def change_password(): email = request.json['email'] password = request.json['new_password'] oldpassword = request.json['password'] try: user = Auth.query.filter_by(email=email).first() if not user: return make_response({"error": "email is invalid"}, 400) check = verify_password(user.password, oldpassword) if check == False: return make_response({"error": "old password is incorrect"}, 401) user.email = email user.password = hash_password(password) db.session.add(user) db.session.commit() db.session.close() return make_response({ "message": "password changed", }, 200) except exc.SQLAlchemyError as e: raise Exception(e._message) except Exception as e: raise Exception(str(e))
def update_userinfo(uid): email = request.json['email'] username = request.json['username'] firstname = request.json['firstname'] lastname = request.json['lastname'] image = request.json['image'] try: userInfo = User.query.filter_by(auth_id = uid).first() authinfo = Auth.query.filter_by(uid = uid).first() if not authinfo or not userInfo: return make_response({ "error": "invalid user id" }, 400) userInfo.firstname = firstname userInfo.lastname = lastname userInfo.username = username userInfo.image = image authinfo.email = userInfo.email = email db.session.add(userInfo) db.session.add(authinfo) db.session.commit() db.session.close() return make_response({ "message": "user info updated", }, 200) except exc.SQLAlchemyError as e: raise Exception(e._message) except Exception as e: raise Exception(str(e))
def login(): email = request.json['email'] password = request.json['password'] user = Auth.query.filter_by(email = email).first() if not user: return make_response({ "error": "user email is invaild" }, 404) if user.isVerified == 0: return make_response({ "error": "your account is not validated" }, 401) check = verify_password(user.password, password) if check == False: return make_response({ "error": "password is incorrect" }, 401) del user.password del user.id token = generatejwt({ "email": email, "isVerified": user.isVerified, "uid": user.uid }) return jsonify({ "jwt": token })
def confirms(token): try: resp = confirm_email_token(token) if resp == False: return make_response({ "error": "confirmation link expired or invalid" }, 400) userinfo = Auth.query.filter_by(email = resp).first() email = userinfo.email userinfo.isVerified = 1 db.session.commit() db.session.close() welcome_msg = 'Welcome to our platform user {}'.format(email) send_email( "Welcome email", [email], welcome_msg ) return make_response({ "message": "validation complete", }, 200) except exc.SQLAlchemyError as e: raise Exception(e._message) except Exception as e: raise Exception(str(e))
def confirm_password_link(): try: resp = confirm_email_token(token, "email-forgot") if resp == False: return make_response({ "error": "confirmation link expired or invalid" }, 400) user = Auth.query.filter_by(email = resp).first() email = user.email password = "******" + str(int(datetime.now().strftime("%Y%m%d%H%M%S"))) user.password = hash_password(password) db.session.add(user) db.session.commit() db.session.close() confirm_msg = "To access your account please use the password below<br /><b>Your new paswword is: <h3>{}</h3></b>".format(password) send_email( "New password for you account", [email], confirm_msg, True ) return make_response({ "message": "new password changed", }, 200) except exc.SQLAlchemyError as e: raise Exception(e._message) except Exception as e: raise Exception(str(e))
def add_userinfo(): email = request.json['email'] auth_id = request.json['auth_id'] sex = request.json['sex'] phone = request.json['phone'] address = request.json['address'] access = request.json['access'] city = request.json['city'] country = request.json['country'] username = request.json['username'] firstname = request.json['firstname'] lastname = request.json['lastname'] image = request.json['image'] try: auth = Auth.query.filter_by(email = email).first() if not auth: return make_response({ "error": "invalid email address" }, 400) date = datetime.now() userinfo = User(username, firstname, lastname, email, sex, access, phone, address, city, country, auth_id, image, date) db.session.add(userinfo) db.session.commit() db.session.close() return make_response({ "message": "user info saved", }, 200) except exc.SQLAlchemyError as e: raise Exception(e._message) except Exception as e: raise Exception(str(e))
