def auth_login(email: str, password: str) -> dict:
"""
Given a registered users' email and password and generates a valid token
for the user to remain authenticated
:param email: the user's email
:param password: the user's password
:return: dictionary with keys "u_id" and "token"
"""
# check if email invalid
if not check(email):
raise InputError(description='error occurred: Email entered is not a valid email')
# get user details from database
db_connect = DbConnector()
db_connect.cursor()
sql = "SELECT u_id, password FROM project.user_data WHERE email = (%s)"
value = (email,)
db_connect.execute(sql, value)
ret = db_connect.fetchone()
# check if email do not belong to any user
if ret is None:
raise InputError(description='error occurred: Email entered does not belong to a user')
user_uid = ret[0]
user_pwd = ret[1]
# password if correct
hash_password = hashlib.sha256(password.encode()).hexdigest()
# if user_pwd != password:
if user_pwd != hash_password:
raise InputError(description='error occurred: Password is not correct')
# generate token
token_operation = TokenJwt()
user_token = token_operation.encode_token({'u_id': user_uid})
# if not login before, store the token
# add token
sql = "UPDATE project.user_data set token=(%s) where email=(%s)"
value = (user_token, email)
db_connect.execute(sql, value)
# close database connection
db_connect.close()
return {
'u_id': user_uid,
'token': user_token
}
def check_valid(token):
db_connect = DbConnector()
db_connect.cursor()
sql = "SELECT token FROM project.user_data WHERE token=(%s)"
value = (token, )
db_connect.execute(sql, value)
ret = db_connect.fetchone()
if ret is None:
db_connect.close()
return False
else:
db_connect.close()
return True
def standup_start(token, channel_id, length):
token_operation = TokenJwt()
# check if the token is valid
if check_valid(token) is False:
raise AccessError(description='error occurred: token is not valid')
# check channel_id is not valid
db_connect = DbConnector()
db_connect.cursor()
sql = "SELECT channel_id FROM project.channel_data WHERE channel_id=(%s)"
value = (channel_id, )
db_connect.execute(sql, value)
ret = db_connect.fetchone()
if ret is None:
raise InputError(
description='error occured: Channel ID is not a valid channel')
curr_time = int(time.time())
exist_active = standup_active(token, channel_id)["is_active"]
if exist_active is True:
raise InputError(description='error occurred:\
An active standup is currently running in this channel'
)
finish_time = curr_time + length
# get id from token
u_id = token_operation.get_uid(token)
sql = "INSERT INTO project.active_data (standup_uid, channel_id, time_finish) VALUES (%s,%s,%s)"
value = (u_id, channel_id, int(finish_time))
db_connect.execute(sql, value)
# time_dict = {
# 'standup_uid': u_id,
# 'channel_id': channel_id,
# 'time_finish': int(finish_time),
# 'message': ""
# }
# ACTIVE_DATA.append(time_dict)
time1 = threading.Timer(length, send_standup_message, [channel_id])
time1.start()
return {'time_finish': int(finish_time)}
def auth_passwordreset_reset(reset_code: str, new_password: str) -> dict:
'''
Given a reset code for a user,
set that user's new password to the password provided.
