Esempio n. 1
0
def load_user(id):
    if id is None:
        redirect(url_for('bp_login.login'))
    user = User()
    user.get_by_id(id)
    if user.is_active():
        return user
    else:
        return None
Esempio n. 2
0
    def post(self):
        u = User()
        try:
            log.info("Inside create attendance method for student ----->>")
            azure_face_enabled = os.getenv("AZURE_FACE_ENABLED")
            aws_rekog_enabled = os.getenv("AWS_REKOG_ENABLED")
            facenet_enabled = os.getenv("FACENET_ENABLED")

            if azure_face_enabled is None:
                log.info("AZURE_FACE_ENABLED not set, falling back to config")
                azure_face_enabled = current_app.config["AZURE_FACE_ENABLED"]
            if aws_rekog_enabled is None:
                log.info("AWS_REKOG_ENABLED not set, falling back to config")
                aws_rekog_enabled = current_app.config["AWS_REKOG_ENABLED"]
            if facenet_enabled is None:
                log.info("FACENET_ENABLED not set, falling back to config")
                facenet_enabled = current_app.config["FACENET_ENABLED"]

            body = request.get_json()
            attendance = Attendance(**body)
            self.check_if_attendance_marked(attendance)
            school = check_school_active(attendance.school)
            check_module_active(attendance.moduleId, school.get("timeZone"))
            validateVicinity(body)
            user = u.fetchStudent(username=attendance.username)
            if str(facenet_enabled) == "1" and (user.get("imageId") is None or
                                                len(user.get("imageId")) < 1):
                attendance.recognitionSource = "facenet"
                attendance.recognitionConfidence = compare_faces_facenet(
                    attendance.capturedImageId, attendance.username)
            else:
                if str(azure_face_enabled) == "1":
                    attendance.recognitionSource = "azure"
                    attendance.recognitionConfidence = compare_faces_azure(
                        attendance.capturedImageId,
                        user.get("imageId")[0])
                if str(aws_rekog_enabled) == "1":
                    attendance.recognitionSource = "aws"
                    attendance.recognitionConfidence = compare_faces_rekognition(
                        attendance.capturedImageId,
                        user.get("imageId")[0])
            attendance.save()
            publish_message(data=json.loads(attendance.to_json()),
                            recorded=True)
        except Exception as ex:
            log.error("error from post attendance method " + str(ex))
            return {"message": str(ex)}, 400
        return {"id": str(attendance.id)}, 200
Esempio n. 3
0
 def submit(self, controller):
     global user
     user = User(username=self.username_e.get(),
                 password=self.password_e.get())
     if user.login() == True:
         Login_window.profile = Profile_window(controller, user)
         Login_window.profile.place(relwidth=1,
                                    relheight=0.95,
                                    relx=0,
                                    rely=0.1)
         messagebox.showinfo("Login", "welcome in")
         Login_window.profile.tkraise()
         App.profile_img = user.get_profile_pic()
         app_init.update_profile_pic(App.profile_img)
     else:
         messagebox.showinfo("Error", "Wrong username or password")
Esempio n. 4
0
def identity(payload):
    """ Takes in a payload, and the payload is the contents of the JWT Token
    and then we're going to extract the user ID from that payload, and once
    we have the user ID we can retrieve the specific user that matches this payload.
    """
    user_id = payload["identity"]
    return User.find_by_id(user_id)
Esempio n. 5
0
def add_claims_to_jwt(
    identity
):  # Remember identity is what we define when creating the access token
    user = User.get(identity)
    if user['role'] == 'admin':  # instead of hard-coding, we should read from a file or database to get a list of admins instead
        return {"is_admin": True}
    return {"is_admin": False}
Esempio n. 6
0
 def submit(self):
     user = User(username=self.username_e.get(),
                 password=self.password_e.get())
     if (not self.username_e.get()) or (not self.password_e.get()) or (
             not self.name_e.get()):
         messagebox.showinfo("Error", "All entrys are mandatory")
     elif (" " in self.username_e.get()) or (
             " " in self.password_e.get()) or (" " in self.name_e.get()):
         messagebox.showinfo("Error", "this should not contain spaces")
         self.username_e.delete(0, END)
         self.password_e.delete(0, END)
         self.passwordr_e.delete(0, END)
     elif len(self.password_e.get()) < 5:
         messagebox.showinfo("Error",
                             "Password length must be more than five")
         self.password_e.delete(0, END)
         self.passwordr_e.delete(0, END)
     elif len(self.username_e.get()) < 5:
         messagebox.showinfo("Error",
                             "Username length must be more than five")
         self.username_e.delete(0, END)
     elif self.password_e.get() != self.passwordr_e.get():
         messagebox.showinfo("Error", "password not matching")
         del user
         self.username_e.delete(0, END)
         self.password_e.delete(0, END)
         self.passwordr_e.delete(0, END)
     elif user.search_username(self.username_e.get()) == False:
         messagebox.showinfo("Error", "Username already taken")
         self.username_e.delete(0, END)
         self.password_e.delete(0, END)
         self.passwordr_e.delete(0, END)
     else:
         user.register(self.name_e.get(), profile_image)
         del user
         self.username_e.delete(0, END)
         self.password_e.delete(0, END)
         self.passwordr_e.delete(0, END)
         self.name_e.delete(0, END)
         self.txtshow = self.body.create_text(
             280, 120, text="you successfuly made an account", fill="white")
Esempio n. 7
0
 def delete(self, id):
     log.info("Inside delete attendance method for student by id ---->>")
     try:
         u = User()
         username = request.headers.get("Username")
         if username is None:
             raise Exception("Username header missing in delete request")
         else:
             user = u.fetchAdmin(username=username)
             attendance = Attendance.objects.get(id=id)
             attendance.status = "REVOKED"
             attendance.save()
             publish_message(
                 data={
                     "username": attendance.username,
                     "revokedBy": username,
                     "moduleId": attendance.moduleId,
                 },
                 recorded=False,
             )
     except Exception as ex:
         log.error("error from delete attendance method " + str(ex))
         return {"message": str(ex)}, 400
     return "", 200
Esempio n. 8
0
    def __init__(self,
                 db_host='DB_HOST',
                 db_port='DB_PORT',
                 db_name='DB_NAME'):
        """Create db and api for Roap."""
        self.client = MongoClient(os.getenv(db_host), int(os.getenv(db_port)))
        self.db = self.client[os.getenv(db_name)]

