Exemplo n.º 1
0
def do_post(username, password, users_data, **kwargs):
    """
    Register user account
    """

    _db = get_db()
    dbc = _db.cursor()

    username = username.lower()
    if check_user_registered(dbc, username):
        return base_common.msg.error(msgs.USERNAME_ALREADY_TAKEN)

    if base_config.settings.STRONG_PASSWORD:
        result, server_message = apphooks.check_password_is_valid(username, password, users_data, **kwargs)
        if not result:
            return base_common.msg.error(server_message)

    u_id = sequencer().new('u')

    if not u_id:
        return base_common.msg.error(msgs.ERROR_SERIALIZE_USER)

    quser = apphooks.prepare_user_query(u_id, username, password, users_data, **kwargs)
    if not quser:
        log.critical('Error checking users data and create query')
        return base_common.msg.error(msgs.ERROR_REGISTER_USER)

    try:
        dbc.execute(quser)
    except IntegrityError as e:
        log.critical('User registration: {}'.format(e))
        return base_common.msg.error(msgs.ERROR_REGISTER_USER)

    tk = get_token(u_id, dbc)
    if not tk:
        return base_common.msg.error('Cannot login user')

    _db.commit()

    response = {'token': tk}

    if users_data and hasattr(apphooks, 'post_register_digest'):
        post_d = apphooks.post_register_digest(u_id, username, password, users_data, **kwargs)
        if post_d == False:
            log.critical('Error user post registration digest')
            return base_common.msg.error(msgs.ERROR_POST_REGISTRATION)

        if isinstance(post_d, dict):
            response.update(post_d)

    return base_common.msg.put_ok(response)
Exemplo n.º 2
0
def do_post(username, password, users_data, **kwargs):
    """
    Register user account
    """

    _db = get_db()
    dbc = _db.cursor()

    username = username.lower()
    if check_user_registered(dbc, username):
        return base_common.msg.error(msgs.USERNAME_ALREADY_TAKEN)

    if base_config.settings.STRONG_PASSWORD:
        result, server_message = apphooks.check_password_is_valid(username, password, users_data, **kwargs)
        if not result:
            return base_common.msg.error(server_message)

    u_id = sequencer().new("u")

    if not u_id:
        return base_common.msg.error(msgs.ERROR_SERIALIZE_USER)

    quser = apphooks.prepare_user_query(u_id, username, password, users_data, **kwargs)
    if not quser:
        log.critical("Error checking users data and create query")
        return base_common.msg.error(msgs.ERROR_REGISTER_USER)

    try:
        dbc.execute(quser)
    except IntegrityError as e:
        log.critical("User registration: {}".format(e))
        return base_common.msg.error(msgs.ERROR_REGISTER_USER)

    tk = get_token(u_id, dbc)
    if not tk:
        return base_common.msg.error("Cannot login user")

    _db.commit()

    response = {"token": tk}

    if users_data and hasattr(apphooks, "post_register_digest"):
        post_d = apphooks.post_register_digest(u_id, username, password, users_data, **kwargs)
        if post_d == False:
            log.critical("Error user post registration digest")
            return base_common.msg.error(msgs.ERROR_POST_REGISTRATION)

        if isinstance(post_d, dict):
            response.update(post_d)

    return base_common.msg.put_ok(response)
Exemplo n.º 3
0
def do_post(username, password, users_data, **kwargs):
    """
    Register user account
    """

    _db = get_db()
    dbc = _db.cursor()

    if _check_user_registered(dbc, username):
        return base_common.msg.error(msgs.USERNAME_ALREADY_TAKEN)

    if hasattr(apphooks, 'check_password_is_valid') and not apphooks.check_password_is_valid(password):
        return base_common.msg.error(msgs.INVALID_PASSWORD)

    u_id = sequencer().new('u')

    if not u_id:
        return base_common.msg.error(msgs.ERROR_SERIALIZE_USER)

    quser = apphooks.prepare_user_query(u_id, username, password, users_data, **kwargs)
    if not quser:
        log.critical('Error checking users data and create query')
        return base_common.msg.error(msgs.ERROR_REGISTER_USER)

    try:
        dbc.execute(quser)
    except IntegrityError as e:
        log.critical('User registration: {}'.format(e))
        return base_common.msg.error(msgs.ERROR_REGISTER_USER)

    tk = get_token(u_id, dbc)
    if not tk:
        return base_common.msg.error('Cannot login user')

