def post(self, *args, **kwargs):
loginname = self.post_arguments.get("loginname", None)
nickname = self.post_arguments.get("nickname", None)
password = self.post_arguments.get("password", None)
password_ok = self.post_arguments.get("password_ok", None)
is_valid = self.post_arguments.get("is_valid", None)
if loginname is None:
raise UserException(code=10001, desc="loginname不能为空")
else:
user = UserService().get_user_by_username(loginname)
if user:
raise UserException(code=11011)
if nickname is None:
raise UserException(code=10001, desc="nickname不能为空")
if password is None:
raise UserException(code=10001, desc="密码不能为空")
if password != password_ok:
raise UserException(code=10001, desc="两次密码不一致")
UserService().add_user(
loginname=loginname,
nickname=nickname,
password=password,
is_valid=is_valid
)
return Result(code=0)
def get_or_create_user(item):
service = UserService(mongo.db)
email = item['email']
prev = service.get_by_email(email)
if prev:
return prev
logger.info("Creating new user...[%s]" % email)
tenant_id = default_tenantId()
if email == app.config['SUPER_ADMIN_EMAIL']:
roles = ["tenant_admin", 'member']
else:
roles = ["member"]
user = {
'username': email,
'email': email,
'name': item['name'],
'auth_type': 'google',
'tenant_id': tenant_id,
'roles': roles,
'identity': item.get('id', item.get('sub', None))
}
service.create(user)
return user
def post(self):
try:
parser = RequestParser()
parser.add_argument('email', type=str)
parser.add_argument('token', type=str)
args = parser.parse_args()
pwd = ''.join(choice(ascii_uppercase) for i in range(8))
salted_string = (pwd + SALT)
hashed_pwd = hash_sha(salted_string)
UserService.create_user(args['email'], hashed_pwd, args['token'])
send_mail(args['email'], "Account information",
"Hi, This is your temporary password for your account: " + pwd)
return {'message': 'ok'}
except:
return {'message': 'error'}
def get(self):
parser = RequestParser()
parser.add_argument('token', type=str)
args = parser.parse_args()
if UserService.check_token(args['token']):
return {'message': 'success'}
return {'message': 'error'}
def post(self):
try:
parser = RequestParser()
parser.add_argument('email', type=str)
parser.add_argument('token', type=str)
args = parser.parse_args()
pwd = ''.join(choice(ascii_uppercase) for i in range(8))
salted_string = (pwd + SALT)
hashed_pwd = hash_sha(salted_string)
UserService.create_user(args['email'], hashed_pwd, args['token'])
send_mail(
args['email'], "Account information",
"Hi, This is your temporary password for your account: " + pwd)
return {'message': 'ok'}
except:
return {'message': 'error'}
def get(self):
parser = RequestParser()
parser.add_argument('token', type=str)
args = parser.parse_args()
if UserService.check_token(args['token']):
return {'message': 'success'}
return {'message': 'error'}
def __init__(self,transactionGen,dbConnection,dto,tk): self.dto=dto self.transactionGenerator=transactionGen self.us=UserService() self.db=dbConnection self.tk=tk if(dto.action=='login'): response=self._login(username=dto.username,password=dto.password) elif(dto.action=='logout'): response=self._logout(token=dto.token) elif(dto.action=='user_information'): reponse=self._get_details(token=dto.token) elif(dto.action=='user'): response=self._set_details(token=dto.token,firstname=dto.first_name, lastname=dto.last_name,mail=dto.mail,password=dto.password) elif(dto.action=='registration'): reponse=self._register(username=dto.username,password=dto.password, mail=dto.mail,firstname=dto.firstname,lastname=dto.lastname,login=dto.login) return
def request_loader(request):
if request and request.path.startswith('/static/'):
return None
user_mixin = None
userService = UserService(mongo.db)
authHeader = request.headers.get('Authorization', None)
if authHeader and len(authHeader) > 0:
if authHeader.startswith('Bearer '):
user_mixin = login_via_google_token(authHeader.replace('Bearer ', ''))
if user_mixin is None and session and session.get('identity.id', None) is not None:
logger.info("[%s] Using session stored user. Id: %s" % (request.path, session['identity.id']))
userid = str(session['identity.id'])
user_mixin = getUserMixin(userService.get_by_id(userid))
if user_mixin:
login_user(user_mixin)
identity_changed.send(current_app._get_current_object(), identity=Identity(str(user_mixin.id)))
logger.info("[%s] User login success: %s %s" % (request.path, user_mixin.id, user_mixin.name))
return user_mixin
# logger.info("Anonymous login initiated############### %s" % (request.path))
return login_anonymous()
def insert_user_post():
returnMsg = ""
try:
