Esempio n. 1
0
 def checkUser(cls):
     if request.method == "POST":
         email = request.form['emailaddress'].upper()
         password = request.form['password']
         conn = DataBaseManager.database_connection()
         cur = conn.cursor()
         try:
             query = "SELECT * FROM users WHERE email=%s"
             cur.execute(query, (email, ))
             row = cur.fetchone()
             if row:
                 if (sha256_crypt.verify(password, row[3])):
                     user = User(*row)
                     if user.roleid == "002":
                         session['userdatalist'] = user.getData()
                         return redirect(url_for('loadAssociateHome'))
                     if user.roleid == "003":
                         session['userdatalist'] = user.getData()
                         return redirect(url_for('loadAdminHome'))
                     if user.roleid == "001":
                         session['userdatalist'] = user.getData()
                         return redirect(url_for('loadManagerHome'))
                 else:
                     return render_template(
                         'login.html', message="Wrong email or password")
             else:
                 return render_template('login.html',
                                        message="Wrong email or password")
         finally:
             conn.close()
     else:
         return render_template('login.html')
Esempio n. 2
0
def signin():
    if request.method == "GET":
        return render_template('signin.html')
    elif request.method == "POST":
        form = request.form
        name = form['name']
        email = form['email']
        username = form['username']
        password = form['password']
        new_user = User(name=name,
                        email=email,
                        username=username,
                        password=password)
        new_user.save()
        return redirect(url_for('index'))
Esempio n. 3
0
    def post(self):
        username = request.form.get('username')
        email = request.form.get('email')
        password = request.form.get('password')
        existing_user = User.query.filter_by(email=email).first()

        if not username or not email or not password:
            flash("Tüm alanları doldurun!", "signup")
        elif existing_user:
            flash("Geçersiz email adresi!", "signup")
        else:
            user = User(username=username, email=email, password=password)
            user.save()
            login_user(user)
            return redirect('/home')
        return redirect('/')
Esempio n. 4
0
 def post(self, username):
     if not username == User.get_username_by_id(session["user_id"]):
         return {
             'message': "You may not update another user's certificate."
         }, 400
     data = self.parser.parse_args()
     if not data['csr']:
         return {'message': "No certificate Signing Request in Body."}, 400
     cert = CertModel.create(data['csr'], User.find_by_name(username).id)
     if not cert:
         return {
             'message':
             "Signature in CSR could not be verified or invalid CSR data!"
         }, 400
     cert.save_to_db()
     return cert.json()
Esempio n. 5
0
 def get(self):
     user = User.get_by_id(id=get_jwt_identity())
     data = {
         'id': user.id,
         'username': user.username
         'email': user.email,
     }
Esempio n. 6
0
def index():
    return render_template('index.html')
    if "loggedin" in session:
        if request.method == "GET":
            users = User.objects()
            return redirect(url_for("service_page"))
    else:
        return redirect(url_for("login"))
Esempio n. 7
0
def registerAdmin(username: str, password: str):
    """Registers a new admin, if the username isn't yet taken

    Parameters
    ----------
    name : username
        The user login
    name : password
        The password set for that user

    Raises
    ----------
    ExistingUserException
        If an already existing username is passed as the first argument.
    """
    if (userExists(username)):
        raise exceptions.ExistingUserException(
            "{0} already exists in the database".format(username))
    else:
        newUser = User(username, password, True)
        jsonUser = newUser.toJSON()

        usersCollection.insert_one(jsonUser)


