async def changepassword(request):
data = request.json
print("==================data", data)
password_old = data['password_old']
password_new = data['password_new']
current_uid = data['user_id']
print("==================PASSWORD_OLD", password_old)
print("==================PASSWORD_NEW", password_new)
print("===================current_uid============", current_uid)
user = db.session.query(User).filter(or_(User.id == current_uid)).first()
if current_uid and password_new is not None and auth.verify_password(
password_old, user.password):
print("==============USER INFO",
auth.verify_password(password_old, user.password))
user_info = db.session.query(User).filter(
User.id == current_uid).first()
print("==============USER INFO", user_info)
if user_info is not None:
user_info.password = auth.encrypt_password(password_new)
db.session.commit()
return json({})
async def user_login(request):
param = request.json
user_name = param.get("user_name")
password = param.get("password")
print(user_name, password)
if (user_name is not None) and (password is not None):
user = db.session.query(User).filter(
User.user_name == user_name).first()
if (user is not None) and auth.verify_password(password, user.password,
user.salt):
auth.login_user(request, user)
return json({
"id": user.id,
"user_name": user.user_name,
"full_name": user.full_name
})
return json(
{
"error_code": "LOGIN_FAILED",
"error_message": "user does not exist or incorrect password"
},
status=520)
else:
return json(
{
"error_code": "PARAM_ERROR",
"error_message": "param error"
},
status=520)
return text("user_login api")
async def checkpass(request):
password = "******"
pass_hash = auth.encrypt_password(password)
#pass_hash = "$6$rounds=656000$Nap.kHgpqAP5EXur$ZQpja3EUTx3nf4pZQY2XiAfEmiieDYDuuJ.0NcRN7odAEdVK.azltozKKYft3KYlzP7d.rUd7S/vmX/jHUXQ3/"
is_pw = auth.verify_password(password, pass_hash)
print(is_pw)
return text(pass_hash)
async def user_login(request):
param = request.json
user_name = param.get("phone")
password = param.get("password")
# print(param)
if (user_name is not None) and (password is not None):
user = getUser(user_name)
# print(user)
if (user is not None) and auth.verify_password(password, user.password,
user.salt):
auth.login_user(request, user)
result = response_userinfo(user)
# print('result==========',result)
return json(result, status=201)
return json(
{
"error_code": "LOGIN_FAILED",
"error_message": "user does not exist or incorrect password"
},
status=520)
else:
return json(
{
"error_code": "PARAM_ERROR",
"error_message": "param error"
},
status=520)
return text("user_login api")
async def login(request):
username = request.json.get("username", None)
password = request.json.get("password", None)
user = db.session.query(User).filter(and_(or_(User.user_name == username, User.email == username), User.active == True)).first()
if (user is not None) and auth.verify_password(password, user.password):
auth.login_user(request, user)
return json(get_user_with_permission(to_dict(user)))
return json({"error_code":"LOGIN_FAILED","error_message":"user does not exist or incorrect password"}, status=501)
async def login(request):
data = request.json
if data is None or data.get('username', None) is None or data.get(
'password', None) is None:
return json(
{
'error_code': 'AUTH_FAILED',
'error_message': 'Username, password are required'
},
status=523)
username = data.get('username', None)
password = data.get('password', None)
login_user = db.session.query(User).filter(or_(User.phone == convert_phone_number(username),\
User.email == str(username).lower())).first()
if login_user is None:
return json(
{
'error_code': 'E523',
'error_message': 'Tài khoản không tồn tại.'
},
status=523)
if auth.verify_password(password, login_user.password,
login_user.salt) == False:
return json(
{
'error_code': 'E523',
'error_message': 'Mật khẩu không chính xác.'
},
status=523)
tenant_dict = to_dict(login_user.tenant)
for key in exclude_attrs:
if key in tenant_dict:
del tenant_dict[key]
login_user = to_dict(login_user)
for key in exclude_attrs:
if key in login_user:
del login_user[key]
request['session']['current_tenant_id'] = tenant_dict.get('id')
login_user['tenant'] = tenant_dict
auth.login_user(request, login_user)
return json({
'id': str(login_user.get('id')),
'display_name': login_user.get('display_name'),
'phone': login_user.get('phone'),
'email': login_user.get('email'),
'gender': login_user.get('gender'),
'avatar': login_user.get('avatar'),
'tenant': login_user.get('tenant'),
'current_tenant_id': tenant_dict.get('id')
})
async def change_password(request):
currentUser = await current_user(request)
if currentUser is None:
return json(
{
"error_code": "SESSION_EXPIRED",
"error_message": "Phiên làm việc hết hạn!"
},
status=520)
data = request.json
if data is not None:
if 'newpassword' not in data or 'confirm' not in data or data[
'newpassword'] != data['confirm']:
return json(
{
"error_code": "PASSWORD_NOT_MATCH",
"error_message":
"Mật khẩu không khớp, vui lòng kiểm tra lại!"
},
status=520)
if 'newpassword' in data and data[
'newpassword'] is not None and 'password' in data:
user = db.session.query(User).filter(
User.id == currentUser.id).first()
if user is not None:
if auth.verify_password(data['password'],
user.password) != True:
return json(
{
"error_code":
"PASSWORD_WRONG",
"error_message":
"Mật khẩu hiện tại không đúng, vui lòng kiểm tra lại!"
