def get_user_token_using_refresh_token(username, refresh_token):
try:
resp = CLIENT.admin_initiate_auth(
UserPoolId=settings.USER_POOL_ID,
ClientId=settings.CLIENT_ID,
AuthFlow='REFRESH_TOKEN_AUTH',
AuthParameters={
'REFRESH_TOKEN': refresh_token,
'SECRET_HASH': get_secret_hash(username)
}
)
except CLIENT.exceptions.NotAuthorizedException:
return False, "Incorrect username or password"
except CLIENT.exceptions.UserNotFoundException:
return False, "Username does not exists"
except Exception as e:
return False, str(e)
if 'AuthenticationResult' in resp:
token = {
'access': resp['AuthenticationResult']['IdToken'],
'token': resp['AuthenticationResult']['AccessToken'],
'refresh': refresh_token
}
return True, token
return True, resp
def get_user_token(username, password):
username = username.lower()
username = username.strip()
try:
resp = CLIENT.admin_initiate_auth(
UserPoolId=settings.USER_POOL_ID,
ClientId=settings.CLIENT_ID,
AuthFlow='ADMIN_NO_SRP_AUTH',
AuthParameters={
'USERNAME': username,
'SECRET_HASH': get_secret_hash(username),
'PASSWORD': password
},
ClientMetadata={
'username': username,
'password': password
})
except CLIENT.exceptions.NotAuthorizedException:
raise NotAuthenticated("The username or password is incorrect.")
except CLIENT.exceptions.UserNotConfirmedException:
raise NotAuthenticated("User is not confirmed.")
except Exception as e:
raise NotAuthenticated(str(e))
if 'AuthenticationResult' in resp:
resp = {
'access': resp['AuthenticationResult']['IdToken'],
'refresh': resp['AuthenticationResult']['RefreshToken'],
'token': resp['AuthenticationResult']['AccessToken']
}
return resp
def force_reset_password(username, new_password, session,
challengename='NEW_PASSWORD_REQUIRED'):
username = username.lower()
username = username.strip()
try:
res_change_password = CLIENT.admin_respond_to_auth_challenge(
UserPoolId=settings.USER_POOL_ID,
ClientId=settings.CLIENT_ID,
ChallengeName=challengename,
ChallengeResponses={
'USERNAME':username,
'NEW_PASSWORD':new_password,
'SECRET_HASH':get_secret_hash(username)
},
Session=session
)
except CLIENT.exceptions.NotAuthorizedException:
raise NotAuthenticated('Invalid session for the user.')
except CLIENT.exceptions.CodeMismatchException:
raise NotAuthenticated('Invalid session for the user, code mismatch.')
except Exception as e:
raise NotAuthenticated(str(e))
token = {
'access': res_change_password['AuthenticationResult']['IdToken'],
'refresh': res_change_password['AuthenticationResult']['RefreshToken'],
'token': res_change_password['AuthenticationResult']['AccessToken']
}
return token
def remove_user_from_group(user_details, group_name):
try:
response = CLIENT.admin_remove_user_from_group(
UserPoolId=settings.USER_POOL_ID,
Username=user_details['Username'],
GroupName=group_name)
except Exception as e:
return False, "Exception in remove_user_from_group {}".format(str(e))
return True, response
def create_group(group_name):
try:
resp = CLIENT.create_group(GroupName=group_name,
UserPoolId=settings.USER_POOL_ID)
except Exception as e:
raise APIException.ParseError(
"Exception in create_group {}".format(str(e)),
status.HTTP_400_BAD_REQUEST)
return resp
def add_new_test_student(username, firstname, lastname, password):
attributes = [{
"Name": "email_verified",
"Value": "true"
}, {
"Name": "custom:student_type",
"Value": ''
}, {
"Name": "custom:UserType",
"Value": "Student"
}, {
"Name": "custom:user_portal",
"Value": "GPS"
}, {
"Name": "custom:college_name",
"Value": str([])
}, {
"Name": "custom:institution_uuid",
"Value": str([])
}, {
"Name": "given_name",
"Value": firstname
}, {
"Name": "family_name",
"Value": lastname
}, {
"Name": "email",
"Value": username
}, {
"Name": "custom:logo",
"Value": ''
}]
new_user = CLIENT.admin_create_user(Username=username,
UserPoolId=USER_POOL_ID,
UserAttributes=attributes,
MessageAction="SUPPRESS")
response = CLIENT.admin_set_user_password(UserPoolId=USER_POOL_ID,
Username=username,
Password=password,
Permanent=True)
def add_user_to_group(user_details, group_name):
try:
response = CLIENT.admin_add_user_to_group(
UserPoolId=settings.USER_POOL_ID,
Username=user_details['Username'],
GroupName=group_name)
except Exception as e:
log.error("Exception in add_user_to_group {}".format(str(e)))
raise APIException.ParseError(
"Exception in add_user_to_group {}".format(str(e)),
status.HTTP_400_BAD_REQUEST)
return response
def check_if_group_exists(group_name_stripped):
try:
group = CLIENT.get_group(GroupName=group_name_stripped,
UserPoolId=settings.USER_POOL_ID)
except CLIENT.exceptions.ResourceNotFoundException as e:
log.error("Group doesnt exists %s" % str(e))
group = create_group(group_name_stripped)
except Exception as e:
log.error("Error while checking from group %s" % str(e))
raise APIException.ParseError(
"Exception in check_if_group_exists {}".format(str(e)),
status.HTTP_400_BAD_REQUEST)
return group
def add_user(username, attributes):
username = username.lower()
username = username.strip()
try:
new_user = CLIENT.admin_create_user(Username=username,
UserPoolId=settings.USER_POOL_ID,
UserAttributes=attributes,
DesiredDeliveryMediums=["EMAIL"])
except CLIENT.exceptions.UsernameExistsException as e:
log.error("Email already exists %s" % str(e))
raise APIException("Email already exists", status.HTTP_409_CONFLICT)
except Exception as e:
log.error("Error while user registeration %s" % str(e))
raise APIException("Error: {}".format(str(e)),
status.HTTP_400_BAD_REQUEST)
user_details = new_user['User']
return user_details
def add_new_test_student(username, firstname, lastname, password):
payload = {
"first_name": firstname,
"last_name": lastname,
"email": username,
"agree": True,
"instance": "",
"institute_logo": ""
}
print(payload)
headers = {}
headers["Content-Type"] = "application/json"
headers["Accept"] = "application/json"
newuser = requests.post("https://gps-v2.goeducate.com/pt/api/v2/signup",
json=payload,
headers=headers)
# print(newuser.text)
print(newuser.status_code)
#:print(newuser.text)
response = CLIENT.admin_set_user_password(UserPoolId=USER_POOL_ID,
Username=username,
Password=password,
Permanent=True)