def update_user(user: User):
auth.update_user(user.uid,
phone_number=user.phone_number,
display_name=user.display_name,
photo_url=user.photo_url,
disabled=False,
app=config.Context.firebase_app)
def account():
current_user = auth1.current_user
if (auth1.current_user):
form = UpdateAccountForm()
email = (auth1.get_account_info(
current_user['idToken']).get('users')[0]).get('email')
uid = (auth1.get_account_info(
current_user['idToken']).get('users')[0]).get('localId')
username = (auth1.get_account_info(
current_user['idToken']).get('users')[0]).get('displayName')
username_update = form.username.data
email_update = form.email.data
if request.method == 'POST':
auth.update_user(uid,
display_name=username_update,
email=email_update)
flash('Your account deltails has been changed', 'success')
return redirect(url_for('account'))
elif request.method == 'GET':
form.email.data = email
form.username.data = username
else:
return redirect(url_for('hello'))
return render_template('account.html',
title='Account',
form=form,
current_user=current_user,
email=email,
username=username)
def lambda_handler(event, context):
path = event['path']
uid = path.replace('/users/verify/', '')
auth.update_user(
uid,
email_verified=True)
response = get_email_template()
return generate_response(response)
def change_password(email, uid, current_password, new_password):
try:
# validate current password
_ = auth.sign_in_with_email_and_password(email, current_password)
admin_auth.update_user(uid, password=new_password)
return True
except Exception as err:
print('Invalid credentials', str(err))
def updateEmail(request):
data = JSONParser().parse(request)
if request.method == 'PATCH':
try:
auth.update_user(data.get('userId'), email=data.get('email'))
return HttpResponse(True)
except:
return HttpResponse(False)
def update_firebase_emailVerified(uid):
try:
auth.update_user(
uid=uid,
email_verified=True
)
return True
except Exception as e:
print(e)
return False
def update_firebase_photoURL(uid, photoURL):
try:
auth.update_user(
uid=uid,
photoURL=photoURL
)
return True
except Exception as e:
print(e)
return False
def update_firebase_password(uid, _pwd):
try:
auth.update_user(
uid=uid,
password=_pwd
)
return True
except Exception as e:
print(e)
return False
def update_firebase_username(uid, username):
try:
auth.update_user(
uid=uid,
display_name=username
)
return True
except Exception as e:
print(e)
return False
def update_firebase_email(uid, email):
try:
auth.update_user(
uid=uid,
email=email
)
return True
except Exception as e:
print(e)
return False
def update_username(email, username):
fb_db = firebaseDB()
try:
user = auth.get_user_by_email(email)
auth.update_user(user.uid, display_name=username)
ref = fb_db.reference(f"v2/users/{user.uid}/username")
ref.set(username)
logger.info(f"updated username for user {email}: {username}")
except Exception as e:
logger.info(f"could not find user {email} in firebase to update username.")
raise CustomError(e)
def remove_project_manager_rights(email):
fb_db = firebaseDB() # noqa E841
try:
user = auth.get_user_by_email(email)
auth.update_user(user.uid, custom_claims=auth.DELETE_ATTRIBUTE)
logger.info(f"user {email} has no project manager rights.")
except Exception as e:
logger.info(
f"could not find user {email} in firebase to remove project manager rights."
)
raise CustomError(e)
def UpdateUsers(request):
token = auth.verify_id_token(request.session[u'uid'], app=appsign)
uid = token[u'uid']
email = request.POST.get('email')
name = request.POST.get('name')
age = request.POST.get('age')
gender = request.POST.get('gender')
admin = request.POST.get('admin')
auth.update_user(uid, email=email, display_name=name)
data.Update_User_Store(uid, name, email, age, gender, admin)
auth.set_custom_user_claims(uid, {u'admin': admin})
return redirect("Home")
def verify_page():
token = request.args.get('token')
msg = ''
try:
payload = jwt.decode(token, config['jwt-secret'], algorithms=['HS256'])
uid = payload['uid']
auth.update_user(uid, email_verified=True)
msg = 'verification success'
except jwt.exceptions.ExpiredSignatureError:
msg = 'token expired'
except:
msg = 'token invalid'
return render_template('verification.html', msg=msg)
def testUpdateUser(self):
auth.update_user(userDict["uid"],
phone_number="+17777777779",
display_name="Zixuan Rao",
disabled=False,
app=context.Context.firebaseApp)
user = UserDao().get_user_by_id(userDict["uid"])
self.assertEquals("Zixuan Rao", user.display_name)
self.assertEquals("+17777777779", user.phone_number)
self.assertEquals(userDict['uid'], user.uid)
self.assertEquals(userDict['membership'], user.membership)
self.assertEquals(userDict['photo_url'], user.photo_url)
self.assertEquals(userDict['pickupAddress'], user.pickupAddress)
def put_user(body):
try:
email = body['email']
passw = body['passw']
passw_new = body['passw_new']
valid = valid_email_passw(email, passw)
if "error" in valid.keys():
resp = {
"msg": "error",
"inf": valid['error'],
"status": 400
}
return resp
try:
sign_in = pb.auth().sign_in_with_email_and_password(email, passw)
auth.update_user(
email=email,
uid=sign_in['localId'],
email_verified=True,
password= passw_new
)
resp = {
"msg": "success",
"inf": "updated password",
"status":200
}
return resp
except HTTPError as e:
error = json.loads(e.args[1])
code = error['error']['code']
inf = error['error']['message']
resp = {
"msg": "error",
"inf": inf,
"status":code
}
return resp
except Exception as e:
example = {"email":"*****@*****.**", "passw":"123456", "passw_new":"654321"}
resp = {
"msg": "error",
"inf": "Incorrect request",
"example": example,
"status": 400
}
return resp
def form_valid(self, form):
user = form.save()
url = 'https://identitytoolkit.googleapis.com/v1/accounts:signUp?key='\
+ settings.FIREBASE_WEB_API_TOKEN
data = '{ "email" : "' + user['email'] + '", "password" : "'\
+ user['password'] + '", "useSecureToken": true }'
r = requests.post(url, data)
errors = r.json().get('error', False)
if errors:
return HttpResponseRedirect(self.request.path\
+ '?error=Cadastro inválido! Tente novamente.')
