def post(cls, token: str): data = request.get_json() user = UserModel.find_by_token_2fa(token) if user: response = EmailSecondFA.check_2fa_code(token, data["code"]) if response: password_salt, password_hash = PassCrypt.generate_password_hash( data["new_password"]) user.password_salt = password_salt user.password_hash = password_hash user.token_2fa = None user.session_key = None user.save_to_db() EmailSecondFA.force_revoke_2fa_code(token) return {"message": response_quote("user_password_reset")}, 201 return {"message": response_quote("email2fa_failed")}, 401 return {"message": response_quote("code_404")}, 404
def post(cls, token: str): data = request.get_json() user = UserModel.find_by_token_2fa(token) if user: response = EmailSecondFA.check_2fa_code(token, data["code"]) if response: session_key = hashlib.sha256( str.encode(str(datetime.datetime.now()))).hexdigest() user.session_key = session_key user.token_2fa = None user.save_to_db() EmailSecondFA.force_revoke_2fa_code(token) access_token = create_access_token( identity=user.session_key, expires_delta=datetime.timedelta(hours=4)) return {"access_token": access_token}, 200 return {"message": response_quote("email2fa_failed")}, 401 return {"message": response_quote("code_404")}, 404
def post(cls): data = request.get_json() user = UserModel.find_by_email(data["email"]) if user: try: token = hashlib.sha256(str.encode(user.email)).hexdigest() code = EmailSecondFA.generate_2fa_code(token) user.token_2fa = token user.save_to_db() user.password_reset_request(code) return {"request_token": token}, 200 except MailGunException as e: return {"message": str(e)}, 500 return {"message": response_quote("user_not_exist")}, 404
def post(cls, token: str): data = request.get_json() user = UserModel.find_by_token_2fa(token) if user: response = EmailSecondFA.check_2fa_code(token, data["code"]) if response: access_token = create_access_token(identity=user.sha_private, expires_delta=EXPIRES_DELTA) refresh_token = create_refresh_token(identity=user.sha_private) return { "access_token": access_token, "refresh_token": refresh_token }, 200 return {"message": response_quote("email2fa_failed")}, 400 return {"message": response_quote("user_not_exist")}, 404
def post(cls): data = request.get_json() user = UserModel.find_by_email(data["email"]) if user and PassCrypt.check_password_hash( user.password_hash, user.password_salt, data["password"]): confirmation = user.most_recent_confirmation if confirmation and confirmation.confirmed: # в ключ сессии закладывается текущее время сервера во время авторизации. user.session_key = hashlib.sha256( str.encode(str(datetime.datetime.now()))).hexdigest() user.save_to_db() access_token = create_access_token(identity=user.session_key, expires_delta=EXPIRES_DELTA) refresh_token = create_refresh_token(identity=user.session_key) if user.second_fa_enabled: try: token = hashlib.sha256(str.encode( user.email)).hexdigest() code = EmailSecondFA.generate_2fa_code(token) user.token_2fa = token user.session_key = None user.save_to_db() user.send_email_2fa_code(code) return {"verification_token": token}, 202 except MailGunException as e: return {"message": str(e)} return { "access_token": access_token, "refresh_token": refresh_token }, 201 else: return { "message": response_quote("user_not_confirmed").format(user.username) }, 400 else: return {"message": response_quote("user_invalid_credentials")}, 401
def post(cls): """ :return: access_token, refresh_token """ data = request.get_json() user = UserModel.find_by_email(data["email"]) if user and b_crypt.check_password_hash(user.password, data["password"]): confirmation = user.most_recent_confirmation if confirmation and confirmation.confirmed: access_token = create_access_token(identity=user.sha_private, expires_delta=EXPIRES_DELTA) refresh_token = create_refresh_token(identity=user.sha_private) if user.second_fa_enabled: try: token = hashlib.sha256(str.encode( user.sha_private)).hexdigest() code = EmailSecondFA.generate_2fa_code( token) # еще подумать над этим функционалом user.token_2fa = token user.save_to_db() user.send_email_2fa_code(code) return {"verification_token": token} except MailGunException as e: return {"message": str(e)} return { "access_token": access_token, "refresh_token": refresh_token }, 201 else: return { "message": response_quote("user_not_confirmed").format(user.username) }, 400 else: return {"message": response_quote("user_invalid_credentials")}, 401