def renew_token(device_id, refresh_token): if device_id and refresh_token: LOG.info(device_id) device, status = get_device(device_id, refresh_token) LOG.info(device) # LOG.info(device) if device: user = User.query.filter_by(id=device.user_id).first() if user: auth_token = User.encode_auth_token( user.id, user.role, user.account_type) response_object = { # 'status': 'success', # 'message': 'Successfully renew token', 'token': auth_token.decode() } return build_json_result(response_object, 200, 'Successfully renew token') else: return build_json_result(None, 500, 'Can not renew') else: return build_json_result(None, 500, 'Can not renew') else: return build_json_result(None, 403, 'Provide a valid refresh token.')
def post(self): post_data = request.get_json(force=True) isOk, message = update_email(get_data(post_data, 'account_id'), get_data(post_data, 'email')) if isOk: return build_json_result(None, 200, message) else: return build_json_result(None, 404, 'Twoja sesja wygasła', 'Your token is invalid')
def get(self, token): # get auth token isExist, email = check_token(token) if isExist: isOk, message = active_user(email) if isOk: return build_json_result(None, 200, message) else: return build_json_result(None, 500, message) else: return build_json_result(None, 404, 'Twoja sesja wygasła', 'Your token is invalid')
def post(self, account_id): user = get_a_user(account_id) if not user: return build_json_result(None, 404, 'Nie znaleziono użytkownika', 'User not found') # send_email_by_sendinblue( # user.email, 'Active your account', build_active_link(user.email, None)) active_token = generate_rand_token() save_token(active_token, user.email) send_email_by_sendinblue( user.email, 'KIDAGO.PL - AKTYWACJA KONTA', build_active_link(None, active_token, user.role)) return build_json_result(None, 200, 'Wysłano wiadomość email', 'email sent')
def generate_token(user): try: # generate the auth token auth_token = User.encode_auth_token(user.id, user.role) response_object = { 'user_id': user.id, # 'status': 'success', # 'message': 'Successfully registered.', 'token': auth_token.decode() } return build_json_result(response_object, 201, 'Successfully registered.') except Exception as e: return build_json_result(None, 401, 'Some error occurred. Please try again.')
def logout_user(data, user_id, device_id): if data: auth_token = data.split(" ")[1] else: auth_token = '' if auth_token: delete_device(user_id, device_id) if save_token_to_black_list(auth_token, user_id): return build_json_result(None, 200, 'Udane wylogowanie', 'Successfully logged out.') else: return build_json_result(None, 500, 'Błąd serwera. Spróbuj jeszcze raz.', 'Server has error') else: return build_json_result(None, 403, 'Provide a valid auth token.')
def post(self): post_data = request.get_json(force=True) isExist, user = check_email_role(get_data(post_data, 'email'), get_data(post_data, 'role')) if isExist: save_pass_token(token=None, email=get_data(post_data, 'email')) html_content = build_pass_link(get_data(post_data, 'email'), None, user.role) LOG.info(html_content) send_email_by_sendinblue(get_data(post_data, 'email'), 'Zresetuj hasło', html_content) return build_json_result(None, 200, 'Wysłano wiadomość email', 'email sent') else: return build_json_result(None, 404, 'Nie znaleziono adresu email', 'email not exist')
def save_new_social_user(data): user = User.query.filter_by(email=data['email']).first() if not user: facebook_id = None google_id = None full_name = None avatar = None if 'facebook_id' in data: facebook_id = data['facebook_id'] if 'google_id' in data: google_id = data['google_id'] if 'full_name' in data: full_name = data['full_name'] if 'avatar' in data: avatar = data['avatar'] if 'avatar' in data: avatar = data['avatar'] new_user = User( email=data['email'], username=data['username'], password=data['password'], registered_on=datetime.datetime.utcnow(), last_logged=datetime.datetime.utcnow(), role=data['role'], account_type=data['account_type'], facebook_id=facebook_id, google_id=google_id, full_name=full_name, avatar=avatar, is_active=True, active_on=datetime.datetime.utcnow(), ) result = save_changes(new_user) if not result: return generate_token(new_user) else: return build_json_result(None, 500, result) else: response_object = { 'status': 'fail', 'user_id': user.id, # 'message': 'User already exists. Please Log in.', } return build_json_result( response_object, 409, 'Ten email jest już w naszej bazie. Spróbuj się zalogować.', 'User already exists. Please Log in.')
