def __init__(self): self.p1 = Protein(1, "p1", "P1", 1, -1) self.p2 = Protein(2, "p2", "P2", 1, -1) self.p3 = Protein(3, "p3", "P3", 2, -1) self.p4 = Protein(4, "p4", "P4", 1, -1) self.pg1 = ProteinGroup(1, "g1", [], {self.p1, self.p2}) self.pg2 = ProteinGroup(2, "g2", [], {self.p1, self.p3, self.p4}) self.pg3 = ProteinGroup(3, "g3", [self.pg1]) self.pg4 = ProteinGroup(4, "g4", [self.pg1, self.pg2, self.pg3]) self.ug1 = UserGroup(1, "all", {}, [(self.pg1, 0x01)]) self.ug2 = UserGroup(2, "jr", {self.ug1}, []) self.ug3 = UserGroup(3, "ys", {self.ug1}, [(self.pg2, 0x06), (self.pg3, 0x02)]) self.u1 = User(1, "jrenggli", "[email protected]", 42, {self.ug2}) self.u2 = User(2, "yschaerli", "[email protected]", 8282, {self.ug2, self.ug3})
def resetpass(token): try: email = timed_serializer.loads(token, salt=conf.email_salt, max_age=7200) except Exception as e: return "Could not parse token" if not string_validator.is_valid_email(email): return "Invalid email" user = User(email=email) if user.verify_token != token: return "Invalid token" if request.method == 'POST': if request.form['password'] != request.form['password2']: return render_template('signup.html', sitekey=conf.recaptcha_sitekey, server_error="Passwords do not match!") else: user.new_password(request.form['password']) user.verify_token = "" user.update() return redirect("/login", code=302) else: if user.hash is not None: return render_template('resetpass.html', user_token=token) else: return "Invalid token"
def register(): if request.method == 'POST': request_json = request.get_json() name = request_json.get('name') email = request_json.get('email') if User.query.filter_by(email=email).first(): return jsonify( {'message': 'The email has already been registered'}), 401 password = request_json.get('password') role = request_json.get('role') company_code = request_json.get('company_code') user_public_id = str(uuid.uuid4()) user = User(user_public_id, name, email, role, company_code) user.hash_password(password) try: db.session.add(user) db.session.commit() access_token = create_access_token(identity=user.email) refresh_token = create_refresh_token(identity=user.email) response_object = {} response_object[ 'message'] = 'Register of {} was Successful'.format(user.email) response_object['access_token'] = access_token response_object['refresh_token'] = refresh_token return jsonify(response_object), 200 except: return jsonify({'message': 'Something went wrong'}), 500
def register(): if request.method == 'GET': return render_template('register.html') else: data = urllib.parse.unquote(request.data.decode('utf-8')).split('&') data = [d.split('=')[1] for d in data] username = data[0] password = data[1] if user.exists(username): return "false" else: # Username is unique # The account gets added to the database u = User() pw_hash, salt = user.hash_password(password) u.username = username u.password_hash = pw_hash u.salt = salt user.add(u) return "true"
def add_user(cls, username: str, password: str, is_admin: bool) -> bool: """Add user to system""" user = User() user.username = username user.password = cls.__password_encryption(password) user.is_admin = is_admin return user.save() == 1
def initiate_reset(self, data): # Validate data needed = ["email", "password"] for item in needed: if item not in data: return False if data["password"]: # Attempt to keep bots at bay return False # Find user email = data["email"].lower() cursor = self.__database.cursor() # Send mail for row in cursor.execute(self.__user_select + "WHERE email=?", (email, )): user = User(*row) assert user translator = user.get_dictionary() timeout = int(translator.get("_reset_expiration_user_")) (sid, expires) = self.__create_session(exp_minutes=timeout) cursor.execute(self.__session_insert, (sid, email, self.SESSION_RESET, expires)) logging.debug("Initiate reset for " + email) mail = Email(user.get_email(), translator, "_reset_subject_") variables = {"__reset_link": sid, "__name": user.get_name()} mail.load_body("reset", variables) mail.run() self.__database.commit() return True logging.debug("Reset failed") return False
def post(self, payload): """Create a new user. Only authenticating user can post User ID is defined by the verified subject in the access token """ logger.info(f"POST request to create user " f"{payload['sub']} from {request.remote_addr}") message = "" try: user = User(**api.payload) user.id = payload['sub'] api.payload['id'] = payload['sub'] user.insert() code = 201 except ValueError as e: code = 422 message = str(e) except IntegrityError: code = 422 message = "Cannot add to existing user. " \ "Use Patch request instead" except Exception as e: logger.debug(e) code = 400 message = "The request data format is not valid" if code != 201: abort(code, message) return api.payload, 201
