def update_user():
user_uuid = request.form.get("uuid", None)
name = str(request.form.get("name", None))
user_hash = Encryption.encrypt_password(
str(request.form.get("password", None)))
email = str(request.form.get("email", None))
birthdate = str(request.form.get("birthdate", None))
if not data_validation.validate_uuid(user_uuid):
return return_json(success=False, error="Invalid user UUID")
if user_db.get_user(uuid=user_uuid)[0] is False:
return return_json(success=False, error="User not found")
if not data_validation.validate_email(email):
return return_json(success=False, error="Invalid email")
if not data_validation.validate_birthdate(birthdate)[0]:
return return_json(
success=False,
error=data_validation.validate_birthdate(birthdate)[1])
c_user = user_db.get_user(uuid=user_uuid)[1]
c_user.name = name
c_user.user_hash = user_hash
if c_user.email != email:
c_user.email = email
c_user.is_verified = False
c_user.birthdate = birthdate
user_db.update_user(c_user)
return return_json(
success=True, data={"message": "User {0} updated".format(c_user.uuid)})
def register_user():
name = str(request.form.get("name", None))
user_hash = Encryption.encrypt_password(
str(request.form.get("password", None)))
email = str(request.form.get("email", None))
birthdate = str(request.form.get("birthdate", None)).replace(
"-", "/") # IOS uses '-' instead of '/'
if name is None or email is None or name is None:
return return_json(success=False, error="Fields empty")
if not data_validation.validate_email(email):
return return_json(success=False, error="Invalid email")
if not data_validation.validate_birthdate(birthdate)[0]:
return return_json(success=False,
error="Invalid birthdate:" +
data_validation.validate_birthdate(birthdate)[1])
res = user_db.insert_user(name, user_hash, email, birthdate)
if not res[0]:
return return_json(success=False, error="User already exists")
user_uuid = res[1]
expenses_db.create_expenses(user_uuid)
schedule_db.create_schedule(user_uuid)
hygiene_db.create_hygiene(user_uuid)
token = token_generator.generate_confirm_token(email)
send_confirmation_mail(name, email, token)
return return_json(success=True)
class UserAuthentication:
def __init__(self, database):
self.database = database
self.encryption = Encryption()
def identify_user(self, operation, username, password):
"""Chooses whether login of register operation
will be performed with username and password.
"""
if operation == 'login':
return self.login_user(username, password)
elif operation == 'register':
return self.register_user(username, password)
def register_user(self, username, password):
"""Checks if there is no user in database with username,
then encrypts password and adds entry to the database.
:return register status modified with self.auth_output
"""
if self.database.check_user(username):
return self.auth_output(False, f'"{username}" is already taken')
else:
self.database.add_user(username,
self.encryption.encrypt_password(password))
return self.auth_output(True, f'"{username}" is now registered')
def login_user(self, username, password):
"""Checks if user with username in database,
compares password with the encrypted one from database entry.
:return login status modified with self.auth_output
"""
if self.database.check_user(username):
user_password = self.database.get_password(username)
if self.encryption.check_password(password, user_password):
return self.auth_output(True, f'"{username}", login success')
else:
return self.auth_output(False, 'Wrong password')
else:
return self.auth_output(False, f'No such user - "{username}"')
def already_logged(self):
return self.auth_output(False, 'Such user is already logged in')
@staticmethod
def auth_output(flag: bool, message: str):
"""
:param flag: boolean login/register success status
:param message: verbal description of flag
:return flag and message as one dictionary
"""
logging.info(message)
return {'flag': flag, 'verbose': message}
def add_user():
if request.method == "GET":
return render_template('users/user_add.html')
name = str(request.form.get("name", None))
pw1 = request.form.get("password", None)
pw2 = request.form.get("confirm_password", None)
user_hash = Encryption.encrypt_password(
str(request.form.get("password", None))
)
email = str(request.form.get("email", None))
birthdate = str(request.form.get("birthdate", None)).replace(
"-", "/") # IOS uses '-' instead of '/'
if name is None or email is None or name is None:
return render_template('users/user_add.html', error="Fields empty")
if pw1 != pw2:
return render_template('users/user_add.html', error="Passwords don't match")
if not data_validation.validate_email(email):
return render_template('users/user_add.html', error="Invalid mail")
if not data_validation.validate_birthdate(birthdate)[0]:
return render_template('users/user_add.html', error="Invalid birthdate:" + data_validation.validate_birthdate(birthdate)[1])
res = user_db.insert_user(name, user_hash, email, birthdate)
if not res[0]:
return render_template('users/user_add.html', error="User already exists")
user_uuid = res[1]
expenses_db.create_expenses(user_uuid)
schedule_db.create_schedule(user_uuid)
hygiene_db.create_hygiene(user_uuid)
token = generate_confirm_token(email)
mail.send_confirmation_mail(name, email, token)
return return_message("Succes", "User added!", 2, url_for('admin_blueprint.get_users'))