def confirms(token): try: resp = confirm_email_token(token) if resp == False: return make_response( {"error": "confirmation link expired or invalid"}, 400) userinfo = Auth.query.filter_by(email=resp).first() email = userinfo.email uid = userinfo.uid userinfo.isVerified = True db.session.commit() db.session.close() welcome_msg = f''' <b>Dear Customer</b><br /> <p>Congratulations and thanks for activating your account. Please find below your account details are</p> <p>Email: <b>{email}</b></p> <p>Customer Identification number: <b>{uid}</b></p> <p>Once again welcome aboard.</p><br /> ''' send_email("Welcome email", [email], welcome_msg, True, '', 'Kreador Chat account <*****@*****.**>') return redirect(f"{app.config['SITE_URL']}login", code=302) except exc.SQLAlchemyError as e: raise Exception(e._message) except Exception as e: raise Exception(str(e))
def unsubscribe(email): try: subscriber = Subscribe.query.filter_by(email=email).first() if not subscriber: return make_response({"error": "no subscriber info found"}, 400) db.session.delete(subscriber) db.session.commit() db.session.close() return make_response({ "message": "unsubscribed successfully", }, 200) except exc.SQLAlchemyError as e: raise Exception(e._message) except Exception as e: raise Exception(str(e))
def decorated(*args, **kwargs): auth = request.headers.get('Authorization') if not auth: return make_response( {"error": "authorization required. access forbidden"}, 403) token = auth.split(' ')[1] if not token: return make_response({"error": "bad request. missing token"}, 400) try: data = jwt.decode(token, app.config['SECRET_KEY']) except Exception as e: return make_response({"error": "Token is invalid " + str(e)}, 500) return f(*args, **kwargs)
def contact(path): try: email = request.json['email'] subject = request.json['subject'] message = request.json['message'] send_email(subject, [email], message, True) return make_response({"message": 'email sent'}, 200) except Exception as e: raise Exception(str(e))
def delete_account(uid): # email = request.json['email'] try: user = Auth.query.filter_by(uid=uid).first() obj = User.query.filter_by(auth_id=uid).first() if not user or not obj: return make_response({"error": "user account info not found"}, 400) db.session.delete(user) db.session.delete(obj) db.session.commit() db.session.close() return make_response({ "message": "user deleted successfully", }, 200) except exc.SQLAlchemyError as e: raise Exception(e._message) except Exception as e: raise Exception(str(e))
def uploadProfileImage(path): try: resp = upload_image(request.files.getlist('file'), "/" + path) file_url = url_for("get_file", filename=resp, path=path) return make_response({ "message": { "upload_url": app.config['URL'] + file_url }, }, 200) except Exception as e: raise Exception(str(e))
def getAllFiles(path): try: file_list = list_files("/" + path) files = [] for filename in file_list: file_url = url_for("get_file", filename=filename, path=path) files.append(app.config['URL'] + file_url) return make_response({ "message": files }, 200) except Exception as e: raise Exception(str(e))
def get_user_info(value): try: user = User.query.filter_by(auth_id=value).first() if not user: return make_response({"error": "user account not found"}, 400) userInfo = user_scheme.dump(user) return {"message": userInfo} except exc.SQLAlchemyError as e: raise Exception(e._message) except Exception as e: raise Exception(str(e))
def forgot_password(): email = request.json['email'] password = request.json['new_password'] try: user = Auth.query.filter_by(email = email).first() if not user: return make_response({ "error": "email is invalid" }, 400) token = generate_email_token(email, 'email-forgot') link = url_for('forgot', token=token, external=True) return make_response({ "message": "password reset link sent", }, 200) except exc.SQLAlchemyError as e: raise Exception(e._message) except Exception as e: raise Exception(str(e))
