admin(access_token=token) print(lock_time) if (check.do_not_lock_myself( locker_id=locker_id, user_id=user_id, )): user = r.user.find.by_id(user_id=user_id) if user: r.user.edit.look_time_and_is_activate(user=user, look_time=lock_time, is_active=False) return {'msg': 'success'} else: raise e.BadRequestException('database error')
def inner(token): try: data = jwt.decode(token, config.FLASK_APP_SECRET_KEY) user = repositories.user.find_user_by_id(data['userid']) if user.is_admin: return func(token) else: raise exceptions.UnAuthorizedException( message='not authorized') except jwt.ExpiredSignature: repositories.usertoken.delete_token_by_tokenstring(token) raise exceptions.UnAuthorizedException( 'expired token, auto logout') except jwt.exceptions.InvalidTokenError: raise exceptions.BadRequestException('Invalid Token')
def no_account(email, username): signup_request = r.signup.find.by_email_or_username(email, username) user = r.user.find.by_email_or_username(email, username) if ( signup_request or user ): raise exceptions.BadRequestException( "User with username {username} " "or email {email} already existed!".format( username=username, email=email ) ) else: return True
def check_info_form_resetpassword_and_res(username, email, **kwargs): user = repositories.user.find_user_by_username_and_email(username, email) if user is None: raise exceptions.BadRequestException("user not exist!") else: #update value user in database if helpers.verify_look_account_by_user(user): newpassword = repositories.resetpassword.change_password(user) content_mail = "Your Password: "******"Reset Password", content_mail, email) if check_password: return { 'message': 'Reset password success. You can check mail: ' + email, } else: raise exceptions.ForbiddenException(message="Send mail error") else: raise exceptions.UnAuthorizedException(message="Account locked")
def check_info_from_login_request(username, password, **kwargs): user = repositories.user.find_user_by_username(username) if user is None: raise exceptions.UnAuthorizedException(message="Not found user") else: if(user.check_password(password)): # function add token if helpers.verify_look_account_by_user(user): user_token = repositories.usertoken.create_token_by_user(user) if user_token is None: raise exceptions.UnAuthorizedException(message="Don't insert token") else: timestr = datetime.timestamp(user_token.expired_time) return { 'token': user_token.token, 'expired_time': timestr, 'isAdmin': user.is_admin, } else: raise exceptions.UnAuthorizedException(message="Account locked") else: raise exceptions.BadRequestException("Password invalid")
def create_user_to_signup_request(username, email, password, **kwargs): existed_user = repositories.user.find_one_by_email_or_username_in_user( email, username) existed_user_not_verify = repositories.signup.find_one_by_email_or_username_in_signup_request( email, username) if existed_user or existed_user_not_verify: raise exceptions.BadRequestException( "User with username {username} " "or email {email} already existed!".format(username=username, email=email)) user = repositories.signup.save_user_to_signup_request(username=username, email=email, password=password, **kwargs) content_mail = '<a href="{0}/{1}/{2}">Click here</b>'.format( config.BASE_URL, 'api/users/register/verify', user.user_token_confirm) check_send_mail = helpers.send_mail("Information Veriry Account.", content_mail, email, "verify") if (check_send_mail): return { "message": "success", } else: exceptions.ForbiddenException(message="Not found email!!!")
def user_exist(user_id): user = r.user.find.by_id(user_id=user_id) if user: return user else: raise e.BadRequestException(message='not found user')
def do_not_delete_your_self(eraser_id, user_id): if eraser_id == user_id: raise e.BadRequestException( message='This is your account, delete error') else: return True
def exist_account(user_id): user = r.user.find.by_id(user_id=user_id) if user: return user else: raise e.BadRequestException("account not exist!")