def callback(): # Get authorization code Google sent back to you code = request.args.get("code") # Find out what URL to hit to get tokens that allow you to ask for things on behalf of a user google_provider_cfg = get_google_provider_cfg() token_endpoint = google_provider_cfg["token_endpoint"] # Prepare and send a request to get tokens token_url, headers, body = client.prepare_token_request( token_endpoint, authorization_response=request.url, redirect_url=request.base_url, code=code) token_response = requests.post( token_url, headers=headers, data=body, auth=(GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET), ) # Parse the tokens client.parse_request_body_response(json.dumps(token_response.json())) # Now that you have tokens let's find and hit the URL # from Google that gives you the user's profile information, # including their Google profile image and email userinfo_endpoint = google_provider_cfg["userinfo_endpoint"] uri, headers, body = client.add_token(userinfo_endpoint) userinfo_response = requests.get(uri, headers=headers, data=body) # You want to make sure their email is verified. # The user authenticated with Google, authorized your # app, and now you've verified their email through Google! if userinfo_response.json().get("email_verified"): unique_id = userinfo_response.json()["sub"] users_email = userinfo_response.json()["email"] picture = userinfo_response.json()["picture"] users_name = userinfo_response.json()["given_name"] else: return "User email not available or not verified by Google.", 400 # Create a user in your db with the information provided by Google user = User(id_=unique_id, name=users_name, email=users_email, profile_pic=picture) # Doesn't exist? Add it to the database. if not User.get(unique_id): User.create(unique_id, users_name, users_email, picture) new_user = True return new_user # Begin user session by logging the user in login_user(user, remember=True, duration=timedelta(days=30)) # Send user back to homepage return redirect(url_for("home"))
def insert_user(username, state): session = Session() user = User(username, state) res = session.query(User).filter(User.name == username).all() if len(res) < 1: session.add(user) session.commit() session.close() else: print('User already exists')
def user_rules(): if not session.get('logged_in'): return jsonify({"status": False}) user = User(session['user_email']) resp = {} resp['rules'] = rules.fill_rules(user.get_rules()) resp['days'] = user.get_days() return jsonify(resp)
def last_report(): if not session.get('logged_in'): return redirect("/login", code=302) user = User(email=session['user_email']) if user: return render_template('last_report.html', last_scored_reports=user.last_scored_list, last_unscored_reports=user.last_unscored_list) else: return "ERROR: User not found!"
def forgot(): if request.method == 'POST': if not string_validator.is_valid_email(request.form['email']): return render_template('forgot.html', sitekey=conf.recaptcha_sitekey, server_error="Invalid email address") else: # Captcha if conf.recaptcha_sitekey and conf.recaptcha_secret: captcha_response = request.form['g-recaptcha-response'] captcha_verify = requests.post( 'https://www.google.com/recaptcha/api/siteverify', data={ 'secret': conf.recaptcha_secret, 'response': captcha_response }) captcha_verify_json = json.loads(captcha_verify.text) if captcha_verify_json['success'] is False: return render_template('forgot.html', sitekey=conf.recaptcha_sitekey, server_error="Captcha failure") user = User(email=request.form['email']) if user.hash is None: return render_template('forgot.html', sitekey=conf.recaptcha_sitekey, server_error="Account not found") verify_token = timed_serializer.dumps(user.email, salt=conf.email_salt) url = conf.domain + "/resetpass/" + verify_token user.verify_token = verify_token user.update() render_map = { "url": url, } send_email("forget_email.html", "VulnFeed Password Reset", render_map, user.email) return render_template( 'forgot.html', sitekey=conf.recaptcha_sitekey, success_message= "A password recover email has been sent to your email address") else: return render_template('forgot.html', sitekey=conf.recaptcha_sitekey)
def test_eq(self): """ Equals method """ web1 = Web("test") web2 = Web("test") web3 = Web("na") user = User("test") self.assertEqual(web1, web2) self.assertNotEqual(web1, web3) self.assertNotEqual(web1, user) self.assertNotEqual(web1, None)
async def register(self, ctx): if ctx.channel.id == self.channel_id: try: user = User.objects(name=str(ctx.author)).get() response = f'{user.name} of level {user.level} exists!!' await ctx.channel.send(response) except DoesNotExist: user = User(name=str(ctx.author), level=1) user.save() response = f'{user.name} created with level {user.level}. Have fun!!' await ctx.channel.send(response)
def update_user_rules(): if not session.get('logged_in'): return jsonify({"status": False}) user = User(session['user_email']) # try: new_config = request.get_json() user.set_rules(new_config['rules']) user.set_days(new_config['days']) user.update() return jsonify({"status": True})