##link = Link (["Grumbarg"], "<0> es <1> del ejército de <2>", ["general", "Rahash"], "Grumbarg el grande", 1)
##addLink(link)
##newLink = getLink(link.getName())
##print(newLink.getFullText())
##print (existsLink("holaa"))
##print (getLinkByLinks("pájaro").getName())
##print (getLinksByField("alias", "hola"))
##for i in getLinksContainingWord("alias", "guerra"):
##    print (i)
##print (getLink("Ruiseñor escarlata").getFormattedText())
##print (getLink("Ruiseñor escarlata").getFullText())
##print (getLinkByField("alias", "Muertos"))
##for link in getLinksByField("_id", "5fd2bcf54e318fc347906f78"):
#    print (link)
# link = getLink("Mijail")
# print (link.id)
# link.alias.append("Mikhail")
# updateLinkById(link.id, link)
#print (userExists("joaquinollo"))
#registerUser("joaco", "esdla03")
Esempio n. 8
0
 def get(self, username):
     user = User.find_by_name(username)
     if not user:
         return {
             'message': "Username '{}' does not exist.".format(username)
         }, 404
     cert = CertModel.get_by_user(user=user)
     if not cert:
         return {'message': "No valid certificate for this user."}, 404
     return cert.json()
Esempio n. 9
0
def authenticateUser(username: str, password: str) -> bool:
    """Returns a bool value indicating whether the provided username and password match to a user registered, or not.
    Parameters
    ----------
    name : username
        The user login
    name : password
        The password set for that user
    """
    authenticated = False
    query = {"username": username}
    entity = usersCollection.find_one(query)

    if (entity):
        newUser = User(entity["username"], entity["password"], entity["admin"],
                       True)

        authenticated = newUser.verify_password(password)

    return authenticated
Esempio n. 10
0
 def get(self, username):
     user = User.find_by_name(username)
     if not user:
         return {
             'message': "Username '{}' does not exist.".format(username)
         }, 404
     # revocation list is always freshly created, when requested by client
     certs = CertModel.get_all_invalid_by_user(user=user)
     if not certs:
         return {'message': "No revoked certificate for this user."}, 404
     certs = list(certs)
     return RevList(username, certs).json()
Esempio n. 11
0
    def post(self):
        json_data = request.get_json()

        username = json_data.get('username')
        email = json_data.get('email')
        non_hash_password = json_data.get('password')

        if User.get_by_username(username):
            return {'message': 'username already'}, HTTPStatus.BAD_REQUEST

        if User.get_by_email(email):
            return {'message': 'email already exists'}, HTTPStatus.BAD_REQUEST

        password = hash_password(non_hash_password)

        user = User(username=username, email=email, password=password)
        user.save()

        data = {
            'id': user.id,
            'username': user.username,
            'email': user.email
        }

        return data, HTTPStatus.CREATED
Esempio n. 12
0
 def delete(self, username):
     if not username == User.get_username_by_id(session["user_id"]):
         return {
             'message': "You may not access another user's notifications."
         }, 400
     data = self.parser.parse_args()
     if not data['data']:
         NotifModel.delete(user_id=session["user_id"])
     else:
         NotifModel.delete(user_id=session["user_id"], data=data['data'])
     return {
         'message': "Deleted notifications for user {}".format(username)
     }
Esempio n. 13
0
    def post(self):
        json_data = request.get_json()
        email = json - data.get('email')
        password = json_data.get('password')
        user = User.get_by_email(email=email)

        if not user or not check_password(password, user.password):
            return {
                'message': 'email or password is incorrect'
            }, HTTPStatus.UNAUTHORIZED

        access_token = create_access_token(identity=user.id)
        return {'access_token': access_token}, HTTPStatus.OK
Esempio n. 14
0
def login():
    if request.method == "GET":
        return render_template('login.html')
    elif request.method == "POST":
        form = request.form
        username = form['username']
        password = form['password']
        all_user = User.objects()
        if username == "username" and password == "password":
            session['loggedin'] = True
            return redirect(url_for('service_page'))
        else:
            return "Wrong"
Esempio n. 15
0
 def validate_request(self, initiator, replier, step, method):
     if initiator == replier:
         return {'message': "You may not use SMP to verify your own certificate."}, 400
     if not step in self.steps:
         return {'message': "Resource '{}' does not exist.".format(step)}, 404
     init = User.find_by_name(initiator)
     rep  = User.find_by_name(replier)
     if not init:
         return {'message': "Username '{}' does not exist.".format(initiator)}, 404
     if not rep:
         return {'message': "Username '{}' does not exist.".format(replier)}, 404
     username = User.get_username_by_id(session["user_id"])
     if not username in [initiator, replier]:
         return {'message': "You may not access other users' SMP data."}, 400
     if username == initiator and step not in ['question', 'step2', 'step4'] and not method == 'get':
         return {'message': "You may not access someone else's SMP data."}, 400
     if username == replier and step not in ['step1', 'step3'] and not method == 'get':
         return {'message': "You may not access someone else's SMP data."}, 400
     if not init.active:
         return {'message': "User '{}' is not logged in.".format(initiator)}, 404
     if not rep.active:
         return {'message': "User '{}' is not logged in.".format(replier)}, 404
     return True, init, rep
Esempio n. 16
0
def registerUser(username: str, password: str):
    """Registers a new user, if the username isn't yet taken

