def log_in_by_email(cls, email: str, password: str) -> User:
if cls._email_validation(email):
session = cls._Session()
user = session.query(User).filter_by(email=email).first()
if not user:
raise AuthenticationException("Wrong Email Address!")
if cls._password_service.password_verification(
user.password, password):
user.password = None
return user
raise AuthenticationException("Wrong Password!")
raise ValueException("Invalid email address value!")
def log_in_by_phone(cls, phone: str, password: str) -> User:
if cls._phone_validation(phone):
session = cls._Session()
user = session.query(User).filter_by(phone=phone).first()
if not user:
raise AuthenticationException("Wrong Phone Number!")
if cls._password_service.password_verification(
user.password, password):
user.password = None
return user
raise AuthenticationException("Wrong Password!")
raise ValueException("Invalid phone value!")
def hexadecimal_token_validation(
cls,
user_id,
auth_token: str,
exchange_method: ExchangeMethods = None) -> bool:
session = cls._Session()
token = None
if exchange_method:
token = session.query(Token).filter_by(
user_id=user_id,
exchange_method=exchange_method.value).order_by(
desc(Token.requested_time)).first()
else:
token = session.query(Token).filter_by(user_id=user_id).order_by(
desc(Token.requested_time)).first()
if not token:
raise SecurityException('User has no token!')
if token.deactivate:
raise SecurityException('Token is Deactivated!')
if datetime.utcnow() > token.time_limit:
raise TimeoutException('Token is Expired!')
if secrets.compare_digest(token.hex_token, auth_token):
token.last_used_time = datetime.utcnow()
session.commit()
return token.exchange_method
token.failed_attempts += 1
if token.failed_attempts > 3:
token.deactivate = True
session.commit()
if token.deactivate:
raise SecurityException('Token is Deactivated!')
raise AuthenticationException('Token is not valid!')
def process_request(request):
try:
user = authenticate_user_from_request(request)
set_user(request, user)
except AuthenticationError, e:
logging.error(e)
raise AuthenticationException("Authentication Failed")
def url_token_validation(cls, url_token: str) -> ():
session = cls._Session()
tk = session.query(Token).filter_by(url_token=url_token).first()
if not tk:
raise AuthenticationException('Url Token is not valid!')
if tk.deactivate:
raise SecurityException('Token is Deactivated!')
if datetime.utcnow() > tk.time_limit:
raise TimeoutException('Token is Expired!')
tk.last_used_time = datetime.utcnow()
return tk.user.uid, tk.exchange_method
async def authenticate(self, username, password):
user_found = await self.user.first({
'username': username,
'password': hash_password(password)
})
if not user_found:
raise AuthenticationException()
token = await self._generate_token(user_obj=user_found)
return user_found, token
def change_password(cls, user_id, old_password, new_password):
session = cls._Session()
user = session.query(User).get(user_id)
if not user:
raise SecurityException("User doesn't exist!")
if not cls._password_service.password_verification(
user.password, old_password):
raise AuthenticationException("Wrong Password!")
if not cls._password_service.password_validation(new_password):
raise ValueException("Entered password is not valid!")
pss = cls._password_service.hashing_password(new_password)
user.password = pss
session.commit()
return True
def password_verification(origin_password, entered_password: str):
if is_it_hashed(entered_password):
raise AuthenticationException("Entered Password is hashed!")
if sha256.verify(entered_password, origin_password):
return True
raise AuthenticationException('Entered password is wrong!')