auth.update_user(r.json().get('localId'), display_name=user['name'],
phone_number=user['phone'], photo_url=user['avatar'], email_verified=True)
return super().form_valid(form)
def mark_user_for_deletion(user_id: str) -> None:
"""Marks the user, and all of their auth associations, as deleted.
This function also disables the user's Firebase account so that they cannot
be used to sign in.
Args:
user_id: str. The unique ID of the user whose associations should be
deleted.
"""
# NOTE: We use get_multi(include_deleted=True) because get() returns None
# for models with deleted=True, but we need to make changes to those models
# when managing deletion.
(assoc_by_user_id_model, ) = auth_models.UserAuthDetailsModel.get_multi(
[user_id], include_deleted=True)
if assoc_by_user_id_model is not None:
assoc_by_user_id_model.deleted = True
assoc_by_user_id_model.update_timestamps()
assoc_by_user_id_model.put()
assoc_by_auth_id_model = (
auth_models.UserIdByFirebaseAuthIdModel.get_by_user_id(user_id)
if assoc_by_user_id_model is None else
# NOTE: We use get_multi(include_deleted=True) because get() returns
# None for models with deleted=True, but we need to make changes to
# those models when managing deletion.
auth_models.UserIdByFirebaseAuthIdModel.get_multi(
[assoc_by_user_id_model.firebase_auth_id], include_deleted=True)
[0])
if assoc_by_auth_id_model is not None:
assoc_by_auth_id_model.deleted = True
assoc_by_auth_id_model.update_timestamps()
assoc_by_auth_id_model.put()
else:
logging.error(
'[WIPEOUT] User with user_id=%s has no Firebase account' % user_id)
return
try:
firebase_auth.update_user(assoc_by_auth_id_model.id, disabled=True)
except (firebase_exceptions.FirebaseError, ValueError):
# NOTE: logging.exception appends the stack trace automatically. The
# errors are not re-raised because wipeout_services, the user of this
# function, does not use exceptions to keep track of failures. It uses
# the verify_external_auth_associations_are_deleted() function instead.
logging.exception(
'[WIPEOUT] Failed to disable Firebase account! Stack trace:')
def verify_email_database(email, entered_otp):
'''
Verifies if the OTP is correct
Returns bool depending on Success
'''
from firebase_admin import auth
user = auth.get_user_by_email(email)
db_user = get_user_by_email(email)
if entered_otp == db_user['verification_code']:
auth.update_user(user.uid, email_verified=True)
doc_ref = db.collection(u'users').document(user.uid)
doc_ref.update({'email_verified': True})
return True
else:
return False
def update_user():
try:
data = request.form.to_dict()
email = data['email']
display_name = data['display_name']
phone_number = data['phone_number']
photo_url = data['photo_url']
user_id = g.uid
user = firebase_auth.update_user(user_id,
email=email,
display_name=display_name,
phone_number=phone_number,
photo_url=photo_url)
return "User Updated", 201
except firebase_auth_utils.UserNotFoundError:
return {'error': 'user id not found'}, 400
except firebase_auth_utils.EmailAlreadyExistsError:
return {'error': 'email already exists'}, 400
except firebase_auth_utils.PhoneNumberAlreadyExistsError:
return {'error': 'phone number already exists'}, 400
except firebase_auth_utils.UnexpectedResponseError:
return {'error': 'unexpected response'}, 400
except:
print("Unexpected error:", sys.exc_info()[0])
return {'error': 'request error'}, 400
def update_user(existing_user: Any, data: dict):
"""Update a user.
Args:
existing_user (Firebase user): A Firebase user object.
data (dict): The values of the user to update, which can include
email, phone_number, email_verified, diplay_name, photo_url,
and disabled.
