Пример #1
0
    def addRefreshToken(self, clientId, userId):
        attempt = 1
        max_attempts = 5
            
        while True:
            try:
                timestamp = BasicTimestamp()
                timestamp.created = datetime.utcnow()

                refreshToken = RefreshToken()
                refreshToken.token_id = auth.generateToken(43)
                refreshToken.client_id = clientId
                refreshToken.user_id = userId
                refreshToken.timestamp = timestamp

                self._refreshTokenDB.addRefreshToken(refreshToken)
                logs.debug("Refresh Token created")
                break
            except:
                if attempt >= max_attempts:
                    ## Add logging here
                    raise
                attempt += 1

        accessTokenData = self.addAccessToken(refreshToken.client_id, \
                                                refreshToken.user_id, \
                                                refreshToken.token_id)
        
        ret = {
            'access_token': accessTokenData['access_token'],
            'expires_in': accessTokenData['expires_in'],
            'refresh_token': refreshToken.token_id,
        }
        return ret
Пример #2
0
    def addAccessToken(self, clientId, authUserId, refreshToken):
        max_attempts = 5
        attempt = 1
        expire  = 3920   # 1 hour
        expire  = 86720  # 24 hours
        expire  = 607040  # 1 week
        
        while True:
            try:
                rightNow = datetime.utcnow()

                timestamp = BasicTimestamp()
                timestamp.created = rightNow

                accessToken = AccessToken()
                accessToken.token_id = auth.generateToken(22)
                accessToken.client_id = clientId
                accessToken.refresh_token = refreshToken
                accessToken.user_id = authUserId
                accessToken.expires = rightNow + timedelta(seconds=expire)
                accessToken.timestamp = timestamp
                
                self._accessTokenDB.addAccessToken(accessToken)
                break
            except:
                if attempt >= max_attempts:
                    ## Add logging
                    raise 
                attempt += 1

        ret = {
            'access_token': accessToken.token_id,
            'expires_in': expire
        }

        logs.info("Access token created")
        return ret
Пример #3
0
    def addEmailAlertToken(self, userId):
        attempt = 1
        max_attempts = 15
            
        while True:
            try:
                timestamp = BasicTimestamp()
                timestamp.created = datetime.utcnow()

                token = SettingsEmailAlertToken()
                token.token_id = auth.generateToken(43)
                token.user_id = userId
                token.timestamp = timestamp

                self._emailAlertDB.addToken(token)
                logs.debug("Email Alert Token Created")
                break
            except:
                if attempt >= max_attempts:
                    ## Add logging here
                    raise
                attempt += 1

        return token.token_id
Пример #4
0
    def forgotPassword(self, email):
        email = str(email).lower().strip()
        if not utils.validate_email(email):
            msg = "Invalid format for email address"
            logs.warning(msg)
            raise StampedInputError(msg)
        
        # Verify user exists
        account = self._accountDB.getAccountByEmail(email)
        if not account or not account.user_id:
            msg = "User does not exist"
            logs.warning(msg)
            raise StampedInputError(msg)
        
        attempt = 1
        max_attempts = 5
        expire = 1800    # 30 minutes
        
        while True:
            try:
                rightNow = datetime.utcnow()

                resetToken = PasswordResetToken()
                resetToken.token_id = auth.generateToken(36)
                resetToken.user_id = account.user_id
                resetToken.expires = rightNow + timedelta(seconds=expire)
                
                timestamp = BasicTimestamp()
                timestamp.created = rightNow
                resetToken.timestamp = timestamp
                
                self._passwordResetDB.addResetToken(resetToken)
                break
            except Exception:
                if attempt >= max_attempts:
                    ## Add logging
                    raise 
                attempt += 1

        # TODO: switch this back to https after resolving the issue where assets 
        # aren't loaded over SSL
        url = 'http://www.stamped.com/pw/%s' % resetToken.token_id
        prettyurl = 'http://stamped.com/pw/%s' % resetToken.token_id
        
        # Email user
        msg = {}
        msg['to'] = email
        msg['from'] = 'Stamped <*****@*****.**>'
        msg['subject'] = 'Stamped: Forgot Password'
        
        try:
            base = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
            path = os.path.join(base, 'alerts', 'templates', 'email_password_forgot.html.j2')
            template = open(path, 'r')
        except Exception:
            ### TODO: Add error logging?
            raise
        
        params = {'url': url, 'prettyurl': prettyurl}
        msg['body'] = utils.parseTemplate(template, params)
        
        utils.sendEmail(msg, format='html')
        
        return True