async def password_change(request): form = await forms.UpdatePasswordForm.from_formdata(request) form_data = await request.form() if await form.validate_on_submit(): # TODO: make this work hashed_pwd = encrypt_pass(form_data["password"]) query = users.update().where( users.c.user_name == request.session["user_name"]) values = { "password": hashed_pwd, } logger.debug(values) db_result = await execute_one_db(query=query, values=values) logger.info("Redirecting user to index page /") return RedirectResponse(url="/", status_code=303) status_code = 200 template = f"{page_url}/password.html" context = {"request": request, "form": form} logger.info(f"page accessed: /user/password-change") return templates.TemplateResponse(template, context, status_code=status_code)
async def user_update(data: dict): """[summary] Arguments: data {dict} -- [description] data = { "first_name": str, "last_name": str, "email": str (valid email address), "user_name": exsiting user_name } """ values = { "first_name": data["first_name"], "last_name": data["last_name"], "last_login": datetime.datetime.now(), "email": data["email"].lower(), } user_name = data["user_name"] logging.debug(values) query = users.update().where(users.c.user_name == user_name) try: db_result = await execute_one_db(query=query, values=values) logging.debug(type(db_result)) return "complete" except Exception as e: logger.warning(f"An error occurred trying to update {user_name}") return "error"
async def update_user_review(data: dict): """ [summary] Arguments: access_id {str} -- [description] is_reviewed {bool} -- [description] is_aproved {bool} -- [description] is_admin {bool} -- [description] """ # "access_id": access_id, # "user_name": user_name, # "is_reviewed": True, # "is_rejected": is_rejected, # "is_active": is_active, # "is_admin": is_admin, values = { "date_updated": datetime.datetime.now(), "is_reviewed": data["is_reviewed"], "is_rejected": data["is_rejected"], "is_admin": data["is_admin"], } query = user_approval.update().where( user_approval.c.access_id == str(data["access_id"]) ) await execute_one_db(query=query, values=values) user_values = { "is_active": data["is_active"], "is_admin": data["is_admin"], } user_query = users.update().where(users.c.user_name == data["user_name"]) await execute_one_db(query=user_query, values=user_values)
async def callback(request): from main import github_client, github_api_client # Obtain an access token. code = request.query_params.get("code", "") url = "/login/oauth/access_token" data = { "client_id": settings.GITHUB_CLIENT_ID, "client_secret": settings.GITHUB_CLIENT_SECRET, "code": code, } headers = {"accept": "application/json"} response = await github_client.post(url, data=data, headers=headers) logger.debug(response.request.url) response.raise_for_status() data = response.json() # Make a request to the API. url = "/user" headers = { "authorization": f'token {data["access_token"]}', } response = await github_api_client.get(url, headers=headers) logger.debug(response.request.url) response.raise_for_status() data = response.json() # Log the user in, and redirect back to the homepage. query = users.select().where(users.c.github_id == data["id"]) user = await fetch_one_db(query=query) if user is None: query = users.insert() values = { "created_at": datetime.datetime.now(), "last_login": datetime.datetime.now(), "username": data["login"], "github_id": data["id"], "is_admin": False, "name": data["name"], "avatar_url": data["avatar_url"], } else: query = users.update().where(users.c.github_id == data["id"]) values = { "last_login": datetime.datetime.now(), "username": data["login"], "name": data["name"], "avatar_url": data["avatar_url"], } await execute_one_db(query=query, values=values) request.session["username"] = data["login"] request.session["realname"] = data["name"] request.session["avatar_url"] = data["avatar_url"] url = request.url_for("profile", username=data["login"]) logger.info(f'logging {request.session["username"]} and send to profile page') return RedirectResponse(url, status_code=303)
async def user_login_update(user_name: dict): values: dict = {"last_login": datetime.datetime.now()} query = users.update().where(users.c.user_name == user_name) try: await execute_one_db(query=query, values=values) logger.info(f"{user_name} last login updated") return "complete" except Exception as e: logger.warning(f"An error occurred trying to update {user_name}") return "error"
async def user_active_status(user_name: str, is_active: bool, is_admin: bool = None): """[summary] update user status Arguments: user_id {str} -- [description] is_active {bool} -- [description] Keyword Arguments: is_admin {bool} -- [description] (default: {None}) """ if is_admin == None: is_admin = False values: dict = {"is_active": is_active, "is_admin": is_admin} query = users.update().where(users.c.user_name == user_name) try: await execute_one_db(query=query, values=values) logger.info(f"{user_name} status updated") except Exception as e: logger.warning(f"An error occurred trying to update {user_name}") return "error"
async def login(request): logger.debug(f"request") form = await forms.AccountLoginForm.from_formdata(request) form_data = await request.form() if await form.validate_on_submit(): logger.critical(form_data) user_name = form_data["user_name"] user_name = user_name.lower() pwd = form_data["password"] logger.debug(f"user_name: {user_name}, pwd: {pwd}") result = await form_validators.valid_login(pwd=pwd, user_name=user_name) logger.debug(f"loging valid = {result}") # user_name = user_name.lower() logger.debug(f"checking if {user_name.lower()} has valid login") query = users.select().where(users.c.user_name == user_name) logger.info(f"fetch user_name: {user_name}") user_data = await fetch_one_db(query) logger.debug(f"LOOK AT THIS query result = {user_data}") last_login_values = {"last_login": datetime.datetime.now()} last_login_query = users.update().where(users.c.user_name == user_name) await execute_one_db(query=last_login_query, values=last_login_values) logger.info(f"updating last login for {user_name}") if result == False: client_host = request.client.host fail_values: dict = { "id": str(uuid.uuid4()), "date_created": datetime.datetime.now(), "user_name": user_name, "ip_address": client_host, } fail_query = user_login_failures.insert() await execute_one_db(query=fail_query, values=fail_values) logger.warning( f"User login failure for {user_name} from {client_host}") form.user_name.errors.append(f"user_name or Password is invalid") elif user_data["is_active"] == False: form.user_name.errors.append( f"The user id is not active or been approved for login") else: # get user user_name request.session["user_name"] = user_data["user_name"] request.session["updated"] = str(datetime.datetime.utcnow()) request.session["admin"] = user_data["is_admin"] request.session[ "realname"] = f'{user_data["first_name"]} {user_data["last_name"]}' logger.info( f'logger {request.session["user_name"]} and send to profile page' ) return RedirectResponse(url="/", status_code=303) template = f"{page_url}/login.html" context = {"request": request, "form": form} logger.info(f"page accessed: /user/login") return templates.TemplateResponse(template, context)