def make_password(plaintext):
"""Create hash password from plaintext
Arguments:
plaintext {String} -- Plaintext which to be hashed
Returns:
String -- Hash result
"""
return argon2.generate_password_hash(plaintext)
def sign_up():
req = request.get_json()
username = req.get('username')
password = req.get('password')
if not username or not password:
abort(400)
password_hash = argon2.generate_password_hash(password)
new_user = User(username=username.lower(), password_hash=password_hash)
db.session.add(new_user)
db.session.commit()
access_token = create_access_token(identity=username)
return jsonify(access_token=access_token), 200
def password(self, password):
"""Hash password"""
self._password = argon2.generate_password_hash(password)
def set_password(self, password):
self.password_hash = argon2.generate_password_hash(password)
def set_password(self, password, initial=False):
self.password_hash = argon2.generate_password_hash(password)
if initial:
self.password_last_updated = datetime.now()
def user_operation():
# To register a new user.
if request.method == 'POST':
content = None
try:
content = flask.request.get_json(force=True,
silent=False,
cache=True)
except BaseException:
return flask.jsonify(
result='error', msg=eval("{'request': \"Wrong json format\"}"))
if content.get("password") == None:
password = None
else:
if len(content.get("password")) < 8:
password = content.get("password")
else:
# password=hashlib.md5((content.get("password")+'athletehq').encode("utf-8")).hexdigest()
password = argon2.generate_password_hash(
(content.get("password")).encode("utf-8"))
new_user = User(password=password,
email=content.get("email"),
rfidTag=content.get("RFID"),
role=content.get("role"),
expireTime=datetime.utcnow())
new_info = AthleteInfo(athlete=content.get("email"),
genTime=datetime.utcnow())
try:
new_user.save()
new_info.save()
except ValidationError as e:
return flask.jsonify(result='error', msg=e.to_dict())
except NotUniqueError as e2:
return flask.jsonify(
result='error',
msg=eval("{'email': \"Account already exists\"}"))
return flask.jsonify(result='succeed')
# To query all registered users. -->Only for testing.
if request.method == 'GET':
users = User.query_users()
str = ''
response = {}
counter = 0
for user in users:
counter += 1
response[counter] = userToString(user)
return flask.jsonify(allUsers=response)
# User update his/her account information, including change password, role, and rfidTag
if request.method == 'PUT':
content = None
try:
content = flask.request.get_json(force=True,
silent=False,
cache=True)
except BaseException:
return flask.jsonify(
result='error', msg=eval("{'request': \"Wrong json format\"}"))
try:
email = content.get("email")
password = content.get("password")
except Exception:
return flask.jsonify(
result='error',
msg='Request should contain email and password.')
else:
user = models.get_user().find({"email": email})
if user and user.count() != 0 and argon2.check_password_hash(
user[0]["password"], password):
newrfidTag = content.get("newRFID")
if newrfidTag == None:
newrfidTag = user[0]["rfidTag"]
newPassword = content.get("newPassword")
if newPassword == None:
newPassword = user[0]["password"]
else:
if len(newPassword) < 8:
return flask.jsonify(
result='error',
msg=
"Password length must be longer than 8 characters."
)
else:
newPassword = argon2.generate_password_hash(
(content.get("newPassword")).encode("utf-8"))
newRole = content.get("newRole")
if newRole == None:
newRole = ""
if newRole not in ["", "Not Set", "Coach", "Athlete"]:
return flask.jsonify(
result="error",
msg=
"new role must be one of 'Coach', 'Athlete','Not Set'")
if (newRole == 'Athlete'
or 'Not Set') and user[0]["role"] == 'Coach':
return flask.jsonify(
result='error',
msg=
'Currently, a Coach is not allowed to change his/her role to an Athlete.'
)
if newRole == '':
newRole = "Not Set"
try:
print(newRole)
models.get_user().update({"email": email}, {
"$set": {
"password": newPassword,
"role": newRole,
"rfidTag": newrfidTag
}
})
print(newPassword)
return flask.jsonify(result='succeed')
except Exception as e:
return flask.jsonify(result='error', msg=e.__str__())
else:
return flask.jsonify(result="error",
msg="Check your email and password.")
# User delete his/her account, all information and linked relationships will be deleted.
if request.method == 'DELETE':
content = None
try:
content = flask.request.get_json(force=True,
silent=False,
cache=True)
except BaseException:
return flask.jsonify(
result='error', msg=eval("{'request': \"Wrong json format\"}"))
try:
email = content.get("email")
password = content.get("password")
except Exception:
return flask.jsonify(
result='error',
msg='Request should contain email and password.')
else:
users = models.get_user().find({"email": email})
if users and users.count() != 0 and argon2.check_password_hash(
users[0]["password"], password):
user = users[0]
hisCouches = models.get_athleteInfo().find({"athlete": email
})[0]["coaches"]
for coach in hisCouches:
result = unlink(email, coach)
if result == 1: continue
else:
return flask.jsonify(result='error',
msg='Failed, try it later.')
coaches = models.get_coach().find({"email": email})
for coach in coaches:
hisAthletes = coach['athletes']
for athlete in hisAthletes:
result = unlink(email, athlete)
if result == 1: continue
else:
return flask.jsonify(result='error',
msg='Failed, try it later.')
try:
models.get_athleteInfo().remove({"athlete": email})
models.get_coach().remove({"email": email})
models.get_user().remove({"email": email})
except Exception as e:
return flask.jsonify(result='error',
msg='Failed, try it later.')
else:
return flask.jsonify(result='succeed')
else:
return flask.jsonify(result="error",
msg="Check your email and password.")
return flask.jsonify(result='error', msg='Method not allowed.')
