def login(self,session): """ Logs a user in if their password matches arguments: session -- (Session) object from flask return the reponse object """ try: safeDictionary = RequestDictionary(self.request) username = safeDictionary.getValue('username') password = safeDictionary.getValue('password') try: user = self.interfaces.userDb.getUserByEmail(username) except Exception as e: raise ValueError("user name and or password invalid") if(not self.interfaces.userDb.checkStatus(user,"approved")): raise ValueError("user name and or password invalid") # Only check if user is active after they've logged in for the first time if user.last_login_date is not None and not self.isUserActive(user): raise ValueError("Your account has expired. Please contact an administrator.") try: if(self.interfaces.userDb.checkPassword(user,password,self.bcrypt)): # We have a valid login LoginSession.login(session,user.user_id) permissionList = [] for permission in self.interfaces.userDb.getPermssionList(): if(self.interfaces.userDb.hasPermission(user, permission.name)): permissionList.append(permission.permission_type_id) self.interfaces.userDb.updateLastLogin(user) return JsonResponse.create(StatusCode.OK,{"message":"Login successful","user_id": int(user.user_id),"name":user.name,"title":user.title ,"agency":user.agency, "permissions" : permissionList}) else : raise ValueError("user name and or password invalid") except Exception as e: LoginSession.logout(session) raise ValueError("user name and or password invalid") except (TypeError, KeyError, NotImplementedError) as e: # Return a 400 with appropriate message return JsonResponse.error(e,StatusCode.CLIENT_ERROR) except ValueError as e: # Return a 401 for login denied return JsonResponse.error(e,StatusCode.LOGIN_REQUIRED) except Exception as e: # Return 500 return JsonResponse.error(e,StatusCode.INTERNAL_ERROR) return self.response
def create_session_and_response(self, session, user): """Create a session.""" LoginSession.login(session, user.user_id) sess = GlobalDB.db().session updateLastLogin(user) agency_name = sess.query(CGAC.agency_name).\ filter(CGAC.cgac_code == user.cgac_code).\ one_or_none() return JsonResponse.create(StatusCode.OK, {"message": "Login successful", "user_id": int(user.user_id), "name": user.name, "title": user.title, "agency_name": agency_name, "cgac_code": user.cgac_code, "permission": user.permission_type_id})
def create_session_and_response(session, user): """ Create a session. Args: session: Session object from flask user: Users object Returns: JsonResponse containing the JSON for the user """ LoginSession.login(session, user.user_id) data = json_for_user(user, session['sid']) data['message'] = 'Login successful' return JsonResponse.create(StatusCode.OK, data)
def create_session_and_response(session, user): """ Create a session. Args: session: Session object from flask user: Users object Returns: JsonResponse containing the JSON for the user """ LoginSession.login(session, user.user_id) data = json_for_user(user, session['sid']) data['message'] = 'Login successful' return JsonResponse.create(StatusCode.OK, data)
def create_session_and_response(self, session, user): # Create session LoginSession.login(session, user.user_id) permissionList = [] for permission in self.interfaces.userDb.getPermissionList(): if (self.interfaces.userDb.hasPermission(user, permission.name)): permissionList.append(permission.permission_type_id) self.interfaces.userDb.updateLastLogin(user) agency_name = self.interfaces.validationDb.getAgencyName( user.cgac_code) return JsonResponse.create( StatusCode.OK, { "message": "Login successful", "user_id": int(user.user_id), "name": user.name, "title": user.title, "agency_name": agency_name, "cgac_code": user.cgac_code, "permissions": permissionList })
def login(self, session): """ Logs a user in if their password matches arguments: session -- (Session) object from flask return the reponse object """ try: safeDictionary = RequestDictionary(self.request) username = safeDictionary.getValue('username') password = safeDictionary.getValue('password') try: user = self.interfaces.userDb.getUserByEmail(username) except Exception as e: raise ValueError("user name and or password invalid") if (not self.interfaces.userDb.checkStatus(user, "approved")): raise ValueError("user name and or password invalid") # Only check if user is active after they've logged in for the first time if user.last_login_date is not None and not self.isUserActive( user): raise ValueError( "Your account has expired. Please contact an administrator." ) try: if (self.interfaces.userDb.checkPassword( user, password, self.bcrypt)): # We have a valid login LoginSession.login(session, user.user_id) permissionList = [] for permission in self.interfaces.userDb.getPermssionList( ): if (self.interfaces.userDb.hasPermission( user, permission.name)): permissionList.append( permission.permission_type_id) self.interfaces.userDb.updateLastLogin(user) return JsonResponse.create( StatusCode.OK, { "message": "Login successful", "user_id": int(user.user_id), "name": user.name, "title": user.title, "agency": user.agency, "permissions": permissionList }) else: raise ValueError("user name and or password invalid") except Exception as e: LoginSession.logout(session) raise ValueError("user name and or password invalid") except (TypeError, KeyError, NotImplementedError) as e: # Return a 400 with appropriate message return JsonResponse.error(e, StatusCode.CLIENT_ERROR) except ValueError as e: # Return a 401 for login denied return JsonResponse.error(e, StatusCode.LOGIN_REQUIRED) except Exception as e: # Return 500 return JsonResponse.error(e, StatusCode.INTERNAL_ERROR) return self.response