:param reset_code: generated random code sent to user
:param new_password: user's new password to be reset
:return:
'''
# check if new password is valid
if len(new_password) < 6:
raise InputError(
description='error occurred: Password entered is less '
'than 6 characters long')
# check if reset code match
db_connect = DbConnector()
db_connect.cursor()
sql = "SELECT u_id FROM project.user_data WHERE reset_code=(%s)"
value = (reset_code, )
db_connect.execute(sql, value)
ret = db_connect.fetchone()
if ret is None:
raise InputError(
description='error occurred: Reset code entered does not match')
# use for sql query
u_id = ret[0]
# UPDATE new password and remove the reset code from database
password = hashlib.sha256(new_password.encode()).hexdigest()
sql = "UPDATE project.user_data set password=(%s), reset_code = (%s) WHERE u_id=(%s)"
value = (password, None, u_id)
db_connect.execute(sql, value)
# close database connection
db_connect.close()
return {}
def user_profile_setemail(token, email):
# check if the token is valid
if check_valid(token) is False:
raise AccessError(description='error occurred: token is not valid')
exist_change = False
regex = r'^[a-z0-9]+[\._]?[a-z0-9]+[@]\w+[.]\w{2,3}$'
if re.search(regex, email): # check Email entered is valid
exist_change = True
if exist_change is False:
raise InputError(
description='error occurred: email entered is not valid')
# check email address is independent
db_connect = DbConnector()
db_connect.cursor()
sql = "SELECT email FROM project.user_data WHERE email=(%s);"
value = (email, )
db_connect.execute(sql, value)
ret = db_connect.fetchone()
if ret is not None:
raise InputError(
description='error occurred: email is already used by another user'
)
# get user's u_id from token
token_operation = TokenJwt()
u_id = token_operation.get_uid(token)
sql = "UPDATE project.user_data SET email=(%s) WHERE u_id=(%s)"
value = (email, u_id)
db_connect.execute(sql, value)
db_connect.close()
return {}
def user_profile(token, u_id):
# check if the token is valid
if check_valid(token) is False:
raise AccessError(description='error occurred: token is not valid')
db_connect = DbConnector()
db_connect.cursor()
sql = "SELECT email, name_first, name_last, handle, \
profile_img_url FROM project.user_data WHERE u_id=(%s);"
value = (u_id, )
db_connect.execute(sql, value)
ret = db_connect.fetchone()
# check uid is valid
if ret is None:
raise InputError(
description='error occurred: User with u_id is not a valid user')
user_dict = {} # for return
email = ret[0]
name_first = ret[1]
name_last = ret[2]
handle_str = ret[3]
profile_img_url = ret[4]
user_dict['u_id'] = u_id
user_dict['email'] = email
user_dict['name_first'] = name_first
user_dict['name_last'] = name_last
user_dict['handle_str'] = handle_str
user_dict['profile_img_url'] = profile_img_url
# close database connection
db_connect.close()
return {'user': user_dict}
def standup_send(token, channel_id, message):
token_operation = TokenJwt()
# check if the token is valid
if check_valid(token) is False:
raise AccessError(description='error occurred: token is not valid')
# check channel id is valid
db_connect = DbConnector()
db_connect.cursor()
sql = "SELECT member FROM project.channel_data WHERE channel_id=(%s);"
value = (channel_id, )
db_connect.execute(sql, value)
ret = db_connect.fetchone()
if ret is None:
raise InputError(description='error occurred: channel is not valid')
# get member list
member_list = ret[0]
# check if the message longer than 1000
if len(message) > 1000:
raise InputError(description='Message is more than 1000 characters')
exist_active = standup_active(token, channel_id)["is_active"]
if not exist_active:
raise InputError(
description='error occurred: no standup is running in this channel'
)
u_id = token_operation.get_uid(token)
# check user is valid
if u_id not in member_list:
raise AccessError(
description='error occurred: user is not a member of this channel')
# get handle
sql = "SELECT handle FROM project.user_data WHERE u_id=(%s)"
value = (u_id, )
db_connect.execute(sql, value)
ret = db_connect.fetchone()
handle = ret[0]
# get msg from active buffer
sql = "SELECT message FROM project.active_data WHERE channel_id=(%s)"
value = (channel_id, )
db_connect.execute(sql, value)
ret = db_connect.fetchone()
if ret[0] is not None:
message_stand = ret[0]
message_stand += "\n" + handle + ": " + message
else:
message_stand = handle + ": " + message
# add to active data
sql = "UPDATE project.active_data SET message=(%s) WHERE channel_id=(%s);"
value = (message_stand, channel_id)
db_connect.execute(sql, value)
# close database connection
db_connect.close()
return {}
def auth_register(email: str, password: str, name_first: str, name_last: str) -> dict:
"""
Given a user's first and last name, email address, and password,
create a new account for them and return a new token for authentication in their session.
