def sign_token(self, payload: User):
logger.info("sign payload is -------")
logger.info(payload)
json_payload = jsonable_encoder(
UserToken(name=payload.name, email=payload.email))
json_payload["exp"] = datetime.utcnow() + timedelta(hours=24)
return jwt.encode(json_payload, self.private_key, algorithm='RS256')
def validate_user(self, user: LoginUser):
logger.info('calling validate_user-------')
logger.info(user)
exist = self.userDAO.get_user(user.email)
if exist and exist.password == generate_md5(user.password):
return self.jwtService.sign_token(exist)
raise AuthAPIException('email_passport_wrong',
'email or password is wrong')
def update_user(self, user):
logger.info('calling update_user-------')
logger.info(user)
exist = self.userDAO.get_user(user.email)
if exist:
exist.name = user.name
exist.password = user.password
return self.userDAO.update_user(exist)
raise AuthAPIException('user_not_exist', 'user not exist')
async def logout(x_token: str = Header(None)):
logger.info('received logout post request request-------')
logger.info(x_token)
decoded = jwt_service.verify_token(x_token)
if decoded:
user_service.logout_user(x_token, decoded)
return {"status": 'OK'}
else:
raise HTTPException(status_code=403, detail="Permission not allowed")
def get_user(self, email):
query = """
SELECT
id, name, email, password
FROM
authapi_users
WHERE
email = %s
"""
cur = self.conn.cursor()
cur.execute(query, (email,))
row = cur.fetchone()
if row:
logger.info(row)
return User(id=row[0], name=row[1], email=row[2], password=row[3])
return None
def register_user(self, user: User):
logger.info('calling register_user-------')
logger.info(user)
exist = self.userDAO.get_user(user.email)
if exist:
logger.info('email is already used', user.email)
raise AuthAPIException('email_exist', 'email already exist')
self.userDAO.create_user(user)
async def get(x_token: str = Header(None)):
logger.info('received get user request request-------')
logger.info(x_token)
decoded = jwt_service.verify_token(x_token)
if decoded:
logger.info(decoded)
user = user_service.get_user(decoded['email'])
return {"status": 'OK', "user": user}
else:
raise HTTPException(status_code=403, detail="Permission not allowed")
async def update_user(user: User, x_token: str = Header(None)):
logger.info('received put user request request-------')
logger.info(user)
logger.info(x_token)
decoded = jwt_service.verify_token(x_token)
if decoded:
user_service.update_user(user)
return {"status": 'OK'}
else:
raise HTTPException(status_code=403, detail="Permission not allowed")
def delete_user(self, email):
logger.info('calling delete_user--------')
logger.info(email)
# TODO save the invalid email in DB/Cache for 30 minutes
self.userDAO.delete_user(email)
def get_user(self, email):
logger.info('calling get_user ------')
logger.info(email)
return self.userDAO.get_user(email)
async def login(user: LoginUser):
logger.info('received login post request request-------')
logger.info(user)
token = user_service.validate_user(user)
return {"status": 'OK', "token": token}
async def register_user(user: User):
logger.info('received user post request request-------')
logger.info(user)
user_service.register_user(user)
return {"status": 'OK'}
async def health():
logger.info('enter health check!')
return {"status": 'OK'}