def create_product(product, id_user):
# TODO : APPELEZ LA FONCTION get_open_request_cache dans OPen food facts utilities
product_info = requests.get(urlopenfoodfact.format(
product['id_ean'])).json()
if not "product" in product_info:
raise Exception("Erreur sur lors de la creation du produit")
name = product_info['product']['product_name_fr'][:100]
name_gen = product_info['product']['generic_name_fr'][:100]
new_product = Product(date_insert=datetime.datetime.now(),
date_update=datetime.datetime.now(),
expiration_date=product['expiration_date'],
status=0,
id_rfid=product['id_rfid'],
id_ean=product['id_ean'],
position=product['position'],
id_user=id_user,
product_name=name,
product_name_gen=name_gen)
try:
session.begin()
session.add(new_product)
session.commit()
except Exception as e:
session.rollback()
session.flush()
raise Exception("Erreur lors de la création du produit")
return new_product
def create_authorization_code(self, application, user, scope):
"""
Generate an authorization code for this application, entity, scope
:param APIOAuthApplicationModel application: An oauth application model
:param dict entity: Entity attached to this token
:rtype: APIOAuthTokenModel
"""
code = AccessToken(
app_id=application.id,
type='authorization_code',
token=uuid.uuid4().hex[:35],
date_insert=datetime.datetime.now(),
id_user=user.id,
expiration_date=datetime.datetime.now() + datetime.timedelta(weeks=2),
is_enable=1,
scopes=scope
)
try:
session.begin()
session.add(code)
session.commit()
except Exception as e:
session.rollback()
session.flush()
return HttpResponse(500).error(ErrorCode.DB_ERROR, e)
return code
def grant_password(self):
validator = HttpRequestValidator()
validator.throw_on_error(True)
validator.add_param('username', True)
validator.add_param('password', True)
if validator.verify():
username = self.__request.get_param('username')
username = username.lower()
user = session.query(User).filter(User.mail == username).first()
if user and user.is_active != 0 and user.password:
current_pw = user.password
password = self.__request.get_param('password')
if PasswordUtilities.check_password(password, current_pw):
scope = "user"
access_token = AccessToken(
app_id=self.application_id,
type='bearer',
token=uuid.uuid4().hex[:35],
date_insert=datetime.datetime.now(),
id_user=user.id,
expiration_date=arrow.now().shift(hours=+10).datetime,
is_enable=1,
scopes='user')
try:
session.begin()
session.add(access_token)
session.commit()
except Exception as e:
session.rollback()
session.flush()
return HttpResponse(500).error(ErrorCode.DB_ERROR, e)
refresh_token = RefreshToken(
app_id=self.application_id,
date_insert=datetime.datetime.now(),
token=uuid.uuid4().hex[:35],
is_enable=True,
access_token_id=access_token.id,
)
try:
session.begin()
session.add(refresh_token)
session.commit()
except Exception as e:
session.rollback()
session.flush()
return HttpResponse(500).error(ErrorCode.DB_ERROR, e)
return access_token, refresh_token
else:
raise Exception('Invalid username or password')
else:
raise Exception('Invalid username or password')
def create_user(request):
if not request:
abort(400)
verification = check_user_infos(request.json)
if verification is not None:
return HttpResponse(403).error(verification)
existing = session.query(User).filter(
User.mail == request.json['mail']).first()
if existing:
return HttpResponse(403).error(ErrorCode.MAIL_USED)
hashed = get_hashed_password(request.json['password'])
new_user = User(date_insert=datetime.datetime.now(),
date_update=datetime.datetime.now(),
is_active=1,
status=0,
gender=request.json['gender'],
lastname=request.json['lastname'],
firstname=request.json['firstname'],
mail=request.json['mail'],
password=hashed,
country=request.json['country'],
town=request.json['town'],
street=request.json['street'],
street_number=request.json['street_number'],
region=request.json['region'],
postal_code=request.json['postal_code'])
try:
session.begin()
session.add(new_user)
session.commit()
except Exception as e:
session.rollback()
session.flush()
return HttpResponse(500).error(ErrorCode.DB_ERROR, e)
app_id = session.query(AuthApplication).filter(
AuthApplication.project_id == "arlex-ccevqe").first().id
access_token = AccessToken(app_id=app_id,
type='bearer',
token=uuid.uuid4().hex[:35],
date_insert=datetime.datetime.now(),
id_user=new_user.id,
expiration_date=datetime.datetime.now() +
datetime.timedelta(weeks=2),
is_enable=1,
scopes="user")
try:
session.begin()
session.add(access_token)
session.commit()
except Exception as e:
session.rollback()
session.flush()
return HttpResponse(500).error(ErrorCode.DB_ERROR, e)
refresh_token = RefreshToken(
app_id=app_id,
date_insert=datetime.datetime.now(),
token=uuid.uuid4().hex[:35],
is_enable=True,
access_token_id=access_token.id,
)
try:
session.begin()
session.add(refresh_token)
session.commit()
except Exception as e:
session.rollback()
session.flush()
return HttpResponse(500).error(ErrorCode.DB_ERROR, e)
return HttpResponse(201).success(
SuccessCode.USER_CREATED, {
'id': new_user.id,
'access_token': access_token.token,
'refresh_token': refresh_token.token
})
def grant_authorization_code(self):
validator = HttpRequestValidator()
validator.throw_on_error(False)
validator.add_param('code', True)
validator.add_param('redirect_uri', True)
if not validator.verify():
raise Exception('Invalid code')
code = session.query(AccessToken).filter(
AccessToken.token == self.__request.get_param('code')).first()
if code is None or code.is_enable == 0:
raise Exception('Missing valid code')
info = {"is_enable": 0}
try:
session.begin()
session.query(AccessToken).filter(
AccessToken.id == code.id).update(info)
session.commit()
except Exception as e:
session.rollback()
session.flush()
return HttpResponse(500).error(ErrorCode.DB_ERROR, e)
if str(code.app_id) != str(self.application_id):
raise Exception('Code does not match your app_id.')
user = self.get_user(code.id_user)
if not user or user.is_active == 0:
raise Exception('Cannot authorize. Account is disabled.')
access_token = AccessToken(
app_id=self.application_id,
type='Bearer',
token=uuid.uuid4().hex[:35],
date_insert=datetime.datetime.now(),
id_user=user.id,
expiration_date=arrow.now().shift(hours=+10).datetime,
is_enable=1,
scopes="user")
try:
session.begin()
session.add(access_token)
session.commit()
except Exception as e:
session.rollback()
session.flush()
return HttpResponse(500).error(ErrorCode.DB_ERROR, e)
refresh_token = RefreshToken(
app_id=self.application_id,
date_insert=datetime.datetime.now(),
token=uuid.uuid4().hex[:35],
is_enable=True,
access_token_id=access_token.id,
)
try:
session.begin()
session.add(refresh_token)
session.commit()
except Exception as e:
session.rollback()
session.flush()
return HttpResponse(500).error(ErrorCode.DB_ERROR, e)
return access_token, refresh_token