def create(username, password):
"""Creates a user using an email.
"""
a = User.query.filter(User.username == username).first()
if a:
print('User already exists!')
user = User(username=username, password=hash_password(password), active=1)
user.save()
print('User created successfully')
def create(email, password):
"""Creates a user using an email.
"""
a = User.query.filter(User.email == email).first()
if a is not None:
print('User already exists!')
else:
user = User(email=email, password=hash_password(password), active=1)
user.save()
def create(email, password):
"""Creates a user using an email.
"""
if User.objects(email = email).first() != None:
print ('User already exists!')
else:
CreateUserCommand().run(email=email, password=password, active=1)
def generate_users(num=6):
faker = Faker()
if User.query.count() > 3:
return
for i in range(1, num):
u = User()
u.email = 'demo' + str(i) + '@sjac.com'
u.name = 'demo ' + str(i)
u.password = hash_password('your-strong-pass-here-@@##@@')
u.active = 1
u.save()
def install():
"""Install a default Admin user and add an Admin role to it.
"""
# check if admin exists
from enferno.user.models import Role
a = Role.query.filter(Role.name == 'Admin').first()
if a is None:
# create admin role
r = Role(name='Admin')
r.save()
u = click.prompt('Admin username?', default='admin')
p = click.prompt('Admin Password (min 6 characters)?')
user = User(username=u, password=hash_password(p), active=1)
user.name = 'Admin'
user.roles.append(r)
user.save()
else:
print('Seems like an Admin is already installed')
def reset(email, password):
"""Reset a user password
"""
try:
pwd = encrypt_password(password)
u = User.objects(email= email).first()
u.password = pwd
u.save()
print ('User password has been reset successfully.')
except Exception as e:
print ('Error resetting user password: %s' % e)
def install():
"""Install a default Admin user and add an Admin role to it.
"""
# check if admin exists
from enferno.user.models import Role
a = Role.query.filter(Role.name == 'Admin').first()
if a is None:
r = Role(name='Admin')
try:
db.session.add(r)
db.session.commit()
u = click.prompt('Admin Email?', default='*****@*****.**')
p = click.prompt('Admin Password (min 6 characters)?',
default='enferno')
user = User(email=u, password=hash_password(p), active=1)
user.name = 'Admin'
user.roles.append(r)
user.save()
except Exception as e:
db.session.rollback()
else:
print('Seems like an Admin is already installed')
def add_role(email, role):
"""Adds a role to the specified user.
"""
from enferno.user.models import Role
u = User.objects(email = email).first()
if u == None:
print ('Sorry, this user does not exist!')
return
r = Role.objects(name = role).first()
if r == None:
print ('Sorry, this role does not exist!')
u = click.prompt('Would you like to create one? Y/N', default='N')
if u.lower() == 'y':
Role(name=role).save()
print ('Role created successfully, you may add it now to the user')
else:
AddRoleCommand().run(user_identifier=email, role_name=role)
def auth_callback():
"""
Open ID callback endpoint.
:return:
"""
code = request.args.get("code")
# Find out what URL to hit to get tokens that allow you to ask for
# things on behalf of a user
google_provider_cfg = get_google_provider_cfg()
token_endpoint = google_provider_cfg["token_endpoint"]
# Prepare and send request to get tokens! Yay tokens!
token_url, headers, body = client.prepare_token_request(
token_endpoint,
authorization_response=request.url,
redirect_url=request.base_url,
code=code,
)
token_response = requests.post(
token_url,
headers=headers,
data=body,
auth=(cfg.GOOGLE_CLIENT_ID, cfg.GOOGLE_CLIENT_SECRET),
)
# Parse the tokens!
client.parse_request_body_response(json.dumps(token_response.json()))
# Now that we have tokens (yay) let's find and hit URL
# from Google that gives you user's profile information,
# including their Google Profile Image and Email
userinfo_endpoint = google_provider_cfg["userinfo_endpoint"]
uri, headers, body = client.add_token(userinfo_endpoint)
userinfo_response = requests.get(uri, headers=headers, data=body)
# We want to make sure their email is verified.
# The user authenticated with Google, authorized our
# app, and now we've verified their email through Google!
if userinfo_response.json().get("email_verified"):
unique_id = userinfo_response.json()["sub"]
users_email = userinfo_response.json()["email"]
#picture = userinfo_response.json()["picture"]
users_name = userinfo_response.json()["name"]
else:
return "User email not available or not verified by Google.", 400
if not users_email.endswith('syriaaccountability.org'):
return "User email rejected! ", 403
# Create a user in our db with the information provided
# by Google
u = User.query.filter(User.google_id == unique_id).first()
if u is None:
u = User()
u.email = users_email
u.google_id = unique_id
u.name = users_name
u.active = True
u.password = os.urandom(32).hex()
u.save()
login_user(u)
return redirect(cfg.SECURITY_POST_LOGIN_VIEW)