def post(self, username): args = user_password_parser.parse_args() new_password = args["password"] curUser = args["curUser"] curPassword = args["curPassword"] op_log_handler = OperatorLogHandler() opName = 'ResetUserPassword' opObject = "User" operator = "admin" opDetails = {} opDetails['username'] = username cur_time = datetime.datetime.utcnow() user_obj = User() userCurrent = user_obj.get_by_username(curUser) # compare input password with password in db if not bcrypt.checkpw(curPassword.encode('utf8'), bytes(userCurrent.dbUser.password.encode())): error_msg = "Wrong password" op_log_handler.record_operating_log(opDate=cur_time, opName=opName, opObject=opObject, resCode=400, operator=operator, errorMsg=error_msg, opDetails=opDetails) return {"error": "Wrong password", "success": False}, 400 user = user_obj.get_by_username(username) if not user: error_msg = "No such User" op_log_handler.record_operating_log(opDate=cur_time, opName=opName, opObject=opObject, resCode=400, operator=operator, errorMsg=error_msg, opDetails=opDetails) return {"error": "No such User", "success": False}, 400 salt = app.config.get("SALT", b"") # reset user's passwordop_log_handler = OperatorLogHandler() new_password = bcrypt.hashpw(new_password.encode('utf8'), bytes(salt.encode())) user.update_password(new_password.decode()) data = {"success": True} op_log_handler.record_operating_log(opDate=cur_time, opName=opName, opObject=opObject, resCode=200, operator=operator, opDetails=opDetails) return data, 200
def post(self, **kwargs): args = login_parser.parse_args() username, password = args["username"], args["password"] user_obj = User() try: user = user_obj.get_by_username(username) # compare input password with password in db if bcrypt.checkpw(password.encode('utf8'), bytes(user.password.encode())): login_user(user) # if login success save login history login_history = LoginHistory(user=user.dbUser) login_history.save() user_id = str(user.id) data = { "success": True, "id": user_id, "role": user.user_role, "next": url_for('bp_index.show') } return data, 200 else: data = { "success": False, "error": "Wrong username or password" } return data, 401 except Exception as exc: logger.info("error {}".format(exc)) data = {"success": False, "error": "login failed"} return data, 401
def post(self, **kwargs): args = login_parser.parse_args() username, password = args["username"], args["password"] user_obj = User() try: user = user_obj.get_by_username(username) # compare input password with password in db if bcrypt.checkpw(password.encode('utf8'), bytes(user.password.encode())): login_user(user) # if login success save login history login_history = LoginHistory(user=user.dbUser) login_history.save() user_id = str(user.id) data = { "success": True, "id": user_id, "next": url_for('bp_index.show') } return data, 200 else: data = { "success": False, "error": "Wrong username or password" } return data, 401 except Exception as exc: logger.info("error {}".format(exc)) data = { "success": False, "error": "login failed" } return data, 401
def get(self): """ search user with username If user is existed return user info else return user_exists False :return: """ args = user_search_parser.parse_args() username = args["username"] user_obj = User() user = user_obj.get_by_username(username) if not user: return {"user_exists": False}, 200 data = { "username": user.username, "apikey": str(user.id), "isActivated": user.active, "balance": user.balance, "user_exists": True } return data, 200