def post(self, username):
args = user_password_parser.parse_args()
new_password = args["password"]
curUser = args["curUser"]
curPassword = args["curPassword"]
op_log_handler = OperatorLogHandler()
opName = 'ResetUserPassword'
opObject = "User"
operator = "admin"
opDetails = {}
opDetails['username'] = username
cur_time = datetime.datetime.utcnow()
user_obj = User()
userCurrent = user_obj.get_by_username(curUser)
# compare input password with password in db
if not bcrypt.checkpw(curPassword.encode('utf8'),
bytes(userCurrent.dbUser.password.encode())):
error_msg = "Wrong password"
op_log_handler.record_operating_log(opDate=cur_time,
opName=opName,
opObject=opObject,
resCode=400,
operator=operator,
errorMsg=error_msg,
opDetails=opDetails)
return {"error": "Wrong password", "success": False}, 400
user = user_obj.get_by_username(username)
if not user:
error_msg = "No such User"
op_log_handler.record_operating_log(opDate=cur_time,
opName=opName,
opObject=opObject,
resCode=400,
operator=operator,
errorMsg=error_msg,
opDetails=opDetails)
return {"error": "No such User", "success": False}, 400
salt = app.config.get("SALT", b"")
# reset user's passwordop_log_handler = OperatorLogHandler()
new_password = bcrypt.hashpw(new_password.encode('utf8'),
bytes(salt.encode()))
user.update_password(new_password.decode())
data = {"success": True}
op_log_handler.record_operating_log(opDate=cur_time,
opName=opName,
opObject=opObject,
resCode=200,
operator=operator,
opDetails=opDetails)
return data, 200
def post(self, **kwargs):
args = login_parser.parse_args()
username, password = args["username"], args["password"]
user_obj = User()
try:
user = user_obj.get_by_username(username)
# compare input password with password in db
if bcrypt.checkpw(password.encode('utf8'),
bytes(user.password.encode())):
login_user(user)
# if login success save login history
login_history = LoginHistory(user=user.dbUser)
login_history.save()
user_id = str(user.id)
data = {
"success": True,
"id": user_id,
"role": user.user_role,
"next": url_for('bp_index.show')
}
return data, 200
else:
data = {
"success": False,
"error": "Wrong username or password"
}
return data, 401
except Exception as exc:
logger.info("error {}".format(exc))
data = {"success": False, "error": "login failed"}
return data, 401
def post(self, **kwargs):
args = login_parser.parse_args()
username, password = args["username"], args["password"]
user_obj = User()
try:
user = user_obj.get_by_username(username)
# compare input password with password in db
if bcrypt.checkpw(password.encode('utf8'),
bytes(user.password.encode())):
login_user(user)
# if login success save login history
login_history = LoginHistory(user=user.dbUser)
login_history.save()
user_id = str(user.id)
data = {
"success": True,
"id": user_id,
"next": url_for('bp_index.show')
}
return data, 200
else:
data = {
"success": False,
"error": "Wrong username or password"
}
return data, 401
except Exception as exc:
logger.info("error {}".format(exc))
data = {
"success": False,
"error": "login failed"
}
return data, 401
def get(self):
"""
search user with username
If user is existed return user info
else return user_exists False
:return:
"""
args = user_search_parser.parse_args()
username = args["username"]
user_obj = User()
user = user_obj.get_by_username(username)
if not user:
return {"user_exists": False}, 200
data = {
"username": user.username,
"apikey": str(user.id),
"isActivated": user.active,
"balance": user.balance,
"user_exists": True
}
return data, 200
