def login(username: str = Body(...),
password: str = Body(...),
db: Session = Depends(get_db)):
try:
user = db.query(Users).filter(Users.username == username).first()
if user and verify_password(password, user.password):
access_token_expires = timedelta(minutes=60 * 24 * 8)
auth_token = create_access_token(
data={"user_uuid": str(user.uuid)},
expires_delta=access_token_expires)
if auth_token:
return {
"access_token": auth_token.decode(),
"message": "Successfully registered.",
"status": "Success",
"user": user.to_json()
}
else:
return 500
else:
return 404
except Exception as e:
db.rollback()
print(e)
return 500
finally:
db.close()
def login(data: Login, db: Session = Depends(get_db)):
user_info = WxUserInfo(**data.user_info)
oid = openid.get(data.js_code)
user = crud_user.get_by_oid(db=db, oid=oid)
# 若昵称不同则更新昵称
if user and user.nickname != user_info.nickName:
user.nickname = user_info.nickName
db.commit()
# 若未找到用户则创建
if not user:
user = crud_user.create(db=db,
obj_input=UserCreate(
oid=oid, nickname=user_info.nickName))
print(f'user {user.oid} created')
if not user.is_active:
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN,
detail='未激活用户')
print(f'user {user.oid} logged in')
access_token_expires = timedelta(
minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
return {
'access_token':
create_access_token(data={'openid': oid},
expires_delta=access_token_expires),
'token_type':
'bearer',
'is_superuser':
user.is_superuser
}
async def login_access_token(
async_db: Database = Depends(get_async_db),
db: Session = Depends(get_db),
form_data: OAuth2PasswordRequestForm = Depends(),
):
"""
OAuth2 compatible token login, get an access token for future requests
"""
user = await user_crud.authenticate(async_db,
email=form_data.username,
password=form_data.password)
if not user:
raise HTTPException(status_code=400,
detail="Incorrect email or password")
elif not user_crud.is_active(user):
raise HTTPException(status_code=400, detail="Inactive user")
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
return {
"access_token":
create_access_token(data={"user_id": user.id},
expires_delta=access_token_expires),
"token_type":
"bearer",
}
def login_access_token(
db: Session = Depends(get_db),
credentials: HTTPBasicCredentials = Depends(security)
):
user = crud.user.authenticate(
db, email=credentials.username, password=credentials.password
)
if not user:
raise HTTPException(
status_code=400, detail="Incorrect email or password"
)
elif not crud.user.is_active(user):
raise HTTPException(status_code=400, detail="Inactive user")
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES
)
token = create_access_token(
data={"user_id": user.id, "user_email": user.email},
expires_delta=access_token_expires
)
return {
"access_token": token,
"token_type": "bearer",
"expires_in": config.ACCESS_TOKEN_EXPIRE_MINUTES * 60
}
def user_login(*, user_in: UserLogin):
"""
用户登陆借口
:param user_in:
:return:
"""
if not user_in.username and not user_in.email and not user_in.mobile:
return fail_response('必须使用用户名、电子邮箱和手机号码中的其中一种方式登陆')
elif user_in.username:
user = User.select().where(User.username == user_in.username)
elif user_in.mobile:
user = User.select().where(User.mobile == user_in.mobile)
else:
user = User.select().where(User.email == user_in.email)
if user:
login_user = user.first()
if login_user.verify_password(user_in.password):
token_expire_timedelta = timedelta(
minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
user_id = login_user.uuid.hex
redis_key = f'Token_{user_id}'
access_token = create_access_token(
data={'user_id': user_id},
expires_delta=token_expire_timedelta)
redis_client.set(redis_key,
access_token,
ex=token_expire_timedelta)
return success_response({
'access_token': access_token,
"token_type": "bearer"
})
return fail_response('用户名、电子邮箱、手机号码或密码错误')
async def login_access_token(*,
db: AsyncIOMotorClient = Depends(get_db),
data: LoginOAuth):