def get_logged_in_user(new_request): # get the auth token auth_token = new_request.headers.get('Authorization') if auth_token: resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): user = User.query.filter_by(id=resp).first() data = { 'user_id': user.id, 'email': user.email, 'admin': user.admin, 'registered_on': str(user.registered_on) } return build_json_result(data, 200) return build_json_result(None, 401, resp) else: return build_json_result(None, 401, 'Provide a valid auth token.')
def get(self, public_id): """get a user given its identifier""" LOG.error('=================---------------------- get a user..') user = get_a_user(public_id) if not user: api.abort(404, message='Nie znaleziono użytkownika') else: return build_json_result(user)
def delete_account_by_id(id): try: profile = User.query.filter_by(id=id).first() if profile: if not check_owner_resource(id): return build_json_result( None, 401, 'You have not permission to access this api') delete_all_device_by_user(id) db.session.delete(profile) db.session.commit() return build_json_result(None, 200, 'Profile deleted') else: return build_json_result(None, 404, 'Profile not found') except Exception as e: LOG.exception(e) db.session.rollback() return build_json_result(None, 500, e.args)
def get(self): limit = request.args.get('limit') offset = request.args.get('offset') """List all registered users""" LOG.error('=================---------------------- getting all user..') LOG.warning( '=================---------------------- getting all user..') LOG.info(request.headers) return build_json_result(get_all_users(limit, offset))
def post(self, token): post_data = request.get_json(force=True) ok, err = change_pass_validate(post_data) if not ok: return build_json_error(err, 400, 'Błąd walidacji', 'Validation failed') isExist, email = check_pass_token(token) if isExist: isOk, message = update_password(email, get_data(post_data, 'password')) if isOk: return build_json_result(None, 200, message) else: return build_json_result(None, 500, message) else: return build_json_result(None, 404, 'Twoja sesja wygasła', 'Your token is invalid')
def save_new_user(data): user = User.query.filter_by(email=data['email']).first() if not user or not user.is_active: if user and not user.is_active: Device.query.filter_by(user_id=user.id).delete() User.query.filter_by(email=data['email']).delete() facebook_id = None google_id = None full_name = None avatar = None if 'facebook_id' in data: facebook_id = data['facebook_id'] if 'google_id' in data: google_id = data['google_id'] if 'full_name' in data: full_name = data['full_name'] if 'avatar' in data: avatar = data['avatar'] if 'avatar' in data: avatar = data['avatar'] new_user = User(email=data['email'], username=data['username'], password=data['password'], registered_on=datetime.datetime.utcnow(), last_logged=datetime.datetime.utcnow(), role=data['role'], account_type=data['account_type'], facebook_id=facebook_id, google_id=google_id, full_name=full_name, avatar=avatar) result = save_changes(new_user) if not result: return generate_token(new_user) else: return build_json_result(None, 500, result) else: response_object = { 'user_id': user.id, # 'status': 'fail', # 'message': 'User already exists. Please Log in.', } return build_json_result(response_object, 409, 'User already exists. Please Log in.')
