def sign_out():
"""Sign out
Signs out currently logged in user
"""
hashed_token = request.headers.get('token')
data = request.get_json()
email = data['email']
token = database_helper.get_token_from_email(email)
url = '/sign_out'
server_hash = sha256((token[0] + email + url).encode('utf-8')).hexdigest()
print('SIGNOUT: server_hash is:', server_hash, ' and hashed_token is: ',
hashed_token)
print('signing out token: ', token[0])
user = database_helper.get_email_from_token(token[0])
result = database_helper.logout_user(token[0])
if (result == True) and server_hash == hashed_token:
print('sockets before sign out ', sockets)
print('user[0] before sign out ', user[0])
print('sockets[user[0]] before sign out ', sockets[user[0]])
print('deleting: ', sockets[user[0]])
del sockets[user[0]]
push_websocket_active_users()
res = jsonify({'success': True, 'message': 'Signed out!'})
return res
else:
res = jsonify({'success': False, 'message': 'Something went wrong!'})
return res
def get_user_messages_by_email():
data = request.get_json()
hashed_token = request.headers.get('token')
searchedEmail = data['searchedEmail']
email = data['email']
url = '/get_user_messages_by_email'
token = database_helper.get_token_from_email(email)
server_hash = sha256(
(token[0] + email + searchedEmail + url).encode('utf-8')).hexdigest()
result = database_helper.get_user_messages_by_email(token[0], email)
if token[0] is not None:
if result is not None and server_hash == hashed_token:
res = {
'success': True,
'message': "Successfully retrieved all messages",
'data': result
}
else:
res = {'success': False, 'message': "Could not retrieve messages"}
else:
res = {
'success': False,
'message': "Invalid token, could not retrieve data"
}
return json.dumps(res)
def get_user_data_by_token():
"""Get user data by token
Given a token, returns corresponding user data
"""
hashed_token = request.headers.get('token')
data = request.get_json()
email = data['email']
url = '/get_user_data_by_token'
token = database_helper.get_token_from_email(email)
server_hash = sha256((token[0] + email + url).encode('utf-8')).hexdigest()
userData = database_helper.get_user_data_by_token(token[0])
print('GETUSERDATABYTOKEN: server_hash is:', server_hash,
' and hashed_token is: ', hashed_token)
if userData != None and server_hash == hashed_token:
res = jsonify({
'success': True,
'email': userData[0],
'firstName': userData[1],
'familyName': userData[2],
'gender': userData[3],
'city': userData[4],
'country': userData[5]
})
else:
res = jsonify({'success': False, 'message': 'Something went wrong!'})
return res
def reset_password():
data = request.get_json()
resetEmail = data['email']
oldPwd = data['oldPwd']
url = '/reset_password'
key = make_key()
token = database_helper.get_token_from_email(resetEmail)
hashed_old_password = bcrypt.generate_password_hash(oldPwd).decode('utf-8')
hashed_password = database_helper.get_hashed_password(resetEmail)
print('hashed_password for this email is: ', hashed_password)
correct_password = bcrypt.check_password_hash(hashed_password, oldPwd)
hashed_new_password = bcrypt.generate_password_hash(
str(key)).decode('utf-8')
print('correct_password: '******'utf-8')).hexdigest()
print('RESETPASSWORD: server_hash is:', server_hash,
' and hashed_token is: ', hashed_token)
email = database_helper.find_user(resetEmail)
if (email) and correct_password and server_hash == hashed_token:
try:
#print('success! hashed_new_password: '******'reset user password from: ',str(hashed_password), ' to: ', str(hashed_new_password) )
print('result is: ', result)
if (result):
print('trying to set up SMTP connection...')
yag = yagmail.SMTP(user=resetEmail)
print('setting contents...')
contents = [
"You've requested to reset your Twidder password.",
'Your new password is: ',
str(key)
]
print(contents)
print('creating recipients')
recipients = {resetEmail: 'Twidder user'}
print(recipients)
print('trying to send email...')
yag.send(to=recipients,
subject='Your temporary Twidder password',
contents=contents)
print("Email sent successfully")
res = jsonify({'message': 'Email sent successfully'})
return res
except:
print("Error, email was not sent")
return ''
def change_password():
"""Change password
Changes password of currently logged in user given old and new password
"""
data = request.get_json()
hashed_token = request.headers.get('token')
oldPwd = data['oldPwd']
newPwd = data['newPwd']
email = data['email']
url = '/change_password'
token = database_helper.get_token_from_email(email)
hashed_old_password = bcrypt.generate_password_hash(oldPwd).decode('utf-8')
hashed_password = database_helper.get_hashed_password(email)
#print('hashed_password for this email is: ', hashed_password)
correct_password = bcrypt.check_password_hash(hashed_password, oldPwd)
hashed_new_password = bcrypt.generate_password_hash(newPwd).decode('utf-8')
#print('hashed_new_password: '******'correct_password: '******'utf-8')).hexdigest()
#print('CHANGEPWD: server_hash is:', server_hash, ' and hashed_token is: ', hashed_token)
if (len(newPwd) < 5):
res = jsonify({'success': False, 'message': 'Too short password'})
return res
if (oldPwd != newPwd) and correct_password and server_hash == hashed_token:
result = database_helper.change_password(token[0],
str(hashed_password),
str(hashed_new_password))
print('result in changepassword', result)
if (result == True):
res = jsonify({'success': True, 'message': 'Password changed'})
print('changed user password from: ', str(hashed_password),
' to: ', str(hashed_new_password))
return res
else:
res = jsonify({
'success': False,
'message': 'Something went wrong!'
})
return res
else:
res = jsonify({
'success': False,
'message': 'Old and new password are the same'
})
return res
return jsonify({'success': False, 'message': 'end'})
def get_user_data_by_email():
"""Get user data by email
Given an email, returns corresponding user data
Keyword arguments:
email -- input email (string), default = None
"""
data = request.get_json()
print(data)
searchedEmail = data['searchedEmail']
email = data['email']
url = '/get_user_data_by_email'
user_exists = database_helper.find_user(searchedEmail)
if (user_exists):
token = database_helper.get_token_from_email(email)
print('GETUSERDATABYTOKEN: token', token[0])
hashed_token = request.headers.get('token')
server_hash = sha256((token[0] + email + searchedEmail +
url).encode('utf-8')).hexdigest()
print('GETUSERDATABYEMAIL: server_hash is:', server_hash,
' and hashed_token is: ', hashed_token)
result = database_helper.get_user_data_by_email(
token[0], searchedEmail)
if result != None and token[0] and server_hash == hashed_token:
res = jsonify({
'success': True,
'email': result[0],
'firstName': result[1],
'familyName': result[2],
'gender': result[3],
'city': result[4],
'country': result[5]
})
else:
res = jsonify({
'success': False,
'message': 'There is no such user in database!'
})
return res