def edit(user_id): """ Edit user profile and save. :param user_id: target user id :return: Render signup template or return Json data """ password_reset = "https://cloudalbum.auth." \ "{0}.amazoncognito.com/forgotPassword?response_type=code&client_id=" \ "{1}&redirect_uri=" \ "{2}"\ .format(conf['AWS_REGION'], conf['COGNITO_CLIENT_ID'], conf['BASE_URL']+'/callback') if request.method == 'GET': try: user = User() user.id = current_user.id user.email = current_user.email user.username = current_user.username app.logger.debug(user) except Exception as e: app.logger.error(e) flash("DB operation failed! Try again.") if request.method == 'PUT': try: data = request.get_json() client = boto3.client('cognito-idp') response = client.admin_update_user_attributes( UserPoolId=conf['COGNITO_POOL_ID'], Username=current_user.id, UserAttributes=[ { 'Name': 'name', 'Value': data['username'] }, ]) app.logger.debug(response) session['name'] = data['username'] return jsonify(update='success') except Exception as e: app.logger.error(e) return jsonify(update='failed') return render_template('signup.html', user=user, password_reset=password_reset)
def user_loader(session_token): """Populate user object, check expiry""" if "expires" not in session: return None app.logger.debug(session_token) app.logger.debug(session) user = User() user.id = session_token user.username = session['name'] user.email = session['email'] return user
def callback(): """Exchange the 'code' for Cognito tokens""" #http://docs.aws.amazon.com/cognito/latest/developerguide/token-endpoint.html csrf_state = request.args.get('state') code = request.args.get('code') request_parameters = { 'grant_type': 'authorization_code', 'client_id': conf['COGNITO_CLIENT_ID'], 'code': code, "redirect_uri": conf['BASE_URL'] + "/callback" } response = requests.post("https://%s/oauth2/token" % conf['COGNITO_DOMAIN'], data=request_parameters, auth=HTTPBasicAuth(conf['COGNITO_CLIENT_ID'], conf['COGNITO_CLIENT_SECRET'])) # the response: # http://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html if response.status_code == requests.codes.ok: verify(response.json()["access_token"]) id_token = verify(response.json()["id_token"], response.json()["access_token"]) ## TODO #8: Write yoir code to set up User objedct using id_token from Cognito user = User() ## -- begin -- user = User() user.id = id_token["cognito:username"] user.email = id_token["email"] user.username = id_token["name"] ## Now, password is managed by Cognito. user.password = '******' user.save() session['id'] = id_token["cognito:username"] session['email'] = id_token["email"] session['name'] = id_token["name"] session['expires'] = id_token["exp"] session['refresh_token'] = response.json()["refresh_token"] ## -- end -- login_user(user, remember=True) return redirect(url_for("siteView.home")) else: return render_template_string("<h1>ERROR!</h1>")
def edit(user_id): """ Edit user profile and save. :param user_id: target user id :return: Render signup template or return Json data """ if request.method == 'GET': try: user = User() user.id = current_user.id user.email = current_user.email user.username = current_user.username app.logger.debug(user) except Exception as e: app.logger.error(e) flash("DB operation failed! Try again.") if request.method == 'PUT': try: data = request.get_json() app.logger.debug(data) client = boto3.client('cognito-idp') response = client.admin_update_user_attributes( UserPoolId=conf['COGNITO_POOL_ID'], Username=current_user.id, UserAttributes=[ { 'name': data['username'], 'password': data['password'] }, ]) app.logger.debug(response) return jsonify(update='success') except Exception as e: app.logger.error(e) return jsonify(update='failed') return render_template('signup.html', user=user)
def user_loader(session_token): """Populate user object, check expiry""" if "expires" not in session: return None app.logger.debug(session_token) app.logger.debug(session) expires = datetime.utcfromtimestamp(session['expires']) expires_seconds = (expires - datetime.utcnow()).total_seconds() if expires_seconds < 0: return None user = User() user.id = session_token user.username = session['name'] user.email = session['email'] return user