def put(self):
args = self.get_put_arguments()
try:
email = auth_tokens_store.get("reset-%s" % args["token"])
if email:
auth.validate_password(args["password"], args["password2"])
password = auth.encrypt_password(args["password"])
persons_service.update_password(email, password)
auth_tokens_store.delete("reset-%s" % args["token"])
return {"success": True}
else:
return (
{
"error": True,
"message": "Wrong or expired token."
},
400,
)
except auth.PasswordsNoMatchException:
return (
{
"error": True,
"message": "Confirmation password doesn't match.",
},
400,
)
except auth.PasswordTooShortException:
return {"error": True, "message": "Password is too short."}, 400
except UnactiveUserException:
return {"error": True, "message": "User is unactive."}, 400
def post(self):
(
old_password,
password,
password_2,
) = self.get_arguments()
try:
auth_service.check_auth(app, get_jwt_identity(), old_password)
auth.validate_password(password, password_2)
password = auth.encrypt_password(password)
persons_service.update_password(get_jwt_identity(), password)
return {"change_password_success": True}
except auth.PasswordsNoMatchException:
return {
"error": True,
"message": "Confirmation password doesn't match."
}, 400
except auth.PasswordTooShortException:
return {
"error": True,
"message": "Password is too short."
}, 400
except UnactiveUserException:
return {
"error": True,
"message": "Old password is wrong."
}, 400
except WrongPasswordException:
return {
"error": True,
"message": "User is unactive."
}, 400
def post(self):
(
email,
password,
password_2,
first_name,
last_name,
) = self.get_arguments()
try:
email = auth.validate_email(email)
auth.validate_password(password, password_2)
password = auth.encrypt_password(password)
persons_service.create_person(email, password, first_name,
last_name)
return {"registration_success": True}, 201
except auth.PasswordsNoMatchException:
return (
{
"error": True,
"message": "Confirmation password doesn't match.",
},
400,
)
except auth.PasswordTooShortException:
return {"error": True, "message": "Password is too short."}, 400
except auth.EmailNotValidException as exception:
return {"error": True, "message": str(exception)}, 400
def post(self):
"""
Allow the user to change his password.
---
description: Prior to modifying the password, it requires to give the current password
(to make sure the user changing the password is not someone who stealed the session).
The new password requires a confirmation to ensure that the user didn't
make a mistake by typing his new password.
tags:
- Authentification
parameters:
- in: body
name: Credentials
description: The old password, new password and confirmation password of the user
schema:
type: object
required:
- old_password
- password
- password_2
properties:
old_password:
type: string
password:
type: string
password_2:
type: string
responses:
200:
description: Password changed
400:
description: Invalid password or inactive user
"""
(old_password, password, password_2) = self.get_arguments()
try:
auth_service.check_auth(app, get_jwt_identity(), old_password)
auth.validate_password(password, password_2)
password = auth.encrypt_password(password)
persons_service.update_password(get_jwt_identity(), password)
return {"success": True}
except auth.PasswordsNoMatchException:
return (
{
"error": True,
"message": "Confirmation password doesn't match.",
},
400,
)
except auth.PasswordTooShortException:
return {"error": True, "message": "Password is too short."}, 400
except UnactiveUserException:
return {"error": True, "message": "User is unactive."}, 400
except WrongPasswordException:
return {"error": True, "message": "Old password is wrong."}, 400
def post(self):
(
old_password,
password,
password_2,
) = self.get_arguments()
try:
auth.check_credentials(current_user.email, old_password)
auth.validate_password(password, password_2)
password = auth.encrypt_password(password)
person_info.update_password(current_user, password)
return {"change_password_success": True}
except auth.PasswordsNoMatchException:
return {
"error": True,
"message": "Confirmation password doesn't match."
}, 400
except auth.PasswordTooShortException:
return {"error": True, "message": "Password is too short."}, 400
except auth.WrongPasswordException:
return {"error": True, "message": "Old password is wrong."}, 400
def test_validate_password(self):
self.assertRaises(
auth.PasswordTooShortException,
auth.validate_password,
"12345",
"12345",
)
self.assertRaises(
auth.PasswordsNoMatchException,
auth.validate_password,
"12345678",
"12345676",
)
self.assertTrue(auth.validate_password("mypassword", "mypassword"))
def put(self):
"""
Ressource to allow a user to change his password when he forgets it.
---
description: "It uses a classic scheme: a token is sent by email to the user.
Then he can change his password."
tags:
- Authentification
parameters:
- in: body
name: Credentials
description: The token, new password and confirmation password of the user
schema:
type: object
required:
- token
- password
- password_2
properties:
token:
type: UUID
password:
type: string
password_2:
type: string
responses:
200:
description: Password reset
400:
description: Invalid password
Wrong or expired token
Inactive user
"""
args = self.get_put_arguments()
try:
email = auth_tokens_store.get("reset-%s" % args["token"])
if email:
auth.validate_password(args["password"], args["password2"])
password = auth.encrypt_password(args["password"])
persons_service.update_password(email, password)
auth_tokens_store.delete("reset-%s" % args["token"])
return {"success": True}
else:
return (
{
"error": True,
"message": "Wrong or expired token."
},
400,
)
except auth.PasswordsNoMatchException:
return (
{
"error": True,
"message": "Confirmation password doesn't match.",
},
400,
)
except auth.PasswordTooShortException:
return {"error": True, "message": "Password is too short."}, 400
except UnactiveUserException:
return {"error": True, "message": "User is inactive."}, 400
def post(self):
"""
Allow a user to register himself to the service.
---
tags:
- Authentification
parameters:
- in: body
name: Credentials
description: The email, password, confirmation password, first name and last name of the user
schema:
type: object
required:
- email
- password
- password_2
- first_name
- last_name
properties:
email:
type: string
password:
type: string
password_2:
type: string
first_name:
type: string
last_name:
type: string
responses:
201:
description: Registration successful
400:
description: Invalid password or email
"""
(
email,
password,
password_2,
first_name,
last_name,
) = self.get_arguments()
try:
email = auth.validate_email(email)
auth.validate_password(password, password_2)
password = auth.encrypt_password(password)
persons_service.create_person(email, password, first_name,
last_name)
return {"registration_success": True}, 201
except auth.PasswordsNoMatchException:
return (
{
"error": True,
"message": "Confirmation password doesn't match.",
},
400,
)
except auth.PasswordTooShortException:
return {"error": True, "message": "Password is too short."}, 400
except auth.EmailNotValidException as exception:
return {"error": True, "message": str(exception)}, 400