"""
OAuth2 compatible token login, get an access token for future requests
"""
user = await broker_crud.authenticate(db,
email=data.email,
password=data.password)
if not user:
return Response(json.dumps({
"messageCode": codes['validation'],
"message": ptBr['eIncorrectDataLogin']
}),
status_code=401)
user_response = {
"id": str(user.id),
"first_name": user.first_name,
"last_name": user.last_name,
"email": user.email
}
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
return {
"access_token":
create_access_token(data={
"user_data": user_response,
},
expires_delta=access_token_expires),
"token_type":
"bearer",
}
def login_access_token(db: Session = Depends(get_db),
form_data: OAuth2PasswordRequestForm = Depends()):
"""
OAuth2 compatible token login, get an access token for future requests
"""
user = crud.user.authenticate(db,
email=form_data.username,
password=form_data.password)
if not user:
raise HTTPException(status_code=400,
detail="Incorrect email or password")
elif not crud.user.is_active(user):
raise HTTPException(status_code=400, detail="Inactive user")
access_token_expires = timedelta(
minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
logger.debug(f"New user login with scopes: {form_data.scopes}")
return {
"access_token":
create_access_token(data={
"sub": user.id,
"scopes": form_data.scopes
},
expires_delta=access_token_expires),
"token_type":
"bearer",
}
def login_acess_token(
db: Session = Depends(get_db),
form_data: OAuth2PasswordRequestForm = Depends()
):
"""
OAuth2 compatible token login, get an access token for future requests
"""
user = crud.user.authenticate(
db, email=form_data.username, password=form_data.password
)
if not user:
raise HTTPException(
status_code=HTTP_401_UNAUTHORIZED,
detail="Incorrect username or password",
headers={"WWW-Authenticate": "Bearer"},
)
elif not crud.user.is_active(user):
raise HTTPException(status_code=400, detail='Inactive user')
access_token_expires = timedelta(minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
return {
'access_token': create_access_token(
data={'user_id': user.id}, expires_delta=access_token_expires
),
'token_type': 'bearer',
}
async def login(user: OAuth2PasswordRequestForm = Depends(), db: AsyncIOMotorClient = Depends(get_database)):
dbuser = await get_user(db, email=user.username, mobile=user.username)
if not dbuser or not dbuser.check_password(user.password):
raise HTTPException(
status_code=HTTP_400_BAD_REQUEST, detail="用户名或密码错误"
)
logger.info(dbuser.id)
token = create_access_token(data={"id": dbuser.id})
# swaggerui 要求返回此格式
return TokenResponse(access_token=token)
def register(*, db: Session = Depends(get_db), data: CustomerCreate):
customer = customer_repo.get_by_email(db, data.email)
if customer:
raise HTTPException(status_code=400,
detail='A user with this email already exists')
customer = customer_repo.create(db, obj=data)
payload = {'customer_id': customer.id}
access_token = create_access_token(data=payload)
return {'access_token': access_token, 'token_type': 'bearer'}
def login(db: Session = Depends(get_db),
form_data: OAuth2PasswordRequestForm = Depends()):
customer = customer_repo.authenticate(db,
email=form_data.username,
password=form_data.password)
if not customer:
raise HTTPException(status_code=400,
detail='Incorrect email or password')
payload = {'customer_id': customer.id}
access_token = create_access_token(data=payload)
return {'access_token': access_token, 'token_type': 'bearer'}
async def login(user: UserInLogin = Body(..., embed=True),
db: DataBase = Depends(get_database)):
async with db.pool.acquire() as conn:
dbuser = await get_user_by_email(conn, user.email)
if not dbuser or not dbuser.check_password(user.password):
raise HTTPException(status_code=HTTP_400_BAD_REQUEST,
detail="Incorrect email or password")
access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
token = create_access_token(data={"username": dbuser.username},
