def update_email(self, email):
if not validate_email(email):
raise IncorrectEmailError(f'Bad email given: {email}')
if self.exists(email):
raise IncorrectEmailError(f'This email already exists: {email}')
with qdb.sql_connection.TRN:
sql = 'UPDATE qiita.qiita_user SET email = %s where email = %s'
qdb.sql_connection.TRN.add(sql, [email, self.email])
def create(cls, email, password, info=None):
"""Creates a new user on the database
Parameters
----------
email : str
The email of the user - used for log in
password :
The plaintext password of the user
info: dict
Other information for the user keyed to table column name
Raises
------
IncorrectPasswordError
Password string given is not proper format
IncorrectEmailError
Email string given is not a valid email
QiitaDBDuplicateError
User already exists
"""
# validate email and password for new user
if not validate_email(email):
raise IncorrectEmailError("Bad email given: %s" % email)
if not validate_password(password):
raise IncorrectPasswordError("Bad password given!")
# make sure user does not already exist
if cls.exists(email):
raise QiitaDBDuplicateError("User", "email: %s" % email)
# make sure non-info columns aren't passed in info dict
if info:
if cls._non_info.intersection(info):
raise QiitaDBColumnError("non info keys passed: %s" %
cls._non_info.intersection(info))
else:
info = {}
# create email verification code and hashed password to insert
# add values to info
info["email"] = email
info["password"] = hash_password(password)
info["user_verify_code"] = create_rand_string(20, punct=False)
# make sure keys in info correspond to columns in table
conn_handler = SQLConnectionHandler()
check_table_cols(conn_handler, info, cls._table)
# build info to insert making sure columns and data are in same order
# for sql insertion
columns = info.keys()
values = [info[col] for col in columns]
sql = ("INSERT INTO qiita.%s (%s) VALUES (%s)" %
(cls._table, ','.join(columns), ','.join(['%s'] * len(values))))
conn_handler.execute(sql, values)
return cls(email)
def login(cls, email, password):
"""Logs a user into the system
Parameters
----------
email : str
The email of the user
password: str
The plaintext password of the user
Returns
-------
User object
Returns the User object corresponding to the login information
if correct login information
Raises
------
IncorrectEmailError
Email passed is not a valid email
IncorrectPasswordError
Password passed is not correct for user
"""
with qdb.sql_connection.TRN:
# see if user exists
if not cls.exists(email):
raise IncorrectEmailError("Email not valid: %s" % email)
if not validate_password(password):
raise IncorrectPasswordError("Password not valid!")
# pull password out of database
sql = ("SELECT password, user_level_id FROM qiita.{0} WHERE "
"email = %s".format(cls._table))
qdb.sql_connection.TRN.add(sql, [email])
# Using [0] because there is only one row
info = qdb.sql_connection.TRN.execute_fetchindex()[0]
# verify user email verification
# MAGIC NUMBER 5 = unverified email
if int(info[1]) == 5:
return False
# verify password
dbpass = info[0]
hashed = qdb.util.hash_password(password, dbpass)
if hashed == dbpass:
return cls(email)
else:
raise IncorrectPasswordError("Password not valid!")
def exists(cls, email):
"""Checks if a user exists on the database
Parameters
----------
email : str
the email of the user
"""
if not validate_email(email):
raise IncorrectEmailError("Email string not valid: %s" % email)
conn_handler = SQLConnectionHandler()
return conn_handler.execute_fetchone(
"SELECT EXISTS(SELECT * FROM qiita.{0} WHERE "
"email = %s)".format(cls._table), (email, ))[0]
def login(cls, email, password):
"""Logs a user into the system
Parameters
----------
email : str
The email of the user
password: str
The plaintext password of the user
Returns
-------
User object
Returns the User object corresponding to the login information
if correct login information
Raises
------
IncorrectEmailError
Email passed is not a valid email
IncorrectPasswordError
Password passed is not correct for user
"""
# see if user exists
if not cls.exists(email):
raise IncorrectEmailError("Email not valid: %s" % email)
if not validate_password(password):
raise IncorrectPasswordError("Password not valid!")
# pull password out of database
conn_handler = SQLConnectionHandler()
sql = ("SELECT password, user_level_id FROM qiita.{0} WHERE "
"email = %s".format(cls._table))
info = conn_handler.execute_fetchone(sql, (email, ))
# verify user email verification
# MAGIC NUMBER 5 = unverified email
if int(info[1]) == 5:
return False
# verify password
dbpass = info[0]
hashed = hash_password(password, dbpass)
if hashed == dbpass:
return cls(email)
else:
raise IncorrectPasswordError("Password not valid!")
def exists(cls, email):
"""Checks if a user exists on the database
Parameters
----------
email : str
the email of the user
"""
with qdb.sql_connection.TRN:
if not validate_email(email):
raise IncorrectEmailError("Email string not valid: %s" % email)
sql = """SELECT EXISTS(
SELECT * FROM qiita.{0}
WHERE email = %s)""".format(cls._table)
qdb.sql_connection.TRN.add(sql, [email])
return qdb.sql_connection.TRN.execute_fetchlast()
def create(cls, email, password, info=None):
"""Creates a new user on the database
Parameters
----------
email : str
The email of the user - used for log in
password :
The plaintext password of the user
info: dict
Other information for the user keyed to table column name
Raises
------
IncorrectPasswordError
Password string given is not proper format
IncorrectEmailError
Email string given is not a valid email
QiitaDBDuplicateError
User already exists
"""
with qdb.sql_connection.TRN:
# validate email and password for new user
if not validate_email(email):
raise IncorrectEmailError("Bad email given: %s" % email)
if not validate_password(password):
raise IncorrectPasswordError("Bad password given!")
# make sure user does not already exist
if cls.exists(email):
raise qdb.exceptions.QiitaDBDuplicateError(
"User", "email: %s" % email)
# make sure non-info columns aren't passed in info dict
if info:
if cls._non_info.intersection(info):
raise qdb.exceptions.QiitaDBColumnError(
"non info keys passed: %s" %
cls._non_info.intersection(info))
else:
info = {}
# create email verification code and hashed password to insert
# add values to info
info["email"] = email
info["password"] = qdb.util.hash_password(password)
info["user_verify_code"] = qdb.util.create_rand_string(
20, punct=False)
# make sure keys in info correspond to columns in table
qdb.util.check_table_cols(info, cls._table)
# build info to insert making sure columns and data are in
# same order for sql insertion
columns = info.keys()
values = [info[col] for col in columns]
# crete user
sql = "INSERT INTO qiita.{0} ({1}) VALUES ({2})".format(
cls._table, ','.join(columns), ','.join(['%s'] * len(values)))
qdb.sql_connection.TRN.add(sql, values)
# Add system messages to user
sql = """INSERT INTO qiita.message_user (email, message_id)
SELECT %s, message_id FROM qiita.message
WHERE expiration > %s"""
qdb.sql_connection.TRN.add(sql, [email, datetime.now()])
qdb.sql_connection.TRN.execute()
return cls(email)
