Exemplo n.º 1
0
    def post(self, username):
        args = user_password_parser.parse_args()
        new_password = args["password"]
        curUser = args["curUser"]
        curPassword = args["curPassword"]

        op_log_handler = OperatorLogHandler()
        opName = 'ResetUserPassword'
        opObject = "User"
        operator = "admin"
        opDetails = {}
        opDetails['username'] = username
        cur_time = datetime.datetime.utcnow()

        user_obj = User()
        userCurrent = user_obj.get_by_username(curUser)
        # compare input password with password in db
        if not bcrypt.checkpw(curPassword.encode('utf8'),
                              bytes(userCurrent.dbUser.password.encode())):
            error_msg = "Wrong password"
            op_log_handler.record_operating_log(opDate=cur_time,
                                                opName=opName,
                                                opObject=opObject,
                                                resCode=400,
                                                operator=operator,
                                                errorMsg=error_msg,
                                                opDetails=opDetails)
            return {"error": "Wrong password", "success": False}, 400

        user = user_obj.get_by_username(username)
        if not user:
            error_msg = "No such User"
            op_log_handler.record_operating_log(opDate=cur_time,
                                                opName=opName,
                                                opObject=opObject,
                                                resCode=400,
                                                operator=operator,
                                                errorMsg=error_msg,
                                                opDetails=opDetails)
            return {"error": "No such User", "success": False}, 400
        salt = app.config.get("SALT", b"")
        # reset user's passwordop_log_handler = OperatorLogHandler()
        new_password = bcrypt.hashpw(new_password.encode('utf8'),
                                     bytes(salt.encode()))

        user.update_password(new_password.decode())

        data = {"success": True}

        op_log_handler.record_operating_log(opDate=cur_time,
                                            opName=opName,
                                            opObject=opObject,
                                            resCode=200,
                                            operator=operator,
                                            opDetails=opDetails)
        return data, 200
Exemplo n.º 2
0
    def post(self, **kwargs):
        args = login_parser.parse_args()
        username, password = args["username"], args["password"]

        user_obj = User()
        try:
            user = user_obj.get_by_username(username)
            # compare input password with password in db
            if bcrypt.checkpw(password.encode('utf8'),
                              bytes(user.password.encode())):
                login_user(user)

                # if login success save login history
                login_history = LoginHistory(user=user.dbUser)
                login_history.save()
                user_id = str(user.id)
                data = {
                    "success": True,
                    "id": user_id,
                    "role": user.user_role,
                    "next": url_for('bp_index.show')
                }

                return data, 200
            else:
                data = {
                    "success": False,
                    "error": "Wrong username or password"
                }
                return data, 401
        except Exception as exc:
            logger.info("error {}".format(exc))
            data = {"success": False, "error": "login failed"}
            return data, 401
Exemplo n.º 3
0
    def post(self, **kwargs):
        args = login_parser.parse_args()
        username, password = args["username"], args["password"]

        user_obj = User()
        try:
            user = user_obj.get_by_username(username)
            # compare input password with password in db
            if bcrypt.checkpw(password.encode('utf8'),
                              bytes(user.password.encode())):
                login_user(user)

                # if login success save login history
                login_history = LoginHistory(user=user.dbUser)
                login_history.save()
                user_id = str(user.id)
                data = {
                    "success": True,
                    "id": user_id,
                    "next": url_for('bp_index.show')
                }
                return data, 200
            else:
                data = {
                    "success": False,
                    "error": "Wrong username or password"
                }
                return data, 401
        except Exception as exc:
            logger.info("error {}".format(exc))
            data = {
                "success": False,
                "error": "login failed"
            }
            return data, 401
Exemplo n.º 4
0
    def get(self):
        """
        search user with username
        If user is existed return user info
        else return user_exists False
        :return:
        """
        args = user_search_parser.parse_args()
        username = args["username"]
        user_obj = User()
        user = user_obj.get_by_username(username)
        if not user:
            return {"user_exists": False}, 200

        data = {
            "username": user.username,
            "apikey": str(user.id),
            "isActivated": user.active,
            "balance": user.balance,
            "user_exists": True
        }

        return data, 200