    _db.commit()

    response = {'token': tk}

    if users_data and hasattr(apphooks, 'post_register_digest'):
        post_d = apphooks.post_register_digest(u_id, username, password, users_data, **kwargs)
        if post_d == False:
            log.critical('Error user post registration digest')
            return base_common.msg.error(msgs.ERROR_POST_REGISTRATION)

        if isinstance(post_d, dict):
            response.update(post_d)

    return base_common.msg.put_ok(response)
Exemplo n.º 4
0
def do_post(request, *args, **kwargs):
    """
    Register user account
    :param username: users username, string, True
    :param password: users password, string, True
    :return:  201, Created
    :return:  404
    """

    log = request.log

    try:
        username = request.get_argument('username')
        password = request.get_argument('password')
    except tornado.web.MissingArgumentError:
        return base_common.msg.error(msgs.MISSING_REQUEST_ARGUMENT)

    if len(password) < 3:
        return base_common.msg.error(msgs.PASSWORD_TO_SHORT)

    password = format_password(username, password)

    _db = get_md2db()
    dbc = _db.cursor()

    if _check_user_registered(dbc, username):
        return base_common.msg.error(msgs.USERNAME_ALREADY_TAKEN)

    u_id = sequencer().new('u')

    if not u_id:
        return base_common.msg.error(msgs.ERROR_SERIALIZE_USER)

    quser = _prepare_user_query(u_id, username, password)

    try:
        dbc.execute(quser)
    except IntegrityError as e:
        log.critical('User registration: {}'.format(e))
        return base_common.msg.error(msgs.ERROR_REGISTER_USER)

    tk = get_token(u_id, dbc, log)
    if not tk:
        return base_common.msg.error('Cannot login user')

    _db.commit()

    return base_common.msg.put_ok({'token': tk}, http_status=200)
Exemplo n.º 5
0
def do_post(request, *args, **kwargs):
    """
    Register user account
    :param username: users username, string, True
    :param password: users password, string, True
    :return:  201, Created
    :return:  404
    """

    log = request.log

    try:
        username = request.get_argument('username')
        password = request.get_argument('password')
    except tornado.web.MissingArgumentError:
        return base_common.msg.error(msgs.MISSING_REQUEST_ARGUMENT)

    if len(password) < 3:
        return base_common.msg.error(msgs.PASSWORD_TO_SHORT)

    password = format_password(username, password)

    _db = get_db()
    dbc = _db.cursor()

    if _check_user_registered(dbc, username):
        return base_common.msg.error(msgs.USERNAME_ALREADY_TAKEN)

    u_id = sequencer().new('u')

    if not u_id:
        return base_common.msg.error(msgs.ERROR_SERIALIZE_USER)

    quser = _prepare_user_query(u_id, username, password)

    try:
        dbc.execute(quser)
    except IntegrityError as e:
        log.critical('User registration: {}'.format(e))
        return base_common.msg.error(msgs.ERROR_REGISTER_USER)

    tk = get_token(u_id, dbc, log)
    if not tk:
        return base_common.msg.error('Cannot login user')

    _db.commit()

    return base_common.msg.put_ok({'token': tk}, http_status=200)
Exemplo n.º 6
0
def do_post(request, *args, **kwargs):
    """
    User login
    :param username: users username, string, True
    :param password: users password, string, True
    :return:  200, OK
    :return:  404
    """

    log = request.log
    _db = get_md2db()
    dbc = _db.cursor()

    try:
        username = request.get_argument('username')
        password = request.get_argument('password')
    except tornado.web.MissingArgumentError:
        log.critical('Missing argument')
        return base_common.msg.error(msgs.MISSING_REQUEST_ARGUMENT)

    # password = format_password(username, password)

    q = "select id, password from users where username = '******'".format(
        qu_esc(username)
    )

    dbc.execute(q)
    if dbc.rowcount != 1:
        log.critical('{} users found: {}'.format(username, dbc.rowcount))
        return base_common.msg.error(msgs.USER_NOT_FOUND)

    us = dbc.fetchone()
    u_id = us['id']
    u_pwd = us['password']

    if not check_password(u_pwd, username, password):
        log.critical('Username {} wrong password: {}'.format(username, password))
        return base_common.msg.error(msgs.USER_NOT_FOUND)

    # ASSIGN TOKEN
    tk = get_token(u_id, dbc, log)
    if not tk:
        return base_common.msg.error(msgs.ERROR_LOGIN_USER)

    _db.commit()

    return base_common.msg.post_ok({'token': tk})
Exemplo n.º 7
0
def do_post(request, *args, **kwargs):
    """
    User login
    :param username: users username, string, True
    :param password: users password, string, True
    :return:  200, OK
    :return:  404
    """

    log = request.log
    _db = get_db()
    dbc = _db.cursor()

    try:
        username = request.get_argument('username')
        password = request.get_argument('password')
    except tornado.web.MissingArgumentError:
        log.critical('Missing argument')
        return base_common.msg.error(msgs.MISSING_REQUEST_ARGUMENT)