    Parameters
    ----------
    name : username
        The user login
    name : password
        The password set for that user

    Raises
    ----------
    ExistingUserException
        If an already existing username is passed as the first argument.
    """
    if (userExists(username)):
        raise exceptions.ExistingUserException(
            "{0} already exists in the database".format(username))
    else:
        newUser = User(username, password)
        jsonUser = newUser.toJSON()

        usersCollection.insert_one(jsonUser)
Esempio n. 17
0
 def checkUserRegister ( cls, email ):
     conn = DataBaseManager.database_connection()
     cur = conn.cursor()
     try:
         email = email.upper()
         query = "SELECT * FROM users WHERE email=%s"
         cur.execute ( query, (email,) )
         row = cur.fetchone()
         if row:
             return User ( *row )
         else:
             return None
     finally:
         conn.close()
Esempio n. 18
0
 def get(self, username):
     if not username == User.get_username_by_id(session["user_id"]):
         return {
             'message': "You may not access another user's notifications."
         }, 400
     notif = NotifModel.get_all_by_user(session["user_id"])
     if not notif or len(notif) < 1:
         return {'message': "No notifications for this user."}, 404
     result = {'username': username}
     i = 0
     for n in notif:
         result.update(n.json(i))
         i += 1
     return result
Esempio n. 19
0
 def delete(self, username):
     if not username == User.get_username_by_id(session["user_id"]):
         return {
             'message': "You may not delete another user's certificate."
         }, 400
     data = self.parser.parse_args()
     certs = list(
         CertModel.get_all_valid_by_user(user=User.find_by_name(username)))
     if len(certs) < 1:
         return {'message': "No valid certificate for user found."}, 404
     if data['cert_serial']:
         certs = list(
             filter(lambda x: x.serial_number() == data['cert_serial'],
                    certs))
         if len(certs) < 1:
             return {
                 'message': "No valid certificate with the given id found."
             }, 404
     #revoke all of the user's certificates
     certs = list(map(lambda x: x.revoke(), certs))
     #returns the revocation list, which only includes the certificates revoked by this request
     #previously revoked certificates are not includede in the returned list!
     return RevocationList(username, certs).json()
Esempio n. 20
0
 def post(self):
     data = Register.parser.parse_args()
     if User.find_by_username(data.username):
         return ResponseHandler.error('user exists', 400)
     user = User(**data)
     user.save()
     if user.id:
         return ResponseHandler.success('User Added', 200, data=user.json())
     return ResponseHandler.error('user not added', 400)
Esempio n. 21
0
 def registerUser(self, userID, password):
     for user in USERS_COLLECTION.find():
         if user["userID"] == userID:
             return "Username already exists, try another."
         
     new_user = User()
     new_user.setUserID(userID)
     new_user.setPassword(password)
     cur_user = {"userID": new_user.getUserID(),
             "password": new_user.getHashedPassword(),
             "loggedIn": False
             }
     USERS_COLLECTION.insert(cur_user)
     return "User %s registered" % userID
Esempio n. 22
0
def login():
    conn = db_connection()
    cursor = conn.cursor()
    user = None