expires_delta=access_token_expires)
return UserInResponse(user=User(**dbuser.dict(), token=token))
def register(username: str = Body(...),
email: str = Body(...),
password: str = Body(...),
name: str = Body(...),
optIn: bool = Body(...),
db: Session = Depends(get_db)):
try:
user = db.query(Users).filter(Users.email == email).first()
if not user:
# check user has valid login in CCB
req = {
'username': username,
'password': password,
'keep_me_logged_in': True
}
res = requests.post('https://thirdave.ccbchurch.com/api/login',
json=req)
if res.status_code == 200:
# add new user to db
new_user = Users(username=username,
email=email,
name=name,
password=get_password_hash(password),
wants_emails=optIn)
db.add(new_user)
db.commit()
db.refresh(new_user)
# generate auth token
access_token_expires = timedelta(minutes=120 * 24 * 8)
auth_token = create_access_token(
data={"user_uuid": str(new_user.uuid)},
expires_delta=access_token_expires)
return {
"access_token": auth_token.decode(),
"message": "Successfully registered.",
"status": "Success",
"user": new_user.to_json()
}
else:
return 404
else:
return 400
except Exception as e:
print(e)
db.rollback()
return 500
finally:
db.close()
async def register(user: UserInCreate = Body(..., embed=True),
db: DataBase = Depends(get_database)):
async with db.pool.acquire() as conn:
await check_free_username_and_email(conn, user.username, user.email)
async with conn.transaction():
dbuser = await create_user(conn, user)
access_token_expires = timedelta(
minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
token = create_access_token(data={"username": dbuser.username},
expires_delta=access_token_expires)
return UserInResponse(user=User(**dbuser.dict(), token=token))
def register(
*,
db: Session = Depends(get_db),
user_in: UserCreate
):
created_user = crud.user.create(db, user_in=user_in)
access_token_expires = timedelta(minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
return {
"access_token": create_access_token(
data={"user_id": created_user.id, "role": None}, expires_delta=access_token_expires
),
"token_type": "bearer",
}
def user_login_access_token(data: Login, db: Session = Depends(get_db)):
"""
OAuth2 compatible token login, get an access token for future requests
"""
user = user_authenticate(db, email=data.email, password=data.password)
if not user:
raise HTTPException(status_code=400,
detail="Incorrect email or password")
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
return {
"access_token":
create_access_token(data={"user_id": user.id},
expires_delta=access_token_expires)
}
async def access_token(user: UserInLogin) -> Token:
found_user = await find_user_by_email(user.username)
if found_user is None or not check_password(found_user, user.password):
raise HTTPException(status_code=HTTP_401_UNAUTHORIZED,
detail="Incorrect email or password")
access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
token, expire = create_access_token(data={"username": user.username},
expires_delta=access_token_expires)
return Token(access_token=token,
name=found_user.name,
token_type=JWT_TOKEN_PREFIX,
expire=expire)
async def register(
# user: UserInCreate = Body(..., embed=True),
user: UserInCreate = Body(..., embed=True),
db: AsyncIOMotorClient = Depends(get_database)):
await check_free_username_and_email(db, user.username, user.email)
async with await db.start_session() as s:
async with s.start_transaction():
db_user = await create_user(db, user)
access_token_expires = timedelta(
minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
token = create_access_token(
data={"username": db_user.username},
expires_delta=access_token_expires,
)
return UserInResponse(user=User(**db_user.dict(), token=token))
async def login(
form_data: OAuth2PasswordRequestForm = Depends(),
db: AsyncIOMotorClient = Depends(get_database)
):
user = await crud_get_user_by_username(db, form_data.username)