        create_default_users(self.db)

        self.api = falcon.API(middleware=[
            CORS(
                allow_all_origins=True,
                allow_all_methods=True,
                allow_all_headers=True,
                expose_headers_list=[
                    "Content-Range",
                ],
            ).middleware
        ])

        self.api.add_route('/v1/user-collection', UserCollection(self.db))
        self.api.add_route('/v1/user-collection/{_id}', User(self.db))
Esempio n. 9
0
def authenticate(username, password):
    # .get allows for setting a default value
    # username_mapping.get(username, None)
    user = User.find_by_username(username)
    if user and safe_str_cmp(user.password, password):
        return user
Esempio n. 10
0
def identity(payload):
    user_id = payload['identity']
    return User.find_by_id(user_id)  # userid_mapping.get(user_id, None)
def authenticate(username, password):
    user = User.find_by_username(username)
    if user and safe_str_cmp(user.password, password):
        return user
Esempio n. 12
0
app.register_blueprint(bp_host_api)
app.register_blueprint(bp_cluster_view)
app.register_blueprint(bp_cluster_api)
app.register_blueprint(bp_stat_view)
app.register_blueprint(bp_stat_api)
app.register_blueprint(bp_auth_api)
app.register_blueprint(bp_login)
app.register_blueprint(bp_user_api)
app.register_blueprint(bp_user_view)

admin = os.environ.get("ADMIN", "admin")
admin_password = os.environ.get("ADMIN_PASSWORD", "pass")
salt = app.config.get("SALT", b"")
password = bcrypt.hashpw(admin_password.encode('utf8'), bytes(salt.encode()))
try:
    user = User(admin, password, is_admin=True, role=ADMIN)
    user.save()
except Exception:
    pass


@app.errorhandler(404)
def page_not_found(error):
    return render_template('404.html'), 404


@app.errorhandler(500)
def internal_error(error):
    return render_template('500.html'), 500

Esempio n. 13
0
import logging, traceback, falcon, shared
from logging.handlers import RotatingFileHandler
from resources.user import User

app = falcon.API(middleware=[
    shared.logging.LoggingMiddleware('auth.log', 'auth', logging.INFO)
],
                 request_type=shared.falcon.Request)

db_logger = logging.getLogger('auth.db')
db_logger.setLevel(logging.DEBUG)
db_logger.addHandler(
    RotatingFileHandler('auth.db.log', maxBytes=10000000, backupCount=3))

app.add_route('/', shared.api.BaseApi())
app.add_route('/api/auth/user/{userid}', User())
Esempio n. 14
0
from werkzeug.security import safe_str_cmp

from resources.user import User

users = [User(1, 'bob', 'asdf')]

username_mapping = {u.username: u for u in users}
userid_mapping = {u.id: u for u in users}


def authenticate(username, password):
    user = username_mapping.get(username, None)
    if user and safe_str_cmp(user.password, password):
        return user


def identity(payload):
    user_id = payload['identity']
    return userid_mapping.get(user_id, None)
Esempio n. 15
0
if os.environ.get("TESTING"):
    app.config["SERVER_NAME"] = 'localhost'


@login_manager.user_loader
def load_user(user_id):
    return UserModel.from_oauth_id(user_id)


# app.add_url_rule('/', view_func=Home.as_view("home"))
app.add_url_rule('/api/authorize/',
                 view_func=AuthorizeUser.as_view("authorize"))
app.add_url_rule('/api/authorize/complete',
                 view_func=AuthorizedUser.as_view("authorized"))
app.add_url_rule('/api/user/', view_func=User.as_view('user'))
app.add_url_rule('/api/user/info', view_func=UserInfo.as_view('user.info'))
app.add_url_rule('/api/login', view_func=Login.as_view('login'))
app.add_url_rule('/api/logout', view_func=Logout.as_view('logout'))

app.add_url_rule('/api/device',
                 view_func=DeviceCollectionResource.as_view('device'),
                 methods=["POST"])

single_dev_view = DeviceResource.as_view('device.single')
app.add_url_rule('/api/device/<serial_number>',
                 view_func=single_dev_view,
                 methods=["PUT"])
app.add_url_rule('/api/device/data',
                 view_func=single_dev_view,
                 methods=["POST"])
Esempio n. 16
0
def authenticate(username, password):
    user = User.findByUsername(username)
    if user and user.password == password:
        return user
Esempio n. 17
0
def identity(payload):
    user_id = payload['identity']
    return User.findById(user_id)
Esempio n. 18
0
 def __init__(self, client: Client):
     User(client=client)._refresh_user_email_id_map()
     super().__init__(client)