    if request.method == 'POST':
        data = request.get_json()
        pseudo = data['pseudo']
        password = data['password']
        sql = """SELECT id, pseudo, mail, password FROM user WHERE pseudo =? and password =?"""
        cursor.execute(sql, (pseudo, password))
        row = cursor.fetchone()
        if row is not None:
            user = User(row[0], row[1], row[2], row[3])
            token = JwtService().create(user)
            return token, 200
        cursor.close()
        conn.close()
        return "Can't authenticate", 401
Esempio n. 23
0
 def get(self, username):
     if not username == User.get_username_by_id(session["user_id"]):
         return {'message': "You may not access another user's data."}, 400
     owner = {}
     d = Data.get_all_by_user(user_id=session["user_id"])
     if d:
         for item in d:
             owner.update(
                 {str(item.id): "/data/{}/{}".format(username, item.name)})
     shared = {}
     d = Data_Access.get(user_id=session["user_id"])
     if d:
         for item in d:
             shared.update({
                 str(item.data.id):
                 "/data/{}/{}".format(item.data.user.username,
                                      item.data.name)
             })
     return {'owner': owner, 'shared': shared}
Esempio n. 24
0
    def get(self, username):
        user = User.get_by_username(username=username)

        if user is None:
            return {'message': 'user not found'}, HTTPStatus.NOT_FOUND

        current_user = get_jwt_identity()
        if current_user == user.id:
            data = {
                'id': user.id,
                'username': user.username,
                'email': user.email,
            }
        else:
            data = {
                'id': user.id,
                'username': user.username
            }
        return data, HTTPStatus.OK
Esempio n. 25
0
    def getUserInfo(self):

        try:
            tables = self.getPdfTables(True, False)
        except PdfReadError as error:
            print(str(error) + ", Please check your password!")
            return None  # if password is incorrect function will return None
        userInfo = list()  # list of tables object
        userInfoStr = list()  # list of strings in tables objects
        userInfo = tables[0].df[0]
        for info in userInfo:
            if info == "":
                continue
            else:
                userInfoStr.append(str(info).replace(";", ""))

        Len = userInfoStr.__len__()  # length of userInfoStr

        # Email
        email = re.search("\w+@+\w+\.+\w+", userInfoStr[0])
        # print(email.group(0))

        # Name
        name = re.search("[a-zA-Z\s]+", userInfoStr[1])
        # print(name.group(0))

        # address
        address = ""
        for i in range(2, Len - 1):
            address = "".join([address, userInfoStr[i], " "])
        # print(address)

        # phone
        if re.search("\+", userInfoStr[Len - 1]):
            phone = re.search("\+\d{12}", userInfoStr[Len - 1])
        else:
            phone = re.search("\d{10}", userInfoStr[Len - 1])
        # print(phone.group(0))

        user = User(name.group(0), "", email.group(0), phone.group(0), address)
        self.user = user
Esempio n. 26
0
    def post(cls):

        data = cls.parser.parse_args()

        # no duplicate users with user names
        if User.find_by_username(data["username"]):
            return {
                "message": "A user with that username already exists..."
            }, 400

        connection = sqlite3.connect(db_name)
        cursor = connection.cursor()

        insert_query = "INSERT INTO Users VALUES (NULL, ?, ?)"
        cursor.execute(insert_query, (data["username"], data["password"]))

        connection.commit()
        connection.close()

        return {
            "message": "User Created Succesfully"
        }, 201  # create response Code
Esempio n. 27
0
    if not 200 < response.status_code < 300:
        response.raise_for_status()

    data = json.loads(response.text)
    return data


def example_get_chat_messages(user):
    response = get_user_chat_id(user.email)
    data = json.loads(response.text)
    chat_id = data['Id']

    response = get_chat_messages(user.id, chat_id, size=10)

    if not 200 < response.status_code < 300:
        response.raise_for_status()

    data = json.loads(response.text)
    return data


user_email = '*****@*****.**'
print(example_get_user_by_email(user_email))
user = User(example_get_user_by_email(user_email))
group_id = example_get_groups_of_user(user)
group = Group(example_get_group(user.id, group_id))
print(group)
result = example_send_push_notification(user)
print result
#result = example_post_new_card_with_impersonation(user, user.id)
#print(result)
Esempio n. 28
0
def usersignout():
    return User().signout()
 def get(self,id):
     user = User.find_user(id)
     User.delete(user)
     print("Kullanici silindi")
     return redirect(url_for("routes.admin_users"))
Esempio n. 30
0
def usersignup():
    return User().signup()
Esempio n. 31
0
def userlogin():
    return User().login()