def register(): form = RegisterForm() if request.method == 'POST': print(config.database_uri()) for u in User.query.all(): print(u.username) password = randomStringwithDigits() new_user = User(username=form.email.data, email=form.email.data, password=generate_password_hash(password, method='sha256')) try: db.session.add(new_user) db.session.commit() mail_to = form.email.data mail_from = config.mail_from() content = render_template('mail/register.html', username=form.email.data, password=password) message = create_mail(mail_to, mail_from, content) try: sg = SendGridAPIClient(config.mail_sengrid_api_key()) response = sg.send(message) except Exception as e: print(e.message) return render_template( "main.html", form=form, error='User created but message can not be sent', ezeeai_url=config.ezeeai_url()) return render_template("finish.html", mail=form.email.data, ezeeai_url=config.ezeeai_url()) except IntegrityError: return render_template( "main.html", form=form, error='Email is already used. Check your inbox. ', ezeeai_url=config.ezeeai_url()) except Exception: print(e.message) return render_template("main.html", form=form, error='User not created. Please try again', ezeeai_url=config.ezeeai_url()) return render_template("finish.html", mail=None, ezeeai_url=config.ezeeai_url())
def create_user(user_id: int, username: str, language: str, chat_id: str) -> User: user = User(telegram_id=str(user_id), username=username, language=language, chat_id=chat_id) try: user.save() except: print("error in create user") return user
def update_status(username, state): session = Session() res = session.query(User).filter(User.name == username).all() if len(res) < 1: user = User(username, state) session.add(user) session.commit() session.close() if len(res) == 1: user = session.query(User).filter(User.name == username).first() user.state = state session.commit() session.close()
async def create_user(user_signup: UserSignup): print("SIGNING UP") email = user_signup.email try: usr = User.objects.get({'_id': email}) if usr: raise HTTPException(status_code=400, detail="email already in use") except DBerrors.DoesNotExist: # hash password user_signup.password = pwd_context.hash(user_signup.password) # save new user User(email=user_signup.email, name=user_signup.name, password=user_signup.password).save() return "user created"
def login(): if request.method == 'POST': if address_failed_login(request.remote_addr): return render_template( 'login.html', server_error= "You have exceeded the number of fail logins. Try again later") user_email = request.form['email'] if not string_validator.is_valid_email(user_email): session['logged_in'] = False session['user_email'] = "" message = "Incorrect user/password" message = "" user = User(email=user_email) if user.login(request.form['password']) and user.is_confirmed(): session['logged_in'] = True session['user_email'] = user_email clear_failed_login(request.remote_addr) session['csrftoken'] = serializer.dumps(binascii.hexlify( os.urandom(128)).decode('utf-8'), salt=conf.email_salt) if user.feed_id is None: user.generate_feed_id() user.update() return redirect("/", code=302) # User doesn't exist elif user.hash == None: session['logged_in'] = False session['user_email'] = "" message = "Incorrect user/password" # User is not confirmed elif not user.is_confirmed(): session['logged_in'] = False session['user_email'] = "" message = "You have not verified your email address" else: session['logged_in'] = False session['user_email'] = "" message = "Incorrect user/password" return render_template('login.html', server_error=message) else: return render_template('login.html')
def login(): if request.method == 'POST': message = "" user = User(request.form['email']) if user.login(request.form['password']): session['logged_in'] = True session['user_email'] = request.form['email'] return redirect("/", code=302) else: session['logged_in'] = False session['user_email'] = "" message = "Incorrect user/password" return render_template('login.html', server_error=message) else: return render_template('login.html')
def register(): if not request.is_json: return jsonify({"msg": "Missing JSON in request"}), 400 username = request.json.get('username', None) password = request.json.get('password', None) if not username: return jsonify({"msg": "Missing username parameter"}), 400 if not password: return jsonify({"msg": "Missing password parameter"}), 400 with orm.db_session(): hashed_passwd = hash_password(username, password) User(username=username, password=hashed_passwd) orm.commit() return jsonify(result="User registered"), 200