def register(): email = request.json['email'] password = request.json['password'] access = request.json['access'] or 'customer' try: user = Auth.query.filter_by(email=email).first() if user: return make_response( {"error": "email in use by another account"}, 400) uid = int(datetime.now().strftime("%Y%m%d%H%M%S")) new_user = Auth(uid, hash_password(password), email, False) db.session.add(new_user) db.session.flush() date = datetime.now() userinfo = User('', '', '', email, '', uid, '', '', date) db.session.add(userinfo) db.session.commit() db.session.close() token = generate_email_token(email) link = url_for('confirm', token=token, external=True) link = f"{app.config['URL']}{link}" confirm_msg = f''' Dear Customer,<br/> We have created an account for you on our platform. To activate your account, please click the link below: <br /> <a href="{link}">Click to confirm your email</a><br /><br /><br /> Please note that the link expires in 24 hours.<br /><br /> <h4 style="font-weight:600">Kreador Team</h4> ''' send_email("Validate your account", [email], confirm_msg, True, '', 'Kreador Chat account <*****@*****.**>') return make_response({"message": "registration successful"}, 200) except exc.SQLAlchemyError as e: raise Exception(e._message) except Exception as e: raise Exception(str(e))
def login(): email = request.json['email'] password = request.json['password'] user = Auth.query.filter_by(email=email).first() userInfo = User.query.filter_by(email=email).first() if not user or not userInfo: return make_response({"error": "user email is invaild"}, 404) if user.isVerified == 0: token = generate_email_token(email) link = url_for('confirm', token=token, external=True) link = f"{app.config['URL']}../{link}" confirm_msg = f''' Dear Customer,<br/> We have created an account for you on our platform. To activate your account, please click the link below: <br /> <a href="{link}">Click to confirm your email</a><br /><br /><br /> Please note that the link expires in 24 hours.<br /><br /> <h4 style="font-weight:600">Kreador Team</h4> ''' send_email("Validation required", [email], confirm_msg, True, '', 'Kreador Chat account <*****@*****.**>') return make_response({"error": "your account is not validated"}, 401) check = verify_password(user.password, password) if check == False: return make_response({"error": "password is incorrect"}, 401) del user.password del user.id token = generatejwt({ "email": email, "access": userInfo.access, "isVerified": user.isVerified, "uid": user.uid }) return jsonify({"jwt": token})
def register(): email = request.json['email'] password = request.json['password'] access = request.json['access'] or 'customer' try: user = Auth.query.filter_by(email = email).first() if user: return make_response({ "error": "email in use by another account" }, 400) uid = int(datetime.now().strftime("%Y%m%d%H%M%S")) new_user = Auth(uid, hash_password(password), email, False) db.session.add(new_user) db.session.flush() date = datetime.now() userinfo = User('', '', '', email, '', access, '', '', '', '', uid, '', date) db.session.add(userinfo) db.session.commit() db.session.close() token = generate_email_token(email) link = url_for('confirm', token=token, external=True) confirm_msg = 'Dear Customer,<br/>We have created a customer account for you on our website. To activate your account, please click the link below: <br /><a href="{}">Click to confirm your email</a><br /><br /><br />Please note that the link expires in 24 hours.<br />We thank you for choosing PCL Consult<br /> <br /> <h2 style="font-weight:600">The PCL Consult Team</h2><br />'.format(link) send_email( "Validate your account", [email], confirm_msg, True ) return make_response({ "message": "registration successful", }, 200) except exc.SQLAlchemyError as e: raise Exception(e._message) except Exception as e: raise Exception(str(e))
def get_user_by(value): try: users = User.query.filter( or_(User.email.like(value), User.auth_id.like(value), User.fullname.like(value), User.sex.like(value))).join( Auth, Auth.uid == User.auth_id).all() if not users: return make_response({"error": "user account not found"}, 400) usersResults = [] for user in users: userObject = user_scheme.dump(user) usersResults.append(userObject) return {"message": usersResults[::-1]} except exc.SQLAlchemyError as e: raise Exception(e._message) except Exception as e: raise Exception(str(e))
def subscribe_user(): try: email = request.json['email'] name = request.json['name'] topics = request.json['topics'] date = datetime.now() subscribeinfo = Subscribe(email, name, str(topics), date) db.session.add(subscribeinfo) db.session.commit() db.session.close() return make_response({ "message": "subscribe info saved", }, 200) except exc.SQLAlchemyError as e: raise Exception(e._message) except Exception as e: raise Exception(str(e))