userModel = UserModel(request.json.get("firstName"),
request.json.get("lastName"),
request.json.get("age"),
request.json.get("email"))
userId = UserService.create_user(userModel, mongo)
returnMsg = "User created successfully. userId: " + userId
except:
returnMsg = "Error creating user"
return returnMsg
def setup(client, dbname='foodbeaztDb', sample_data=False, debug=True):
global log_enabled
log_enabled = debug
db = client[dbname]
log("Checking admin tenant")
tenant_service = TenantService(db)
user_service = UserService(db)
pincode_service = PincodeService(db)
if not tenant_service.check_name_exists(None, "FoodBeazt"):
log("Creating admin tenant")
item = {"name": "FoodBeazt", "description": "super admin tenant", "website": "http://www.foodbeazt.in",
"url": "http://www.foodbeazt.in", "type": "super_admin", "logo": "foodbeazt_logo.png",
"contact": {"name": "admin", "email": "*****@*****.**", "phone": "+91 7373730484"},
"registered_ip": "10.0.0.1",
"address": {"address": "Puducherry", "zipcode": "605001", "country": "INDIA", "state": "Puducherry"}}
tenant_id = tenant_service.create(item)
item['tenant_id'] = tenant_id
tenant_service.update(item)
log('\nTenant:')
tenant = tenant_service.get_by_name("FoodBeazt")
log(json.dumps(tenant, default=json_util.default))
tenant_id = tenant['_id']
log('\nUser:'******'pincode': '605001'}
pincode_service.save(pincode)
if sample_data:
log('\nCreating sample product data:')
create_sample_data(db, tenant_id)
def prepare(self):
if self.request.method == 'OPTIONS':
return self.options()
if self.request.path not in ["/user/login"]:
token = self.request.headers.get("X-Token", None)
try:
assert token is not None
data = UserService().get_user_by_token(token)
if data is not None:
self.uid = data['id']
self.token = token
else:
raise CustomException(code=1001)
UserService().have_power(self.uid, self.request.path)
except AssertionError as ae:
raise CustomException(code=1002)
try:
self.post_arguments = json.loads(self.request.body.decode('utf-8'))
except Exception as ex:
pass
def __init__(self, app):
"""初始化rpc服务上下文
"""
self.rpc_client = APIClient(options.register['ip'],
options.register['port'])
self.api_repo = API_repository()
self.app_repo = APP_repository()
self.host_name = gethostname()
self.instance_id = md5("{}{}{}".format(self.host_name, options.port,
os.getpid())).hexdigest()[:8]
db = get_connection()
from service.UserService import UserService
from service.repository import UserRepo, DeviceRepo
self.user_repo = UserRepo(db)
self.device_repo = DeviceRepo(db)
self.user_service = UserService(self.device_repo, self.user_repo)
def post(self):
parser = RequestParser()
parser.add_argument('file', type=werkzeug.datastructures.FileStorage)
parser.add_argument('name', type=str)
parser.add_argument('price', type=str)
parser.add_argument('description', type=str)
parser.add_argument('type', type=int)
parser.add_argument('token', type=str)
args = parser.parse_args()
if UserService.check_token(args['token']):
if args['type'] == 0:
return {'message': 'success'}
ImageService.save_2d_image(args)
else:
ImageService.save_3d_image(args)
return {'message': 'success'}
return {'message': 'error'}, 403
def post(self):
parser = RequestParser()
parser.add_argument('file', type=werkzeug.datastructures.FileStorage)
parser.add_argument('name', type=str)
parser.add_argument('price', type=str)
parser.add_argument('description', type=str)
parser.add_argument('type', type=int)
parser.add_argument('token', type=str)
args = parser.parse_args()
if UserService.check_token(args['token']):
if args['type'] == 0:
return {'message': 'success'}
ImageService.save_2d_image(args)
else:
ImageService.save_3d_image(args)
return {'message': 'success'}
return {'message': 'error'}, 403
def post(self, *args, **kwargs):
loginname = self.post_arguments.get("loginname", None)
nickname = self.post_arguments.get("nickname", None)
password = self.post_arguments.get("password", None)
checkPass = self.post_arguments.get("checkPass", None)
is_valid = self.post_arguments.get("is_valid", None)
if loginname is None:
raise UserException(code=10001, desc="loginname不能为空")
if nickname is None:
raise UserException(code=10001, desc="nickname不能为空")
if password is None:
raise UserException(code=10001, desc="密码不能为空")
if password != checkPass:
raise UserException(code=10001, desc="两次密码不一致")
UserService().add_user(loginname=loginname,
nickname=nickname,
password=password,
is_valid=is_valid)
return Result(code=0)
def userRegistration():
if request.method == 'POST':
user = request.json
return UserService.create(user)