def find_user(self, data): # Validate data needed = ["email", "password", "password_bis"] for item in needed: if item not in data: return None, None if data["password_bis"]: # Attempt to keep bots at bay return None, None email = data["email"].lower() password = data["password"] cursor = self.__database.cursor() # Verify the registration was activated for _ in cursor.execute( self.__session_select + "WHERE email = ? AND state = ?", (email, self.SESSION_REGISTER)): logging.warning("Not activated yet") return None, None #find id + salt for info_row in cursor.execute( "SELECT rid, salt FROM Users \ WHERE email = ?", (email, )): (pwd_salt, pwd_hash) = self.__hash(info_row[1], password) for row in cursor.execute( self.__user_select + "WHERE rid = ? AND password = ?", (info_row[0], pwd_hash)): user = User(*row) # Remove all existing sessions of this user cursor.execute("DELETE FROM Sessions WHERE email = ?", (email, )) # Create a new session (sid, expires) = self.__create_session(7) cursor.execute(self.__session_insert, (sid, email, self.SESSION_STANDARD, expires)) self.__database.commit() return user, Cookie("session", "{1}".format(email, sid), expires) return None, None
def register(): body = request.get_json() errors = register_schema.validate(body) if errors: return jsonify({'error': errors}), 400 user = User(**body) user.hash_password() user.email_verification_token = random_str() # Create default project for user # INSERT INTO project (name) VALUES (%s) # INSERT INTO user (...) VALUES () # INSERT INTO user_project (user_id, project_id, `role`) VALUES (%s, %s, %s) project = Project(name='First project') user_project = UserProject(user=user, project=project, role=UserProjectRole.ADMIN) project.user_project.append(user_project) db.session.add(user) db.session.commit() welcome_email(user) return jsonify(user_schema.dump(user)), 201
def find_session(self, cookie): if cookie.name().lower() == "session": sid = cookie.value() cursor = self.__database.cursor() for s_row in cursor.execute( self.__session_select + "WHERE eid=? AND state=?", (sid, self.SESSION_STANDARD)): # Verify expiration (expires, state, email) = self.__load_session(s_row) if expires < datetime.now(): cursor.execute("DELETE FROM Sessions WHERE eid = ?", (sid, )) self.__database.commit() return None for row in cursor.execute( self.__user_select + "WHERE email = ?", (s_row[2], )): return User(*row) return None
def profile(): if not session.get('logged_in'): return redirect("/login", code=302) user = User(email=session['user_email']) raw_data = json.dumps(user.get_minimized_raw(), indent=4, separators=(',', ': ')) user_rules = rules.get_rules(user=user.id) return render_template( 'profile.html', email=user.email, last_status=user.last_status, rule_count=len(user.get_rules()), last_sent=user.get_last_run_date().strftime('%m/%d/%Y'), my_rules=user_rules, raw_profile=raw_data, feed_id=user.feed_id)
def verify(token): try: email = timed_serializer.loads(token, salt=conf.email_salt, max_age=86400) except Exception as e: return "Could not parse token" if not string_validator.is_valid_email(email): return "Invalid email" user = User(email=email) if user.hash is not None and user.verify_token == token: user.set_confirmed() user.verify_token = "" user.update() return render_template( 'success_to_login.html', message="Your address has been verified. You can now login!") else: return "Invalid token"
def update_user_rules(): if not session.get('logged_in'): return jsonify({"status": False}) user = User(email=session['user_email']) try: new_config = request.get_json() user.set_rules(new_config['rules']) user.set_days(new_config['days']) try: serializer.loads(new_config['csrftoken'], salt=conf.email_salt) except Exception as e: return "Could not parse CSRF token" if new_config['csrftoken'] != session['csrftoken']: return jsonify({"status": True}) user.update() return jsonify({"status": True}) except Exception as e: print(e) return jsonify({"status": False})
def login(): if address_failed_login(request.remote_addr): return render_template( 'login.html', server_error= "You have exceeded the number of fail logins. Try again later") if request.method == 'POST': message = "" user = User(request.form['email']) if user.login(request.form['password']): session['logged_in'] = True session['user_email'] = request.form['email'] clear_failed_login(request.remote_addr) return redirect("/", code=302) else: session['logged_in'] = False session['user_email'] = "" message = "Incorrect user/password" return render_template('login.html', server_error=message) else: return render_template('login.html')
def delete(): if not session.get('logged_in'): return redirect("/login", code=302) user = User(email=session['user_email']) if request.method == 'POST': if 'delete_token' in request.form: try: serializer.loads(request.form['delete_token'], salt=conf.email_salt) except Exception as e: return "Could not parse token" if request.form['delete_token'] == session['csrftoken']: user.delete() del user return redirect("/logout", code=302) else: return "Nope" else: return render_template('delete.html', delete_token=session['csrftoken'])