if not user or not user.check_password(form_data.password):
raise HTTPException(
status_code=HTTP_400_BAD_REQUEST, detail="Incorrect username or password"
)
access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
token = create_access_token(
data={"username": user.username}, expires_delta=access_token_expires
)
return {'access_token': token, 'token_type': 'bearer'}
def login_access_token(
*, db: Session = Depends(get_db), email: str, hash_password: str
):
"""
OAuth2 compatible token login, get an access token for future requests
"""
user = crud.user.authenticate(
db, email=email, password_hash=hash_password
)
if not user:
raise HTTPException(status_code=400, detail="Incorrect email or password")
access_token_expires = timedelta(minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
return {
"access_token": create_access_token(
data={"user_id": user.id, "role": user.role}, expires_delta=access_token_expires
),
"token_type": "bearer",
}
def owner_login_access_token(data: Login, db: Session = Depends(get_db)):
"""
OAuth2 compatible token login for owners, get an access token for future requests
"""
owner = owner_authenticate(db, email=data.email, password=data.password)
if not owner:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Incorrect email or password",
headers={"WWW-Authenticate": "Bearer"},
)
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
return {
"access_token":
create_access_token(data={"owner_id": owner.id},
expires_delta=access_token_expires)
}
def route_login_access_token(form_data: OAuth2PasswordRequestForm = Depends()):
"""
OAuth2 compatible token login, get an access token for future requests
"""
bucket = get_default_bucket()
user = authenticate_user(bucket, form_data.username, form_data.password)
if not user:
raise HTTPException(status_code=400,
detail="Incorrect email or password")
elif not check_if_user_is_active(user):
raise HTTPException(status_code=400, detail="Inactive user")
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
return {
"access_token":
create_access_token(data={"username": form_data.username},
expires_delta=access_token_expires),
"token_type":
"bearer",
}
async def register(email: EmailStr = Body(...), code: str = Body(...), password: str = Body(...),
db: AsyncIOMotorClient = Depends(get_database), rd: Redis = Depends(get_redis_database)):
await check_free_username_and_email_mobile(db, email=email)
# code 从redis校验邮箱验证码
if code != rd.get(email):
raise HTTPException(
status_code=HTTP_400_BAD_REQUEST, detail="验证码错误"
)
# 组装默认参数,create_user只管insert
user = UserInCreate(password=password,
username='******'.format(int(time.time() * 1000)),
email=email,
channel=_ChannelEnum.RG,
role=[1],
thumb='https://www.baidu.com/img/flexible/logo/pc/result.png',
activated=True)
dbuser = await create_user(db, user)
token = create_access_token(data={"id": dbuser.id})
return UserInResponse(user=User(**dbuser.dict(), token=token))
def login_access_token(
db_session: Session = Depends(get_db),
form_data: OAuth2PasswordRequestForm = Depends(),
):
"""
NOTE:
Using the dependency class `OAuth2PasswordRequestForm`
creates the following Form request parameters for the endpoint:
- grant_type: the OAuth2 spec says it is required and MUST be the fixed string "password".
Nevertheless, this dependency class is permissive and allows not passing it.
If you want to enforce it, use instead the OAuth2PasswordRequestFormStrict dependency.
- username: username string.
The OAuth2 spec requires the exact field name "username".
- password: password string.
The OAuth2 spec requires the exact field name "password".
- scope: Optional string.
Several scopes (each one a string) separated by spaces.
E.g. "items:read items:write users:read profile openid"
- client_id: optional string.
OAuth2 recommends sending the client_id and client_secret (if any)
using HTTP Basic auth, as: client_id:client_secret
- client_secret: optional string.