"""
values = {}
fields = ['email', 'phone_number', 'email_verified', 'display_name',
'photo_url', 'disabled']
for field in fields:
new_value = data.get(field)
if new_value:
values[field] = new_value
else:
values[field] = getattr(existing_user, field)
return auth.update_user(
existing_user.uid,
email=values['email'],
phone_number=values['phone_number'],
email_verified=values['email_verified'],
display_name=values['display_name'],
photo_url=values['photo_url'],
disabled=values['disabled'],
)
def test_remove_provider(new_user_with_provider):
provider_ids = [provider.provider_id for provider in new_user_with_provider.provider_data]
assert 'google.com' in provider_ids
user = auth.update_user(new_user_with_provider.uid, providers_to_delete=['google.com'])
assert user.uid == new_user_with_provider.uid
new_provider_ids = [provider.provider_id for provider in user.provider_data]
assert 'google.com' not in new_provider_ids
def post(self, request):
uid = request.POST['uid']
email = request.POST['email']
# emailVerified = request.POST['emailVerified']
# phoneNumber = request.POST['phoneNumber']
# password = request.POST['password']
# displayName = request.POST['displayName']
# photoURL = request.POST['photoURL']
# disabled = request.POST['disabled']
# ユーザーを更新する
user = auth.update_user(
uid,
email=email,
# emailVerifiedz=emailVerified,
# phoneNumber=phoneNumber,
# password=password,
# displayName=displayName,
# photoURL=photoURL,
# disabled=disabled
)
# templateに渡す値を作る
params = {
'uid': user.uid,
'email':email,
}
return render(request, 'firebase/UpdateUserOutput.html', params)
def _change_user_info(id_token,
new_email=None,
new_password=None,
new_displayName=None):
return auth.update_user(id_token,
email=new_email,
password=new_password,
display_name=new_displayName).__dict__['_data']
def users():
uid = request.json['uid']
user = auth.update_user(
uid,
photo_url=request.json['photourl'],
display_name=request.json['displayname'],
)
return 'done'
def test_verify_id_token_disabled(new_user, api_key):
custom_token = auth.create_custom_token(new_user.uid)
id_token = _sign_in(custom_token, api_key)
claims = auth.verify_id_token(id_token, check_revoked=True)
# Disable the user record.
auth.update_user(new_user.uid, disabled=True)
# Verify the ID token without checking revocation. This should
# not raise.
claims = auth.verify_id_token(id_token, check_revoked=False)
assert claims['sub'] == new_user.uid
# Verify the ID token while checking revocation. This should
# raise an exception.
with pytest.raises(auth.UserDisabledError) as excinfo:
auth.verify_id_token(id_token, check_revoked=True)
assert str(excinfo.value) == 'The user record is disabled.'
def test_verify_session_cookie_disabled(new_user, api_key):
custom_token = auth.create_custom_token(new_user.uid)
id_token = _sign_in(custom_token, api_key)
session_cookie = auth.create_session_cookie(id_token, expires_in=datetime.timedelta(days=1))
# Disable the user record.
auth.update_user(new_user.uid, disabled=True)
# Verify the session cookie without checking revocation. This should
# not raise.
claims = auth.verify_session_cookie(session_cookie, check_revoked=False)
assert claims['sub'] == new_user.uid
# Verify the session cookie while checking revocation. This should
# raise an exception.
with pytest.raises(auth.UserDisabledError) as excinfo:
auth.verify_session_cookie(session_cookie, check_revoked=True)
assert str(excinfo.value) == 'The user record is disabled.'
def partial_update(self, request, *args, **kwargs):
user = get_object_or_404(User, id=kwargs['pk'])
data = request.data
firebase_data = {}
if data.get('email', None) is not None:
firebase_data['email'] = data['email']
if data.get('phone_number', None) is not None:
firebase_data['phone_number'] = data['phone_number']
if data.get('name', None) is not None:
firebase_data['display_name'] = data['name']
try:
auth.update_user(user.username, **firebase_data)
except (ValueError, exceptions.FirebaseError) as e:
return Response({'detail': str(e)},
status=status.HTTP_400_BAD_REQUEST)
return super().partial_update(request, *args, **kwargs)
def form_valid(self, form):
id = self.user_data['user_id']
user = form.save()
if user['avatar']:
auth.update_user(id, photo_url=user['avatar'])
if user['password']:
url = 'https://identitytoolkit.googleapis.com/v1/accounts:update?key='\
+ settings.FIREBASE_WEB_API_TOKEN
data = '{ "idToken" : "' + self.user_data['idToken'] + '", "password" : "'\
+ user['password'] + '", "useSecureToken": true }'
r = requests.post(url, data).json()
errors = r.get('error', False)
if errors:
return HttpResponseRedirect(self.request.path\
+ '?error=Senhas inválidas! Tente novamente')
self.success_url = '/logout'
auth.update_user(id, display_name=user['name'], phone_number=user['phone'])
return super().form_valid(form)
def update_user_info(self, email, name):
user = self._db.collection('users').document(self._uid)
if user.get().exists:
try:
auth.update_user(self._uid, email=email)
user.update({'name': name, 'email': email})
except Exception as e:
# print(type(e))
if type(
e
) is firebase_admin._auth_utils.EmailAlreadyExistsError:
return {'error': 'Email已存在'}, status_code.BAD_REQUEST
else:
return {'error': '未知錯誤'}, status_code.BAD_REQUEST
return status_code.OK