def post(self): # get auth token LOG.debug('%s', request.headers) LOG.debug('%s', request.args) LOG.debug('%s', request.form) LOG.debug('%s', request.values) post_data = request.get_json(force=True) LOG.debug('%s', post_data) auth_header = request.headers.get('Authorization') return build_json_result('Hello world')
def get(self): # get auth token LOG.debug('test log %s', request.headers) LOG.debug('%s', request.args) auth_header = request.headers.get('Authorization') LOG.info('11111111111111111111') LOG.info('222222222222222222222') LOG.info('33333333333333333') LOG.info('4444444444444444444444 \n') LOG.info('55555555555555555555555555 \n') return build_json_result('Hello world')
def post(self): post_data = request.get_json(force=True) ok, err = change_pass_validate(post_data) if not ok: return build_json_error(err, 400, 'Błąd walidacji', 'Validation failed') isExist, email = check_pass(get_data(post_data, 'account_id'), get_data(post_data, 'old_password')) if isExist: isOk, message = update_password(email, get_data(post_data, 'password')) if isOk: return build_json_result(None, 200, message) else: return build_json_result(None, 500, message) else: return build_json_result(None, 404, 'Stare haslo jest niepoprawne', 'Your old password is not correct')
def delete_account_by_id(id): try: profile = User.query.filter_by(id=id).first() if profile: if not check_owner_resource(id): return build_json_result( None, 401, 'Nie masz uprawnień dostępu', 'You have not permission to access this api') delete_all_device_by_user(id) db.session.delete(profile) db.session.commit() return build_json_result(None, 200, 'Profil został skasowany', 'Profile deleted') else: return build_json_result(None, 404, 'Nie znaleziono profilu użytkownika', 'Profile not found') except Exception as e: # LOG.exception(e) trace_log() db.session.rollback() return build_json_result(None, 500, e.args)
def post(self): post_data = request.get_json(force=True) ok, err = send_mail_validate(post_data) if not ok: return build_json_error(err, 400, 'Błąd walidacji', 'Validation failed') user = get_user_by_email(post_data['email']) # send_email_by_sendinblue( # post_data['email'], 'Active your account', build_active_link(post_data['email'], None)) active_token = generate_rand_token() save_token(active_token, post_data['email']) #'Activate account' send_email_by_sendinblue( post_data['email'], 'KIDAGO.PL - AKTYWACJA KONTA', build_active_link(None, active_token, user.role)) return build_json_result(None, 200, 'Wysłano wiadomość email', 'email sent')
def login_user(data): try: # fetch the user data user = User.query.filter_by(email=data.get('email')).first() if user and user.check_password(data.get('password')): if user.account_type == 'facebook': return build_json_result( None, 403, 'Nie rozpoznano konta Facebook', 'You must login by facebook account') if user.account_type == 'google': return build_json_result( None, 403, 'Nie rozpoznano konta Google', 'You must login by google account') isOk, message = save_refresh_token( user.id, get_data(data, 'device_id'), get_data(data, 'device_name'), get_data(data, 'device_model')) update_logged_time(user) if not user.is_active: return build_json_result( None, 403, 'Aby się zalogować, najpierw aktywuj konto', 'You need active your account to login') auth_token = User.encode_auth_token(user.id, user.role, user.account_type) if auth_token: response_object = { 'user_id': user.id, 'role': user.role, 'refresh_token': message, 'token': auth_token.decode() } # return response_object, 200 return build_json_result(response_object, 200, 'Zalogowano użytkownika', 'Successfully logged in.') else: return build_json_result(None, 401, 'Błąd serwera. Spróbuj jeszcze raz.', 'email or password does not match.') except Exception as e: print(e) trace_log() return build_json_result( None, 500, 'Błąd serwera. Spróbuj jeszcze raz.', 'a server communication error has occurred please try again later' )
def get(self): """List all registered users""" LOG.error('=================---------------------- getting all user..') LOG.warning( '=================---------------------- getting all user..') return build_json_result(get_all_users())
