def login(self):
data.validate(required_fields=['email', 'password'], error_message='Invalid User / Password')
user = get_verified_user_by_email(data.email.lower())
password = web_auth.signed_password(data.password)
if not user:
return error('Invalid User / Password')
elif password != user.password:
return error('Invalid User / Password')
org = user.org[0].get()
org_id = org.key.id()
if org.secure_signup_step == 'Deactivated':
return error('This account has been deactivated')
web_auth.set_cookie_for_user(user.email, response)
response.set_cookie("org_id", org_id, max_age=7200)
response.set_cookie("is_demo", 'False')
auth_payload = {'uid': user.email, 'org': org_id}
token = create_token(FIREBASE_SECRET, auth_payload)
return {
'message': 'Logged In',
'user': user.email,
'org': org_id,
'fbaseToken': token,
'isTemporaryPassword': user.is_temporary_password
}
def update_agent(self):
agent = PayloadData(self.payload['agent'])
update = updates_holder()
if not (agent.name and agent.phone):
return error('Agent name and phone number are required')
agent_db = get_or_create_agent(agent.name, agent.phone, update)
push_updates(self.org, self.org_app, self.livemode, update)
update = updates_holder()
supervisor = PayloadData(
self.payload['supervisor']) if self.payload['supervisor'] else None
logging.info([supervisor, self.payload['supervisor']])
if supervisor and not agent.supervisor:
return error('Supervisor phone number is required')
if supervisor and agent.supervisor:
if supervisor.name and agent.supervisor and supervisor.email:
get_or_create_supervisor(supervisor.name, agent.supervisor,
supervisor.email, update)
else:
return error('All supervisor details are required')
if agent.supervisor:
set_supervisor(agent_db, agent.supervisor, update)
push_updates(self.org, self.org_app, self.livemode, update)
return "Details Updated"
def add_user():
data.validate(
required_fields=['id', 'user_name', 'user_email', 'user_phone'],
error_message='Form has errors')
org = Organization.get_by_id(data.id)
if not org:
return error('Organization not found')
user = get_user_by_email(data.user_email)
if not user:
user = User(raw_name=data.user_name,
email=data.user_email,
phone=data.user_phone,
account_verified=True)
user.org = [org.key]
else:
user.org = list(set(user.org + [org.key]))
new_password = generate_random_password()
user.password = web_auth.signed_password(new_password)
user.put()
TrackrRoles.get_or_insert('roles',
parent=user.key,
kind=['Admin', 'Staff'])
mail_body = render('/emails/welcome.mako',
new_password=new_password,
user=user)
send_email(data.user_email, mail_body, 'Welcome to Trackr')
return 'Account Created'
def change(self):
data.validate(required_fields=['email', 'password', 'new_password'])
user = get_user_by_email(data.email)
password = web_auth.signed_password(data.password)
if not user:
return error('No user registered with this email')
if password != user.password:
return error('Invalid Password')
user.password = web_auth.validate_password(data.new_password, data.new_password)
user.is_temporary_password = False
user.put()
return 'Password has been changed'
def refresh_auth(self):
if self.user:
web_auth.set_cookie_for_user(self.user.email, response)
response.set_cookie("org_id", self.user.org[0].id(), max_age=7200)
return 'Session refreshed'
return error('User not logged in.')
def update_customer(self):
update = updates_holder()
if not (data.name and data.phone):
return error('Name and Phone number are required')
get_or_create_customer(data.name, data.contact, data.phone, update)
push_updates(self.org, self.org_app, self.livemode, update)
return "Details Updated"
def get_auth(self):
if self.user:
org = self.user.org[0].id()
auth_payload = {'uid': self.user.email, 'org': org}
token = create_token(FIREBASE_SECRET, auth_payload)
return {
'message': 'Logged In',
'user': self.user.email,
'org': org,
'fbaseToken': token,
'isTemporaryPassword': self.user.is_temporary_password
}
return error('User not logged in.')
def reset(self):
data.validate(required_fields=['email'], error_message='')
user = get_user_by_email(data.email)
if not user:
return error('No user registered with this email')
new_password = generate_random_password()
user.password = web_auth.signed_password(new_password)
user.is_temporary_password = True
user.put()
mail_body = render('/emails/reset_link.mako', new_password=new_password)
send_email(data.email, mail_body, 'Password Reset Notification')
return 'Password has been reset'
def validate(self,
required_fields=None,
optional_fields=None,
error_message='Form has errors',
**kwargs):
errors = {}
self.define(required_fields, optional_fields, **kwargs)
for field, rule in self.model.items():
if rule.is_required and (field not in self.payload
or not self.payload[field]):
errors[field] = 'Value Required'
else:
value = self.payload[field]
if value and not isinstance(value, list):
value = [value]
if rule.data_type:
if value:
try:
value = [rule.data_type(val) for val in value]
except:
errors[field] = "Invalid Value"
value = [None]
else:
value = [None]
if rule.is_list:
self.payload[field] = value
else:
self.payload[field] = value[0]
if errors:
if self.context:
self.context.errors = errors
return error(error_message)
def create_payment(self):
data.validate(
amount=Required(float),
required_fields=['sales_phone', 'invoice_num'],
optional_fields=['additional_data'],
error_message='Valid Invoice Number and Amount is required')
cache = Cache.get_by_id(data.sales_phone + data.invoice_num +
str(data.amount) +
(data.additional_data or ''))
now = datetime.datetime.utcnow() - datetime.timedelta(hours=24)
if cache:
if cache.createdAt > now:
return error(
'Same amount for this invoice cannot be collected more than once in a day.'
)
else:
cache.key.delete()
updates = updates_holder()
if data.additional_data:
customer = Customer.get_by_id(data.additional_data)
if not customer:
customer = get_or_create_customer('New Business',
'New Customer',
data.additional_data,
updates)
incharge = Agent.get_by_id(data.sales_phone)
if not incharge:
return error(
'Payment cannot be created from this phone number.')
order = SalesOrder.get_by_id(data.invoice_num)
if order:
return error(
'Advance payment can only be entered for new orders.')
now = datetime.datetime.utcnow() + datetime.timedelta(hours=5.5)
order = create_or_update_sales_order(
data.invoice_num, now.strftime('%d/%m/%Y %I:%M %p'), 0,
data.amount, customer, incharge, updates, 'Placeholder')
payment = order.advance.get()
else:
payment = create_payment(data.invoice_num, data.amount,
data.sales_phone, updates)
Cache(id=data.sales_phone + data.invoice_num + str(data.amount) +
(data.additional_data or '')).put()
push_updates(self.org, self.org_app, self.livemode, updates)
try:
supervisor = None
if payment._agent.supervisors:
supervisor = payment._agent.supervisors[0].get()
mail_body = render('/emails/payment_made.mako', payment=payment)
if supervisor and supervisor.email:
send_email(supervisor.email, mail_body,
'New Payment Notification')
if self.org_app.notification_email:
send_email(self.org_app.notification_email, mail_body,
'New Payment Notification')
except:
logging.warn('Error sending email notifications', exc_info=True)
return {
"message": "Payment Created",
'customer_name': payment._customer.contact,
'customer_phone': payment.by.id(),
'agent_name': payment._agent.name,
'payment_id': payment.key.id(),
'org_brand': self.org_app.brand_name,
'support_number': self.org_app.support_number
}