OAuth2 recommends sending the client_id and client_secret (if any)
using HTTP Basic auth, as: client_id:client_secret
"""
user = crud.user.authenticate(db_session, user_email=form_data.username)
if not user:
raise HTTPException(status_code=400,
detail="Incorrect email or password")
access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
return {
"access_token":
create_access_token(payload={"user_id": user.id},
expires_delta=access_token_expires),
"token_type":
"bearer",
}
def login_access_token(form_data: OAuth2PasswordRequestForm = Depends()
) -> Token:
"""
OAuth2 compatible token login, get an access token for future requests
"""
user = crud.user.authenticate(username=form_data.username,
password=form_data.password)
if not user:
raise HTTPException(status_code=400,
detail="Incorrect email or password")
elif not crud.user.is_active(user):
raise HTTPException(status_code=400, detail="Inactive user")
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
return {
"access_token":
create_access_token(data={"username": user.Username},
expires_delta=access_token_expires),
"token_type":
"bearer",
}
def login_access_token(form_data: OAuth2PasswordRequestForm = Depends()):
"""
OAuth2 compatible token login, get an access token for future requests
"""
user = crud.user.authenticate(email=form_data.username,
password=form_data.password)
if not user:
raise HTTPException(status_code=400,
detail="Incorrect email or password")
elif not crud.user.is_active(user):
raise HTTPException(status_code=400, detail="Inactive user")
access_token_expires = timedelta(
minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
return {
"access_token":
create_access_token(
data={"user_id": str(user.id)},
expires_delta=access_token_expires, # TODO add scopes from db tariff
),
"token_type":
"Bearer",
}
def create_user_open(*,
db: Session = Depends(get_db),
user_create: OrganizerCreate):
"""
Create new user without the need to be logged in.
"""
if not config.USERS_OPEN_REGISTRATION:
raise HTTPException(
status_code=403,
detail="Open user resgistration is forbidden on this server",
)
user = crud.organizer.get_by_email(db, email=user_create.email)
if user:
raise HTTPException(
status_code=400,
detail="The user with this username already exists in the system",
)
user = crud.organizer.create(db, user_in=user_create)
return {
"access_token": create_access_token(data={"user_id": user.id}),
"token_type": "bearer"
}
def create_user_access_token(
db: Session = Depends(get_db), *, user: UserLogin):
user = crud.user.authenticate(db,
username=user.username,
password=user.password)
if not user or not crud.user.is_active(user):
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED,
detail="Incorrect user")
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
access_token_result = {
"access_token":
create_access_token(data={"user_id": user.id},
expires_delta=access_token_expires),
"token_type":
"bearer",
"expires_in":
access_token_expires.total_seconds()
}
return dict(result=access_token_result)
def login_access_token(*, db: Session = Depends(get_db), data: LoginOAuth):
"""
OAuth2 compatible token login, get an access token for future requests
"""
user = authenticate(db,
email_or_username=data.username,
password=data.password)
if not user:
return Response(json.dumps({
"messageCode": codes['validation'],
"message": ptBr['eIncorrectDataLogin']
}),
status_code=422)
if not is_active(user):
return Response(json.dumps({
"messageCode": codes['db'],
"message": ptBr['eUserNotActive']
}),
status_code=401)
user_response = {
"id": str(user.id),
"username": user.username,
"full_name": user.full_name,
"email": user.email,
"is_superuser": user.is_superuser
}
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
return {
"access_token":
create_access_token(data={
"user_data": user_response,
},
expires_delta=access_token_expires),
"token_type":
"bearer",
}
async def login_access_token(
*,
form_data: OAuth2PasswordRequestForm = Depends(),
uow: UnitOfWork = Depends(get_uow)
) -> tp.Mapping[str, str]:
"""OAuth2 compatible token login.
Acquires an access token to be used for future requests.
Parameters
----------
form_data : OAuth2PasswordRequestForm
The OAuth2 request form data to use.
uow : UnitOfWork
The unit of work object to use.
Returns
-------
Mapping[str, str]
A mapping of access token data.
Raises
------
APIException
If the user could not be logged or is not an active user.
"""
user = uow.user.authenticate(form_data.username, form_data.password)
if not user:
raise APIError("Invalid username or password")
elif not user.is_active:
raise APIError("Inactive user")
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
access_token = create_access_token({"user_id": user.uid},
expires_delta=access_token_expires)
return {'accessToken': access_token, 'tokenType': "bearer"}
