def address(): """Get the address of a certain user. From the users and servers tables, necessary details are extracted from entries containing the given username. Returns: JSON response containing the address details of a certain user. If the user is not found or the server is non existant, a failed JSON response is returned. """ username = request.args.get('username') # If username is not given, use the logged in username. if username is None or username == '': username = auth_username() if username is None or username == '': return bad_json_response("Bad request: Missing parameter 'username'.") if users.exists(username=username): server_id = users.export_one('server_id', username=username) if not servers.exists(id=server_id): bad_json_response('Server is not registered.') name, address = servers.export_one('name', 'address', id=server_id) return good_json_response({ 'name': name, 'address': address, 'username': username }) else: return bad_json_response('User is not found.')
def send_verification_mail(): """Handles the sending of verification email. Returns: JSON response based on succes/failure. """ # Check if parameter email is set. send_to = request.form['email'] if not send_to: return bad_json_response("Bad request: Missing parameter 'email'.") # Retrieve user from server for personal message in email. user = users.export_one('firstname', 'lastname', email=request.form['email']) # If no user is found give an error. if not user: return bad_json_response('Error retrieving the user.') # Construct message object with receipient and sender msg = EmailMessage() msg['Subject'] = 'FedNet - Please verify your email!' msg['From'] = current_app.config['EMAIL_ADDRESS'] msg['To'] = send_to # Create the secret key based on our little secret :) secret = URLSafeTimedSerializer(current_app.config['EMAIL_SECRET']) # Create token based on a user their email and salt to prevent same token. token = secret.dumps(send_to, salt=current_app.config['EMAIL_REGISTER_SALT']) # Create link with token and add it to the body of the mail. link = url_for('data_mail.confirm_email', token=token, _external=True) # Load the HTML template for the email, and embed the information needed. with open('app/templates/email_template/verify-mail.html') as f: html = f.read() html = html.replace('VERIFY_LINK_HERE', link) html = html.replace('USERNAME_HERE', user[0] + ' ' + user[1]) msg.add_alternative(html, subtype='html') # Add image to the contents of the email. with open('app/static/images/LogoBackOpaque.png', 'rb') as img: # Know the Content-Type of the image. maintype, subtype = mimetypes.guess_type(img.name)[0].split('/') # Attach it to the email. The cid='0' is linked to the cid in the html, # which loads it. msg.get_payload()[0].add_related(img.read(), maintype=maintype, subtype=subtype, cid='0') # Connect to the mailserver from google and send the e-mail. with smtplib.SMTP_SSL('smtp.gmail.com', 465) as smtp: smtp.login(current_app.config['EMAIL_ADDRESS'], current_app.config['EMAIL_PASSWORD']) smtp.send_message(msg) return good_json_response('success')
def forgot_username(): """Sends email to reset username. Returns: JSON reponse based on succes/failure. """ email = request.form['email'] if not email: return bad_json_response("Bad request: Missing parameter 'email'.") # Retrieve email for given username. # Also retrieve firstname and lastname for personal message. username = users.export_one('username', email=email) # If no user is found for given email, don't send email. if not username: return bad_json_response( 'No user with this e-mail exists on this server: ' + get_own_ip() ) # Construct message object with receipient and sender. msg = EmailMessage() msg['Subject'] = 'FedNet - Your username is ' + username msg['From'] = current_app.config['EMAIL_ADDRESS'] msg['To'] = email # Load the HTML template for the email, and embed the information needed. with open('app/templates/email_template/forgot-username.html') as f: html = f.read() html = html.replace('USERNAME_HERE', username) msg.add_alternative(html, subtype='html') # Add image to the contents of the email. with open('app/static/images/LogoBackOpaque.png', 'rb') as img: # Know the Content-Type of the image maintype, subtype = mimetypes.guess_type(img.name)[0].split('/') # Attach it to the email. The cid='0' is linked to the cid in the html, # which loads it. msg.get_payload()[0].add_related(img.read(), maintype=maintype, subtype=subtype, cid='0') # Connect to the mailserver from google and send the e-mail. with smtplib.SMTP_SSL('smtp.gmail.com', 465) as smtp: smtp.login(current_app.config['EMAIL_ADDRESS'], current_app.config['EMAIL_PASSWORD']) smtp.send_message(msg) return good_json_response(('Email was sent to ' + email + '.'))
