def secure_function(*args, **kwargs):
id = get_jwt_identity()
user = UserModel.find_user(get_jwt_identity(
)) # get the identity from access tocken, here is user.id
if user.userType <= userType:
return func(*args, **kwargs)
else:
return f"No {userType} permissions for {user.username}."
def post(slef):
id = get_jwt_identity()
user = UserModel.find_user(get_jwt_identity(
)) # get the identity from access tocken, here is user.id
return {
"message":
f"get inside this post just after login and get a fresh token: {user.username}"
}, 201
def get(self):
id = get_jwt_identity()
user = UserModel.find_user(get_jwt_identity(
)) # get the identity from access tocken, here is user.id
return {
"message":
f" get with Authentecation successfully: {user.username}"
}, 201
def delete(slef):
# this function just for Admin permations
id = get_jwt_identity()
user = UserModel.find_user(get_jwt_identity(
)) # get the identity from access tocken, here is user.id
return {
"message":
f"this function just for SuberAdmin permations: {user.username}"
}, 201
def update_acc_verified(cls, token):
active = UserModel.activate_account(token)
if active:
return { "status": 200,
"message": "Account has been Activated successfully"
}
else:
return { "status": 401,
"message": "failed the Activation"
}
def create_tables():
db.create_all()
username = "******"
email = "*****@*****.**"
salt = str(os.urandom(32))
token = hashing_text(str(uuid.uuid4), salt)
userType = 1 #SuberAdmin
current_time = current_local_time()
# check if username or email not exit.
existUser = UserModel.find_user(username)
if existUser is None:
existUser = UserModel.find_user(email)
if existUser is None:
user = UserModel(_id=str(uuid.uuid4()),
username=username,
email=email,
password=hashing_text("!QA1qa", salt),
salt=salt,
first_name="Ahmad",
last_name="Alloush",
birthday="1979-5-5",
userType=userType,
login_date=current_time,
acc_verified=True,
token=token)
try:
user.save_to_db()
return {"message": "User created successfully."}, 201
except Exception as ex:
return {"message": "Servir Error"}, 500
def read(self):
user = UserModel.find_user(self.usernameOrEmail)
if user is None:
return {"status": 401, "message": "This user not exist"}
success = verify_password(user.password, user.salt, self.password)
if not success:
return {
"status": 401,
"message": "username or password was wrong!, please try agian"
}
# check if user Activate his Account or not
if user.acc_verified is False:
return {
"status": 401,
"message": "please check your email and Activate your Account"
}
# identity= is what the identity() function did in securityJWT.py, now stored in the JWT
access_token = create_access_token(identity=user.username, fresh=True)
refresh_token = create_refresh_token(user.id)
# Store the tokens in redis with a status of not currently revoked. We
# can use the `get_jti()` method to get the unique identifier string for
# each token. We can also set an expires time on these tokens in redis,
# so they will get automatically removed after they expire. We will set
# everything to be automatically removed shortly after the token expires
access_jti = get_jti(encoded_token=access_token
) # get the curent id of the access Token
refresh_jti = get_jti(
encoded_token=refresh_token
) # get the curent id of the refresh access Token
revoked_store.set("token_black_list:" + access_jti, 'false',
timedelta(minutes=15) * 1.2)
revoked_store.set("token_black_list:" + refresh_jti, 'false',
timedelta(days=30) * 1.2)
return {
"status": 200,
"message": "Login Success",
"username": user.username,
"email": user.email,
'access_token': access_token,
'refresh_token': refresh_token
}
def add_claims_to_jwt(identity):
user = UserModel.find_user(identity)
return {"username": user.username, "email": user.email}
def create(self):
if not valid_email(self.email):
return {"status": 401, "message": "email is not valid"}
# if valid return True, else retrun json
valid_pass = valid_password(self.password)
if not valid_pass:
# if password not valid retrun error message with status: 401
return {
"status":
401,
"message":
"password must be longer than 5 and less than 18,\
must contain at least one number, one uppercase letter, \
one lowercase letter, and one punctuation"
}
# check if username or email not exit.
user = UserModel.find_user(self.username)
if user is None:
user = UserModel.find_user(self.email)
if user is not None:
return {"status": 400, "message": "this user is existing before"}
salt = str(os.urandom(32))
token = str(hashing_text(str(uuid.uuid4), salt))
user = UserModel(_id=str(uuid.uuid4()),
username=self.username,
email=self.email,
password=hashing_text(self.password, salt),
salt=salt,
first_name="",
last_name="",
birthday=self.birthday,
userType=4,
login_date=current_local_time(),
acc_verified=False,
token=token)
try:
user.save_to_db()
check_user = UserModel.find_user(self.username)
if check_user is not None:
# the url of app lik: http://localhost:5000
link = request.url_root[:-1] + url_for("userconfirm",
token=token)
SenderEmail = EmailSender(
user.email, "Activation account",
"please click at the next link to Activing your account:</br>"
+ link)
SenderEmail.send()
return {
"status":
200,
"message":
"Add user successfully, please check your email to Activate this account"
}
return {
"status": 400,
"message": "Something wrong!, please try again"
}
except Exception as ex:
return {
"status":
500,
"message":
"Something wrong!, please call the support, ERROR=" + str(ex)
}
def identity(payload):
user_id = payload['identity']
return User.find_by_id(user_id)
def authenticate(username, password):
# it does not matter if passed username or email to this method
user = User.find_user(username)
# compare if password is right
if user and verify_password(user.password, user.salt, password):
return user