:param email: user's email
:param password: user's password
:param name_first: user's first name
:param name_last: user's last name
:return: dictionary with keys "u_id" and "token"
"""
# check if email invalid
if not check(email):
raise InputError(description='error occurred: Email entered is not a valid email')
# check if email has already been used
db_connect = DbConnector()
db_connect.cursor() # connect to database and get cursor
sql = "SELECT email from project.user_data WHERE email = %s"
value = (email,)
db_connect.execute(sql, value)
ret = db_connect.fetchone()
if ret is not None:
raise InputError(description='error occurred: Email address is already '
'being used by another user')
# check the length of password
if len(password) < 6:
raise InputError(description='error occurred: Password entered is less '
'than 6 characters long')
if len(name_first) not in range(1, 51):
raise InputError(description='error occurred: first name is not '
'between 1 and 50 characters inclusively in length')
if len(name_last) not in range(1, 51):
raise InputError(description='error occurred: last name is not '
'between 1 and 50 characters inclusively in length')
# generate u_id for the new user
sql = "INSERT INTO project.user_data (email) VALUES (%s)"
value = (email,)
db_connect.execute(sql, value)
sql = "SELECT u_id FROM project.user_data WHERE email=(%s)"
value = (email,)
db_connect.execute(sql,value)
ret = db_connect.fetchone()
user_uid = ret[0]
# sql = "SELECT COUNT(*) FROM project.user_data"
# db_connect.execute(sql)
# ret = db_connect.fetchone()
# user_uid = ret[0] + 1
# print(user_uid)
# generate a handle for the new user
# which contains the first letter of the name_first by default
# cut off the part where exceeds 20
handle = (name_first[0] + name_last).lower()
if len(handle) > 20:
handle = handle[0:20]
# check if it is unique otherwise
sql = "SELECT handle from project.user_data WHERE handle=%s"
value = (handle,)
db_connect.execute(sql, value)
ret = db_connect.fetchone()
# if it exceeds 20, cutoff the extra part from the original handle and remain user_uid
# add user_uid at the end of the handle
if ret is not None:
if len(handle + str(user_uid)) > 20:
handle = handle[0:(20 - len(str(user_uid)))] + str(user_uid)
else:
handle = handle + str(user_uid)
# generate the token
token_operation = TokenJwt()
token = token_operation.encode_token({'u_id': user_uid})
# hashing the password
hash_password = hashlib.sha256(password.encode()).hexdigest()
# add user in database
sql = '''
UPDATE project.user_data
set password=(%s), name_first=(%s), name_last=(%s), token=(%s), handle=(%s)
WHERE email=(%s)
'''
value = (hash_password, name_first, name_last, token, handle, email)
db_connect.execute(sql, value)
if user_uid == 1:
sql = "INSERT INTO project.flockr_data (owner) VALUES ('{%s}')"
value = [user_uid]
db_connect.execute(sql, value)
db_connect.close()
return {
'u_id': user_uid,
'token': token
}
def channel_invite(token: str, channel_id: int, u_id: int) -> dict:
"""
Invites a user (with user id u_id) to join a channel with ID channel_id.