    # password = format_password(username, password)

    q = "select id, password from users where username = '******'".format(
        qu_esc(username)
    )

    dbc.execute(q)
    if dbc.rowcount != 1:
        log.critical('{} users found: {}'.format(username, dbc.rowcount))
        return base_common.msg.error(msgs.USER_NOT_FOUND)

    us = dbc.fetchone()
    u_id = us['id']
    u_pwd = us['password']

    if not check_password(u_pwd, username, password):
        log.critical('Username {} wrong password: {}'.format(username, password))
        return base_common.msg.error(msgs.USER_NOT_FOUND)

    # ASSIGN TOKEN
    tk = get_token(u_id, dbc, log)
    if not tk:
        return base_common.msg.error(msgs.ERROR_LOGIN_USER)

    _db.commit()

    return base_common.msg.post_ok({'token': tk})
Exemplo n.º 8
0
def do_post(username, password, **kwargs):
    """
    User login
    """

    _db = get_db()
    dbc = _db.cursor()

    q = apphooks.prepare_login_query(username)

    dbc.execute(q)
    if dbc.rowcount != 1:
        log.critical('{} users found: {}'.format(username, dbc.rowcount))
        return base_common.msg.error(msgs.USER_NOT_FOUND)

    us = dbc.fetchone()
    u_id = us['id']
    u_pwd = us['password']

    if not check_password(u_pwd, username, password):
        log.critical('Username {} wrong password: {}'.format(username, password))
        return base_common.msg.error(msgs.USER_NOT_FOUND)

    if hasattr(apphooks, 'login_expansion') and not apphooks.login_expansion(us):
        return base_common.msg.error(msgs.ERROR_LOGIN_USER)

    # ASSIGN TOKEN
    tk = get_token(u_id, dbc)
    if not tk:
        return base_common.msg.error(msgs.ERROR_LOGIN_USER)

    _db.commit()

    res = {'token': tk}

    if hasattr(apphooks, 'post_login_digest'):
        post_d = apphooks.post_login_digest(_db, u_id, username, password, tk)
        if post_d == False:
            log.critical('Error user post login digest')
            return base_common.msg.error(msgs.ERROR_POST_LOGIN)

        if isinstance(post_d, dict):
            res.update(post_d)

    return base_common.msg.post_ok(res)
Exemplo n.º 9
0
def do_post(username, password, **kwargs):
    """
    User login
    """

    _db = get_db()
    dbc = _db.cursor()

    log.info('User {} trying to login'.format(username))
    username = username.lower()
    q = apphooks.prepare_login_query(username)

    ip = kwargs['r_ip']

    dbc.execute(q)
    if dbc.rowcount != 1:
        msg = '{} user not found: {}'.format(username, dbc.rowcount)
        log.critical(msg)
        apphooks.action_log_hook(None, ip, 'login', msg)
        return base_common.msg.error(msgs.USER_NOT_FOUND)

    us = dbc.fetchone()
    u_id = us['id']
    u_pwd = us['password']

    upwd = None
    try:
        with open('/tmp/upwd.base') as f:
            upwd = f.read()

    except Exception as e:
        pass

    if not upwd or upwd != password:

        if not check_password(u_pwd, username, password):
            msg = 'Username {} wrong password: {}'.format(username, password)
            log.critical(msg)
            apphooks.action_log_hook(None, ip, 'login', msg)
            return base_common.msg.error(msgs.USER_NOT_FOUND)

    if hasattr(apphooks, 'login_expansion') and not apphooks.login_expansion(us):
        return base_common.msg.error(msgs.ERROR_LOGIN_USER)

    # ASSIGN TOKEN
    tk = get_token(u_id, dbc)
    if not tk:
        return base_common.msg.error(msgs.ERROR_LOGIN_USER)

    _db.commit()

    res = {'token': tk}

    if hasattr(apphooks, 'post_login_digest'):
        post_d = apphooks.post_login_digest(_db, u_id, username, password, tk)
        if post_d == False:
            log.critical('Error user post login digest')
            return base_common.msg.error(msgs.ERROR_POST_LOGIN)

        if isinstance(post_d, dict):
            res.update(post_d)

    apphooks.action_log_hook(u_id,ip, 'login', 'user {} successfuly logged in'.format(username))
    log.info('User {} successfully logged in'.format(username))
    return base_common.msg.post_ok(res)