Exemplo n.º 1
0
def user_edit():
    try:
        account = get_account(current_user.username)

        field = request.form.get('field', None)

        if field is None:
            raise ValidationError('Update was requested for an unknown field.')

        if field == FIELD_KEYS['PASSWORD']:
            user_edit_password(account)
        elif field == FIELD_KEYS['EMAIL']:
            email = request.form.get('email', '').strip()
            account.email = email if len(email) > 0 else None
        elif field == FIELD_KEYS['SECRET']:
            account.update_api_tokens()

        account.validate()
        account.save()
        flash('Account information was successfully updated!', category='info')
    except ValueError as ve:
        flash(ve.message, category='error')
    except ValidationError as ve:
        invalids = ','.join([f.title() for f in ve.errors.keys()])
        msg = 'Invalid: %s' % (invalids)
        flash(escape(msg), category='error')
    except Exception as ex:
        current_app.logger.info(ex)
        flash('An unknown error has occured.', category='error')

    return redirect(url_for('auth.user_account'))
Exemplo n.º 2
0
def user_edit():
    try:
        account = get_account(current_user.username)

        field = request.form.get('field', None)

        if field is None:
            raise ValidationError('Update was requested for an unknown field.')

        if field == FIELD_KEYS['PASSWORD']:
            user_edit_password(account)
        elif field == FIELD_KEYS['EMAIL']:
            email = request.form.get('email', '').strip()
            account.email = email if len(email) > 0 else None
        elif field == FIELD_KEYS['SECRET']:
            account.update_api_tokens()

        account.validate()
        account.save()
        flash('Account information was successfully updated!', category='info')
    except ValueError as ve:
        flash(ve.message, category='error')
    except ValidationError as ve:
        invalids = ','.join([f.title() for f in ve.errors.keys()])
        msg = 'Invalid: %s' % (invalids)
        flash(escape(msg), category='error')
    except Exception as ex:
        current_app.logger.info(ex)
        flash('An unknown error has occured.', category='error')

    return redirect(url_for('auth.user_account'))
Exemplo n.º 3
0
 def test_lastlogin(self):
     """
     Ensure that lastlogin field is updated
     """
     lastlogin = datetime.utcnow()
     self._login(self.username, self.password)
     account = get_account(self.username)
     assert lastlogin < account.lastlogin
Exemplo n.º 4
0
def user_account():
    account = get_account(current_user.username)
    content = {
        'username': account.username,
        'email': account.email,
        'apikey': str(account.apikey),
        'secret': str(account.secret),
        'fields': FIELD_KEYS,
    }
    return render_template('account.html', **content)
Exemplo n.º 5
0
def user_account():
    account = get_account(current_user.username)
    content = {
        'username': account.username,
        'email': account.email,
        'apikey': str(account.apikey),
        'secret': str(account.secret),
        'fields': FIELD_KEYS,
    }
    return render_template('account.html', **content)
Exemplo n.º 6
0
def api_username(apikey):
    """
    Fetch the username who holds a given apikey. Returns None if no match.

    :Parameters:
        - `apikey`: API Key to search for.
    """
    account = get_account(apikey, 'apikey')
    if account:
        return account.username
    return None
Exemplo n.º 7
0
def api_username(apikey):
    """
    Fetch the username who holds a given apikey. Returns None if no match.

    :Parameters:
        - `apikey`: API Key to search for.
    """
    account = get_account(apikey, 'apikey')
    if account:
        return account.username
    return None
Exemplo n.º 8
0
def generate_signature(apikey, method, path, date, md5sums):
    md5sums.sort()
    ordered = [method, path, date] + md5sums
    string = ''
    for content in ordered:
        if content is None:
            raise ValueError('Required header not found')
        string += str(content)

    user = get_account(apikey, 'apikey')
    if user is None:
        raise ValueError('Invalid apikey')
    if user.secret is None:
        raise ValueError('No client secret known')

    return HMAC(key=bytes(user.secret), msg=string.lower(),
                digestmod=sha512).hexdigest().upper()
Exemplo n.º 9
0
def generate_signature(apikey, method, path, date, md5sums):
    md5sums.sort()
    ordered = [method, path, date] + md5sums
    string = ''
    for content in ordered:
        if content is None:
            raise ValueError('Required header not found')
        string += str(content)

    user = get_account(apikey, 'apikey')
    if user is None:
        raise ValueError('Invalid apikey')
    if user.secret is None:
        raise ValueError('No client secret known')

    return HMAC(
        key=bytes(user.secret),
        msg=string.lower(),
        digestmod=sha512
    ).hexdigest().upper()
Exemplo n.º 10
0
    def test_account_edit(self):
        """
        Verify that account editing works as expected
        """
        new_pass = self.password[::-1]
        new_email = '*****@*****.**'
        form_data = {
            'password': new_pass,
            'verify_password': new_pass,
            'email': new_email,
        }

        for field in ['password', 'email', 'secret']:
            form_data['field'] = field
            self.update_account(form_data)

        updated_account = get_account(self.username)
        assert updated_account.email == new_email
        assert updated_account.password != self.account.password
        assert updated_account.apikey != self.account.apikey
        assert updated_account.secret != self.account.secret

        self.account = updated_account
        self.password = new_pass
Exemplo n.º 11
0
    def test_account_edit(self):
        """
        Verify that account editing works as expected
        """
        new_pass = self.password[::-1]
        new_email = '*****@*****.**'
        form_data = {
            'password': new_pass,
            'verify_password': new_pass,
            'email': new_email,
        }

        for field in ['password', 'email', 'secret']:
            form_data['field'] = field
            self.update_account(form_data)

        updated_account = get_account(self.username)
        assert updated_account.email == new_email
        assert updated_account.password != self.account.password
        assert updated_account.apikey != self.account.apikey
        assert updated_account.secret != self.account.secret

        self.account = updated_account
        self.password = new_pass
Exemplo n.º 12
0
def authenticate(username, password):
    user = get_account(str(username))
    return user and check_password_hash(user.password, password)
Exemplo n.º 13
0
def api_request_user_account():
    """
    Get the account associated with the current API requrst
    """
    username = api_request_user()
    return get_account(username)
Exemplo n.º 14
0
def authenticate(username, password):
    user = get_account(str(username))
    return user and check_password_hash(user.password, password)
Exemplo n.º 15
0
def api_request_user_account():
    """
    Get the account associated with the current API requrst
    """
    username = api_request_user()
    return get_account(username)