Once invited the user is added to the channel immediately
:param token: token of user who try to invite user
:param channel_id: the id of channel which the user will be invited in
:param u_id: uid of user who has been invited to join the channel
:return: if it can successfully invite somebody to this channel,
it will return an empty dictionary
"""
token_operation = TokenJwt()
# check if the token is valid
if check_valid(token) is False:
raise AccessError(description='error occurred: token is not valid')
# check if channel id is valid
db_connect = DbConnector()
db_connect.cursor()
sql = "SELECT channel_id FROM project.channel_data WHERE channel_id = (%s)"
value = (channel_id, )
db_connect.execute(sql, value)
ret = db_connect.fetchone()
if ret is None:
raise InputError(
description=
'error occurred: channel_id does not refer to a valid channel')
# check if uid is valid
sql = "SELECT u_id FROM project.user_data WHERE u_id = (%s)"
value = (u_id, )
db_connect.execute(sql, value)
ret = db_connect.fetchone()
if ret is None:
raise InputError(
description='error occurred: u_id does not refer to a valid user')
# check if the authorised user( is a member of the channel)
authorised_uid = token_operation.get_uid(token)
sql = "SELECT member, owner FROM project.channel_data WHERE channel_id =(%s)"
value = (channel_id, )
db_connect.execute(sql, value)
ret = db_connect.fetchone()
member_list = ret[0]
owner_list = ret[1]
if authorised_uid not in member_list:
raise AccessError(description='error occurred: the authorised user '
'is not a member of the channel')
# get flockr owner list
sql = "SELECT owner FROM project.flockr_data;"
db_connect.execute(sql)
ret = db_connect.fetchone()
flockr_list = ret[0]
# if no error, add the user to the channel
if u_id not in member_list:
sql = "UPDATE project.channel_data SET member=(%s), owner=(%s) WHERE channel_id=(%s);"
# if invite flockr, flockr will be owner
if u_id in flockr_list:
member_list.append(u_id)
owner_list.append(u_id)
value = (member_list, owner_list, channel_id)
else:
member_list.append(u_id)
value = (member_list, owner_list, channel_id)
db_connect.execute(sql, value)
db_connect.close()
return {}
def channel_messages(token: str, channel_id: int, start: int):
"""
Given a Channel with ID channel_id that the authorised user is part of,
return up to 50 messages between index "start" and "start + 50"
:param token: the authorised user's token
:param channel_id: the channel ID
:param start: the start number
:return: dictionary of messages as required
"""
token_operation = TokenJwt()
# check if the token is valid
if check_valid(token) is False:
raise AccessError(description='error occurred: token is not valid')
# start = int(start)
# channel_id = int(channel_id)
db_connect = DbConnector()
db_connect.cursor()
sql = "SELECT member FROM project.channel_data WHERE channel_id=(%s)"
value = (channel_id, )
db_connect.execute(sql, value)
ret = db_connect.fetchone()
# check channel_id is valid
if ret is None:
raise InputError(description='error occurred: channel id is not valid')
member_list = ret[0]
# get user's u_id from token
u_id = token_operation.get_uid(token)
# check u_id is a member for the channel
if u_id not in member_list:
raise AccessError(
description='Authorised user is not a member of channel')
# check start valid
sql = "SELECT COUNT(*) FROM project.message_data WHERE channel_id=(%s)"
value = (channel_id, )
db_connect.execute(sql, value)
ret = db_connect.fetchone()
total_message = ret[0]
# start is greater than the total number of messages
if start > total_message:
raise InputError(description='error occurred: start is greater than '
'the total number of messages')
# determine end
retuen_end = -1
if total_message > start + 50:
end = start + 50
retuen_end = end
else:
end = total_message
# store all the required messages
msg = []
sql = "SELECT * FROM project.message_data WHERE channel_id=(%s) ORDER BY time_created DESC"
value = (channel_id, )
db_connect.execute(sql, value)
ret = db_connect.fetchall()
for detail in ret:
react_uid = detail[6]
if u_id in react_uid:
react_cond = True
else:
react_cond = False
msg.append({
'message_id':
detail[0],
'channel_id':
detail[1],
'time_created':
detail[3],
'u_id':
detail[4],
'message':
detail[2],
'is_pinned':
detail[5],
'reacts': [{
'is_this_user_reacted': react_cond,
'react_id': 1,
'u_ids': react_uid
}]
})
# close database connection
db_connect.close()
return {'messages': msg, 'start': start, 'end': retuen_end}