def login(self,session): """ Logs a user in if their password matches arguments: session -- (Session) object from flask return the reponse object """ try: safeDictionary = RequestDictionary(self.request) username = safeDictionary.getValue('username') password = safeDictionary.getValue('password') try: user = self.interfaces.userDb.getUserByEmail(username) except Exception as e: raise ValueError("Invalid username and/or password") if(not self.interfaces.userDb.checkStatus(user,"approved")): raise ValueError("Invalid username and/or password") # Only check if user is active after they've logged in for the first time if user.last_login_date is not None and self.isAccountExpired(user): raise ValueError("Your account has expired. Please contact an administrator.") # for whatever reason, your account is not active, therefore it's locked if not self.isUserActive(user): raise ValueError("Your account has been locked. Please contact an administrator.") try: if(self.interfaces.userDb.checkPassword(user,password,self.bcrypt)): # We have a valid login # Reset incorrect password attempt count to 0 self.resetPasswordCount(user) LoginSession.login(session,user.user_id) permissionList = [] for permission in self.interfaces.userDb.getPermissionList(): if(self.interfaces.userDb.hasPermission(user, permission.name)): permissionList.append(permission.permission_type_id) self.interfaces.userDb.updateLastLogin(user) agency_name = self.interfaces.validationDb.getAgencyName(user.cgac_code) return JsonResponse.create(StatusCode.OK,{"message":"Login successful","user_id": int(user.user_id), "name":user.name,"title":user.title,"agency_name":agency_name, "cgac_code":user.cgac_code, "permissions" : permissionList}) else : # increase incorrect password attempt count by 1 # if this is the 3rd incorrect attempt, lock account self.incrementPasswordCount(user) if user.incorrect_password_attempts == 3: raise ValueError("Your account has been locked due to too many failed login attempts. Please contact an administrator.") raise ValueError("Invalid username and/or password") except ValueError as ve: LoginSession.logout(session) raise ve except Exception as e: LoginSession.logout(session) raise ValueError("Invalid username and/or password") except (TypeError, KeyError, NotImplementedError) as e: # Return a 400 with appropriate message return JsonResponse.error(e,StatusCode.CLIENT_ERROR) except ValueError as e: # Return a 401 for login denied return JsonResponse.error(e,StatusCode.LOGIN_REQUIRED) except Exception as e: # Return 500 return JsonResponse.error(e,StatusCode.INTERNAL_ERROR) return self.response
def create_session_and_response(session, user): """Create a session.""" LoginSession.login(session, user.user_id) data = json_for_user(user) data['message'] = 'Login successful' return JsonResponse.create(StatusCode.OK, data)
def login(self, session): """ Logs a user in if their password matches arguments: session -- (Session) object from flask return the reponse object """ try: safeDictionary = RequestDictionary(self.request) username = safeDictionary.getValue('username') password = safeDictionary.getValue('password') try: user = self.interfaces.userDb.getUserByEmail(username) except Exception as e: raise ValueError("Invalid username and/or password") if (not self.interfaces.userDb.checkStatus(user, "approved")): raise ValueError("Invalid username and/or password") # Only check if user is active after they've logged in for the first time if user.last_login_date is not None and self.isAccountExpired( user): raise ValueError( "Your account has expired. Please contact an administrator." ) # for whatever reason, your account is not active, therefore it's locked if not self.isUserActive(user): raise ValueError( "Your account has been locked. Please contact an administrator." ) try: if (self.interfaces.userDb.checkPassword( user, password, self.bcrypt)): # We have a valid login # Reset incorrect password attempt count to 0 self.resetPasswordCount(user) LoginSession.login(session, user.user_id) permissionList = [] for permission in self.interfaces.userDb.getPermissionList( ): if (self.interfaces.userDb.hasPermission( user, permission.name)): permissionList.append( permission.permission_type_id) self.interfaces.userDb.updateLastLogin(user) agency_name = self.interfaces.validationDb.getAgencyName( user.cgac_code) return JsonResponse.create( StatusCode.OK, { "message": "Login successful", "user_id": int(user.user_id), "name": user.name, "title": user.title, "agency_name": agency_name, "cgac_code": user.cgac_code, "permissions": permissionList }) else: # increase incorrect password attempt count by 1 # if this is the 3rd incorrect attempt, lock account self.incrementPasswordCount(user) if user.incorrect_password_attempts == 3: raise ValueError( "Your account has been locked due to too many failed login attempts. Please contact an administrator." ) raise ValueError("Invalid username and/or password") except ValueError as ve: LoginSession.logout(session) raise ve except Exception as e: LoginSession.logout(session) raise ValueError("Invalid username and/or password") except (TypeError, KeyError, NotImplementedError) as e: # Return a 400 with appropriate message return JsonResponse.error(e, StatusCode.CLIENT_ERROR) except ValueError as e: # Return a 401 for login denied return JsonResponse.error(e, StatusCode.LOGIN_REQUIRED) except Exception as e: # Return 500 return JsonResponse.error(e, StatusCode.INTERNAL_ERROR) return self.response
def create_session_and_response(session, user): """Create a session.""" LoginSession.login(session, user.user_id) data = json_for_user(user) data['message'] = 'Login successful' return JsonResponse.create(StatusCode.OK, data)