def get_pub_key(username): """Helper function to get the public key of a user. Returns: The public key of a user if available, else a bad JSON response. """ server_id = users.export_one('server_id', username=username) if server_id is None: return bad_json_response('No server_id') pub = servers.export_one('pub_key', id=server_id) if pub is None: return bad_json_response('No pub') return pub
def get_profile_image(username): """Get the profile picture url. Args: username (string): The involved user. Returns: The image url. """ up_id = users.export_one('uploads_id', username=username) # Get image url. imageurl = '../static/images/default.jpg' if uploads.exists(id=up_id): filename = uploads.export_one('filename', id=up_id) imageurl = get_user_ip(username) + '/file/{}/{}'.format(up_id, filename) return imageurl
def login(): """Function that handles the login. An access token is created. A check is in place to verify the encrypted password and to check if the user is verified through e-mail. Returns: A success JSON reponse that contains the access token. """ username = request.form['username'] password = request.form['password'] if username is None: return bad_json_response("Bad request: Missing parameter 'username'.") if password is None: return bad_json_response("Bad request: Missing parameter 'password'.") if not users.exists(username=username): return bad_json_response( "User does not exist yet. Feel 'free' to join FedNet! :)" ) password_db = users.export('password', username=username)[0] # Verify the given password. if not sha256_crypt.verify(password, password_db): return bad_json_response('Password is incorrect.') # Check if the account has been verified through e-mail. email_confirmed = users.export_one('email_confirmed', username=username) if not email_confirmed: return bad_json_response( 'The email for this user is not authenticated yet. ' 'Please check your email.' ) # Login success. access_token = create_access_token(identity=username) return good_json_response({ 'token': access_token })
def forgotpass(): """Handles forgotten password, sends email to recover. Returns: JSON response based on succes/failure. """ username = request.form['username'] if not username: return bad_json_response("Bad request: Missing parameter 'username'.") # Retrieve email for given username. # Also retrieve firstname and lastname for personal message. firstname, lastname, send_to = users.export_one('firstname', 'lastname', 'email', username=username) # If no user is found give an error. if not firstname or not lastname or not username: return bad_json_response('Error retrieving the user.') # stuur mail met new ww link # Construct message object with receipient and sender msg = EmailMessage() msg['Subject'] = 'FedNet - Change your password.' msg['From'] = current_app.config['EMAIL_ADDRESS'] msg['To'] = send_to # Create the secret key based on our little secret :) secret = URLSafeTimedSerializer(current_app.config['EMAIL_SECRET']) # Create token based on a user their email and salt to prevent same token. token = secret.dumps(send_to, salt=current_app.config['EMAIL_FORGOTPASS_SALT']) # Create link with token and username so central knows how to handle it. parameters = '?username='******'&token=' + token link = get_central_ip() + '/forgotPassword' + parameters # Load the HTML template for the email, and embed the information needed. with open('app/templates/email_template/forgot-password.html') as f: html = f.read() html = html.replace('LINK_HERE', link) html = html.replace('USERNAME_HERE', username) html = html.replace('NAME_HERE', firstname + ' ' + lastname) msg.add_alternative(html, subtype='html') # Add image to the contents of the email. with open('app/static/images/LogoBackOpaque.png', 'rb') as img: # Know the Content-Type of the image. maintype, subtype = mimetypes.guess_type(img.name)[0].split('/') # Attach it to the email. The cid='0' is linked to the cid in the html, # which loads it. msg.get_payload()[0].add_related(img.read(), maintype=maintype, subtype=subtype, cid='0') # Connect to the mailserver from google and send the e-mail. with smtplib.SMTP_SSL('smtp.gmail.com', 465) as smtp: smtp.login(current_app.config['EMAIL_ADDRESS'], current_app.config['EMAIL_PASSWORD']) smtp.send_message(msg) return good_json_response('success')