def login_facebook_user(post_data): try: if not 'token' in post_data: return build_json_result( None, 404, 'You need give me your facebook token') else: fb_token = post_data['token'] response = requests.get("https://graph.facebook.com/v3.3/me", params={ 'fields': 'id, name, email', 'access_token': fb_token }, headers=None) data = response.json() LOG.info(data) user_data = {} if data and not 'error' in data: fb_id = data['id'] fb_name = data['name'] if 'email' in data: fb_email = data['email'] else: fb_email = fb_id + '@facebook.com' user = User.query.filter_by(facebook_id=fb_id).first() LOG.info(user) # login success if user: auth_token = User.encode_auth_token( user.id, user.role, user.account_type) isOk, message = save_refresh_token( user.id, get_data(post_data, 'device_id'), get_data(post_data, 'device_name'), get_data(post_data, 'device_model')) if auth_token: # profile = get_user_profile(user.id, user.account_type) response_object = { "user_id": user.id, # 'profile':profile, # 'status': 'success', # 'message': 'Successfully logged in.', 'token': auth_token.decode(), 'refresh_token': message } # LOG.info('aaaaaaaa') profile = get_user_profile(user.id) response_object['profile'] = profile return build_json_result( response_object, 200, 'Zalogowano użytkownika', 'Successfully logged in.') else: user_data['email'] = fb_email user_data['username'] = fb_email user_data['full_name'] = fb_name user_data['facebook_id'] = fb_id user_data['role'] = 'user' user_data['account_type'] = 'facebook' user_data['password'] = '******' user_data['avatar'] = 'http://graph.facebook.com/' + \ fb_id+'/picture?type=square' result = save_new_social_user(data=user_data) isOk, message = save_refresh_token( get_data(result, 'user_id'), get_data(post_data, 'device_id'), get_data(post_data, 'device_name'), get_data(post_data, 'device_model')) result[0]['resfresh_token'] = message # profile = get_user_profile( # get_data(result, 'user_id'), user_data['account_type']) # result[0]['profile'] = profile return result else: return build_json_result(None, 401, 'Your token is not valid') except Exception as e: trace_log() # LOG.info(e) return build_json_result( None, 500, 'Błąd serwera. Spróbuj jeszcze raz.', 'a server communication error has occurred please try again later' )
def login_google_user(post_data): try: if not 'token' in post_data: return build_json_result( None, 404, 'You need give me your facebook token') else: gg_token = post_data['token'] headers = {'Authorization': 'OAuth ' + gg_token} response = requests.get( "https://www.googleapis.com/oauth2/v1/userinfo", None, headers=headers) data = response.json() LOG.info(data) user_data = {} if data and not 'error' in data: gg_id = data['id'] gg_name = data['name'] gg_avatar = data['picture'] if 'email' in data: gg_email = data['email'] else: gg_email = gg_id + '@google.com' user = User.query.filter_by(google_id=gg_id).first() LOG.info(user) # login success if user: auth_token = User.encode_auth_token( user.id, user.role, user.account_type) isOk, message = save_refresh_token( user.id, get_data(post_data, 'device_id'), get_data(post_data, 'device_name'), get_data(post_data, 'device_model')) if auth_token: response_object = { "user_id": user.id, # 'status': 'success', # 'message': 'Successfully logged in.', 'token': auth_token.decode(), 'resfresh_token': message } profile = get_user_profile(user.id) response_object['profile'] = profile return build_json_result( response_object, 200, 'Successfully logged in.') else: user_data['email'] = gg_email user_data['username'] = gg_email user_data['full_name'] = gg_name user_data['google_id'] = gg_id user_data['role'] = 'user' user_data['account_type'] = 'google' user_data['password'] = '******' user_data['avatar'] = gg_avatar result = save_new_social_user(data=user_data) LOG.info(result) if result[0]['meta']['code'] != 200 and result[0][ 'meta']['code'] != 201: return result # return build_json_result(None, 409, 'Your email is used') isOk, message = save_refresh_token( get_data(result, 'user_id'), get_data(post_data, 'device_id'), get_data(post_data, 'device_name'), get_data(post_data, 'device_model')) LOG.info(result) result[0]['resfresh_token'] = message return result else: return build_json_result(None, 401, 'Your token is not valid') except Exception as e: # LOG.info(e) return build_json_result( None, 500, 'Błąd serwera. Spróbuj jeszcze raz.', 'a server communication error has occurred please try again later' )