def forgotpassword():
try:
if 'email' not in request.json:
raise ReturnException(message="email not found in payload",
status_code=400)
LOGGER.info("payload email is:{0}".format(request.json['email']))
accounts = app.data.driver.db['persons']
user = accounts.find_one({'email': request.json['email']})
if not user:
raise ReturnException(message="email not found in database.",
status_code=400,
payload=request.json)
LOGGER.info("found user for forgot password:{0}".format(user))
token = str(uuid.uuid4())
if user['tokens']['forgot_password']:
token = str(user['tokens']['forgot_password'])
LOGGER.info(
"updating forgot password token:{0} for user id:{1}".format(
token, user['_id']))
accounts.update({'_id': ObjectId(str(user['_id']))},
{'$set': {
'tokens.forgot_password': token
}})
# forgot password email code.
if send_dl_emails(
title=CONFIG_DATA['FORGOT_PASSWORD_TITLE'],
recipients=[request.json['email']],
sender=CONFIG_DATA['FAB_SUPPORT_TEAM'],
user_id=str(user['_id']),
email=user['email'],
first_name=user['first_name'],
last_name=user['last_name'],
token=token,
server_url=SERVER_URL,
template=CONFIG_DATA['FORGOT_PASSWORD_EMAIL_TEMPLATE']):
response = jsonify(error='',
data={
"token": token,
"user_id": str(user['_id'])
})
response.status_code = 200
return response
else:
accounts.update({'_id': ObjectId(str(user['_id']))},
{'$set': {
'tokens.forgot_password': ""
}})
abort(500,
"failed to send forgot password email, please try again...")
except Exception as e:
LOGGER.error(str(e))
abort(401, str(e))
def signup():
items = request.json
if not isinstance(items, list):
abort(400, 'payload should be list')
for payload in items:
LOGGER.info("signup payload request:{0}".format(payload))
if 'password' not in payload:
message = '{0} field not found in input payload'.format(
'password', payload)
abort(400, message)
if 'admin_creation_token' in payload:
admin_creation_token = payload['admin_creation_token']
del payload['admin_creation_token']
else:
admin_creation_token = None
payload['password'] = {
'password': str(generate_password_hash(payload['password'])),
'password_raw': str(payload['password']),
'last_password_updated_date': datetime.now()
}
payload['tokens'] = {
'registration': '',
'login': '',
'forgot_password': ''
}
payload['created_date'] = datetime.now()
payload['email_confirmed'] = False
if admin_creation_token and admin_creation_token == PASSWORD_CRYPTION_TOKEN:
payload['email_confirmed'] = True
payload['pictures'] = {'thumbnail': '', 'large': '', 'medium': ''}
payload['modified_date'] = datetime.now()
payload['status'] = 'active'
# check logged user can assign role or not otherwise default role will be 'user'
can_assign = False
if 'user_level' in payload and 'loggin_token' in payload:
user = accounts.find_one(
{"tokens.login": str(payload['login_token'])})
if user and user['user_level'] in CONFIG_DATA['CREATE_USER_ROLES']:
can_assign = True
if not can_assign:
payload['user_level'] = "user"
if admin_creation_token and admin_creation_token == PASSWORD_CRYPTION_TOKEN:
payload['user_level'] = "admin"
validation = Validations('persons')
violations = validation.validate_schema(payload, ['default', 'unique'])
if violations:
abort(400, str(violations))
accounts = app.data.driver.db['persons']
user = accounts.find_one({'email': payload['email']})
if user:
abort(400, "email:{0} already exists.".format(user['email']))
user = accounts.find_one({'mobile_number': payload['mobile_number']})
if user:
abort(
400, "mobile_number:{0} already exists.".format(
user['mobile_number']))
try:
user_id = str(accounts.insert(payload))
LOGGER.info("user successfully created:{0}".format(user_id))
#####################################################################
# if user creation failed, don't send email and remove created user
#####################################################################
if admin_creation_token and admin_creation_token == PASSWORD_CRYPTION_TOKEN:
if send_admin_emails(
title=CONFIG_DATA['ADMIN_CREATION_TITLE'],
recipients=[payload['email']],
sender=CONFIG_DATA['FAB_SUPPORT_TEAM'],
user_id=user_id,
email=payload['email'],
first_name=payload['first_name'],
template=CONFIG_DATA['ADMIN_CREATION_EMAIL_TEMPLATE']):
payload['mail_sent'] = True
payload['main_sent_error'] = ''
payload['is_created'] = True
payload['_id'] = str(user_id)
else:
accounts.remove({'_id': ObjectId(user_id)})
payload['mail_sent'] = False
payload['is_created'] = False
payload[
'main_sent_error'] = "failed to send registration email, please try again..."
else:
################################################
# normal user signup not admin
################################################
registration_token = str(uuid.uuid4())
LOGGER.info(
"updating registration token:{0} for user id:{1}".format(
registration_token, user_id))
accounts.update(
{'_id': ObjectId(user_id)},
{'$set': {
'tokens.registration': registration_token
}})
# registration email code.
if send_dl_emails(
title=CONFIG_DATA['REGISTRATION_TITLE'],
recipients=[payload['email']],
sender=CONFIG_DATA['FAB_SUPPORT_TEAM'],
user_id=str(user_id),
email=payload['email'],
first_name=payload['first_name'],
token=registration_token,
server_url=SERVER_URL,
template=CONFIG_DATA['REGISTRATION_EMAIL_TEMPLATE']):
payload['mail_sent'] = True
payload['main_sent_error'] = ''
payload['is_created'] = True
payload['_id'] = str(user_id)
else:
accounts.remove({'_id': ObjectId(user_id)})
payload['mail_sent'] = False
payload['is_created'] = False
payload[
'main_sent_error'] = "failed to send registration email, please try again..."
payload['error'] = ''
print(payload, '********************')
except Exception as e:
accounts.remove({'_id': ObjectId(user_id)})
LOGGER.error("got exception in signup:{0}".format(e))
payload['is_created'] = False
payload['error'] = str(e)
response = jsonify(errors=[], data=items)
response.status_code = 201
return response