def post(self, *args, **kwargs):
uid = self.post_arguments.get("uid", None)
roles = self.post_arguments.get("roles", None)
return UserService().user_add_roles(uid, roles)
import os
from flask import Flask, request
from controllers.UserController import UserController
from service.UserService import UserService
from dataAccessLayer.UserQueries import UserQueries
userQueries = UserQueries()
userService = UserService(userQueries)
userCtrl = UserController(userService)
from controllers.PostController import PostController
from service.PostService import PostService
from dataAccessLayer.PostsQueries import PostsQueries
from dataAccessLayer.CommentsQueries import CommentsQueries
postQueries = PostsQueries()
commentsQueries = CommentsQueries()
postService = PostService(postQueries, commentsQueries)
postCtrl = PostController(postService)
def create_app():
app = Flask(__name__)
app.config.from_object('config.ProductionConfig')
#app.config.from_envvar('APP_CONFIG')
#app.config.from_pyfile('config.py')
return app
app = create_app()
def post(self, *args, **kwargs):
user_id = self.post_arguments.get("uid", None)
if user_id is None:
raise UserException(code=10001, desc="请传入需要操作的用户id")
return UserService().allow_user_login(user_id)
class UserModel: def __init__(self,transactionGen,dbConnection,dto,tk): self.dto=dto self.transactionGenerator=transactionGen self.us=UserService() self.db=dbConnection self.tk=tk if(dto.action=='login'): response=self._login(username=dto.username,password=dto.password) elif(dto.action=='logout'): response=self._logout(token=dto.token) elif(dto.action=='user_information'): reponse=self._get_details(token=dto.token) elif(dto.action=='user'): response=self._set_details(token=dto.token,firstname=dto.first_name, lastname=dto.last_name,mail=dto.mail,password=dto.password) elif(dto.action=='registration'): reponse=self._register(username=dto.username,password=dto.password, mail=dto.mail,firstname=dto.firstname,lastname=dto.lastname,login=dto.login) return def _login(self,username=None,password=None): t_token=self.db.init_transaction() resp=self.tk.check_user_session(username=username) if(resp): self.dto.set_response(token=resp,message='already_logged_in',message_connection='login') return statement=self.transactionGenerator.get_password(username=username) resp=self.db.make_transaction_commit(data=statement,token=t_token) if(len(resp['Result']['rows'])==0): self.dto.set_response(message='wrong_input',message_connection='login') return else: stored_hash=resp['Result']['rows'][0][0] if(self.us.check_password(password,stored_hash)): token=str(uuid.uuid1()) resp=self.tk.set_token(username=username,token=token) if(resp>0): self.dto.set_response(token=token) else: self.dto.set_response(message='system_error',message_connection='login') else: self.dto.set_response(message='wrong_input',message_connection='login') def _get_session(self,token=None): resp=self.tk.retrieve_user(token=token) return resp def _logout(self,token=None): uname=self._get_session(token) if(uname): resp=self.tk.delete_token(token) if(resp>0): self.dto.set_response() else: self.dto.set_response(message='system_error',message_connection='logout') else: self.dto.set_response(message='already_logged_out',message_connection='logout') def _get_details(self,token=None): uname=self._get_session(token) if(uname): statement=self.transactionGenerator.get_user_details(username=uname) db_token=self.db.init_transaction() resp=self.db.make_transaction_commit(data=statement,token=db_token) if(len(resp['Error'])==0): id_num=int(resp['Result']['rows'][0][0]) firstname=resp['Result']['rows'][0][1] lastname=resp['Result']['rows'][0][2] mail=resp['Result']['rows'][0][3] self.dto.set_response(first_name=firstname, last_name=lastname,mail=mail,username=uname,id_number=id_num) else: self.dto.set_response(message='system_error',message_connection='user_information') return True return result def _set_details(self,token=None,mail=None,firstname=None,lastname=None,): uname=self._get_session(token) if(uname): passwordHash=self.us.hash_password(password) statement=statement=self.transactionGenerator.set_details(username=uname,password=passwordHash,mail=mail, firstname=firstname,lastname=lastname) db_token=self.db.init_transaction() resp=self.db.make_transaction_commit(data=statement,token=db_token) if(len(resp['Error']) == 0): self.dto.set_response() else: self.dto.set_response(message='system_error',message_connection='user') else: self.dto.set_response(message='session_expired',message_connection='session') def _register(self,username=None, password=None, mail=None,login=False,firstname=None,lastname=None): t_token=self.db.init_transaction() statement=self.transactionGenerator.get_user(username=username) resp=self.db.make_transaction(data=statement,token=t_token) if(len(resp['Error'])==0): if(int(resp['Result']['rows'][0][0])==0): passwordHash=self.us.hash_password(password) statement=self.transactionGenerator.register(username=username, password=passwordHash,mail=mail,firstname=firstname,lastname=lastname) resp=self.db.make_transaction_commit(data=statement,token=t_token) if(len(resp['Error'])==0): if(login): self._login(username=username,password=password) else: self.dto.set_response() else: self.dto.set_response(message='System Error') else: self.dto.set_response(message='User Taken') else: self.dto.set_response(message='System Error') def get_response(self): return self.dto
def get(self, *args, **kwargs):
return UserService().get_user_by_token(self.token)
def get(self, *args, **kwargs):
return UserService().get_users()
def post(self, *args, **kwargs):
username = self.post_arguments.get("username", None)
password = self.post_arguments.get("password", None)
return UserService().login(username, password)
def post(self, *args, **kwargs):
return UserService().logout(self.uid, self.token)
def post(self, *args, **kwargs):
frm = UserLoginForm(self)
if not frm.validate():
raise UserException(code=10001, desc="请传入正确的参数")
return UserService().login(frm.username, frm.password)
def get(self, *args, **kwargs):
uid = self.get_argument("uid", default=None)
return UserService().get_user_roles(uid)
def set_user():
return UserService.save_user(User(**request.json))
def del_user():
id = request.args.get("id")
return UserService.delete_user(id)
from service.UserService import UserService
from flask import Blueprint, request, jsonify, make_response
from util.JSONEncoder import JSONEncoder
from flask_cors import CORS
userService = UserService()
JSONEncoder = JSONEncoder()
user = Blueprint('user', __name__)
CORS(user)
@user.route('/login', methods=['POST'])
def login():
data = request.get_json()
if data is None or "email" not in data or "password" not in data:
return make_response(
jsonify({
"status": "error",
"reason": "request is invalid"
}), 400)
result = userService.login(data['email'], data['password'])
if not result:
return make_response(
jsonify({
"status": "error",
"reason": "wrong username or password"
}), 400)
return JSONEncoder.encode(result), 200
@user.route('/current', methods=['POST'])
class test_user_service(unittest.TestCase):
def setUp(self):
self.dbClient = MongoClient()
self.db = self.dbClient.test_foodbeazt_database
self.db.user_collection.drop()
self.service = UserService(self.db)
def get_model(self, email):
item = {"name": "test", "username": email, "email": email, "auth_type": "google",
"registered_ip": "10.0.0.1"}
return item
def test_create_user(self):
no = str(random.randint(1, 10000))
item = self.get_model("test" + no + "@test.com")
id = self.service.create(item)
assert id is not None
return id
def test_duplicate_user(self):
item = self.get_model("*****@*****.**")
self.service.create(item)
try:
self.service.create(item)
assert False
except DuplicateUserException as e:
assert True
def test_get_user_by_email(self):
item = self.get_model("*****@*****.**")
self.service.create(item)
item = self.service.get_by_email("*****@*****.**")
assert item is not None
assert item["email"] == "*****@*****.**"
def test_get_all_users(self):
self.test_create_user()
items = self.service.search()
assert items is not None
assert len(items) > 0
def test_delete_user(self):
id = self.test_create_user()
self.service.delete(str(id))
def test_update_user(self):
id = self.test_create_user()
item = self.test_get_by_id(str(id))
item['name'] = "updated test name"
item = self.service.update(item)
assert item is not None
assert item['name'] == 'updated test name'
assert 'updated_at' in item
def test_get_by_id(self, id=None):
if not id:
id = self.test_create_user()
item = self.service.get_by_id(id)
assert item is not None
return item
def login():
if request.method == 'POST':
login = request.json
status, response = UserService.login(login)
return response
def get_user():
id = request.args.get("id")
return UserService.get_user(id)
def update_user():
id = request.args.get("id")
return UserService.update_user(id)
def setUp(self):
self.dbClient = MongoClient()
self.db = self.dbClient.test_foodbeazt_database
self.db.user_collection.drop()
self.service = UserService(self.db)
def main():
user_service = UserService(sm_host="127.0.0.1")
user_service.run()