},
status=520)
user.password = auth.encrypt_password(data['newpassword'])
# db.session.add(user)
db.session.commit()
return json({"error_message": "Thay đổi mật khẩu thành công!"})
else:
return json(
{
"error_code": "NOT_FOUND_USER",
"error_message":
"Không tìm thấy tài khoản trong hệ thống!"
},
status=520)
else:
return json(
{
"error_code": "PARAMS_ERROR",
"error_message": "Có lỗi xảy ra, vui lòng thực hiện lại sau"
},
status=520)
async def do_login(request):
if not check_content_json(request):
return json(
{
"error_message": "content type is not application-json",
"error_code": "PARAM_ERROR"
},
status=520)
param = request.json
if "data" not in param or param['data'] is None or "password" not in param \
or (param['password'] is None) or (len(param['data']) == 0) or (len(param['password']) == 0):
return json(
{
"error_message": "Tham số không hợp lệ",
"error_code": "PARAM_ERROR"
},
status=520)
data = param['data']
password = param['password']
user = db.session.query(User).filter(
and_(
or_(User.phone == data, User.email == data,
User.accountName == data), User.active == 1)).first()
if user is None or user.deleted == True:
return json(
{
"error_code": "LOGIN_FAILED",
"error_message": u"Tài khoản không tồn tại"
},
status=520)
else:
if auth.verify_password(password, user.password, user.salt):
check_donvi = db.session.query(Organization).filter(
Organization.id == user.organization_id).first()
if check_donvi is not None and check_donvi.active != 1:
return json(
{
"error_code":
"LOGIN_FAILED",
"error_message":
u"Đơn vị trực thuộc hiện đang bị khóa. Vui lòng thử lại sau."
},
status=520)
result = response_current_user(user)
return json(result, status=200)
else:
return json(
{
"error_code": "LOGIN_FAILED",
"error_message": u"Mật khẩu không đúng"
},
status=520)
async def login(request):
username = request.json.get("data", None)
password = request.json.get("password", None)
user = db.session.query(User).filter(
or_(User.email == username, User.phone == username)).first()
if (user is not None) and auth.verify_password(password, user.password):
auth.login_user(request, user)
result = await get_user_with_permission(user)
return json(result)
return json(
{
"error_code": "LOGIN_FAILED",
"error_message": "Tài khoản hoặc mật khẩu không đúng"
},
status=520)
async def get_token(request):
if not check_content_json(request):
return json({'error_code':"ERROR_PARAMS", 'error_message':'Header request không hợp lệ'}, status=200)
appkey = request.json.get("appkey", None)
secret = request.json.get("secret", None)
if appkey is None or secret is None:
return json({'error_code':"ERROR_PARAMS", 'error_message':u'Tài khoản ứng dụng hoặc mật khẩu không đúng, vui lòng kiểm tra lại!'}, status=520)
appInfo = db.session.query(AppInfo).filter(AppInfo.appkey == appkey).first()
if (appInfo is not None) and (auth.verify_password(secret, appInfo.secret)):
expired_time = app.config.get('APP_API_EXPIRATION_DELTA', 86400)
token = generate_user_token(appkey, expired_time)
return json({'error_code':"OK", 'token':'token'}, status=520)
# token = jwt.encode(payload)
# return json({'token': token})
else:
return json({'error_code':"NOT_FOUND", 'error_message':u'Tài khoản ứng dụng hoặc mật khẩu không đúng, vui lòng kiểm tra lại!'}, status=520)
async def login(request):
data = request.json
print("==================data", data)
username = data['username']
password = data['password']
print("==================USER NAME", username)
print("==================PASSWORD", password)
user = db.session.query(User).filter(User.email == username).first()
print("==================", user)
if (user is not None) and auth.verify_password(password, user.password):
auth.login_user(request, user)
result = user_to_dict(user)
return json(result)
return json({"error_code":"LOGIN_FAILED","error_message":"Tài khoản hoặc mật khẩu không đúng"}, status=520)
async def user_login(request):
param = request.json
user_name = param.get("user_name")
password = param.get("password")
print(user_name, password)
if (user_name is not None) and (password is not None):
user = db.session.query(User).filter(
User.user_name == user_name).first()
if (user is not None) and auth.verify_password(password, user.password,
user.salt):
try:
employee = user.employee
employee.status = 'online'
test = datetime.now()
# print("111111111",test.strftime("%x"))
analysis = Analysis(id_employee = employee.id,salary_for_month = employee.salary_for_month,\
salary_for_shift = employee.salary_for_shift,employee_name = employee.name,\
login_at = datetime.now())
db.session.add(analysis)
db.session.commit()
except:
pass
auth.login_user(request, user)
return json({
"id": user.id,
"user_name": user.user_name,
"full_name": user.full_name,
"employee_id": user.employee_id,
"role": user.roles[0].role_name
})
return json(
{
"error_code": "LOGIN_FAILED",
"error_message": "user does not exist or incorrect password"
},
status=520)
else:
return json(
{
"error_code": "PARAM_ERROR",
"error_message": "param error"
},
status=520)
return text("user_login api")
async def get_token(request):
if not check_content_json(request):
return json(
{
'error_code': "ERROR_PARAMS",
'error_message': 'The request header is invalid'
},
status=200)
appkey = request.json.get("appkey", None)
secret = request.json.get("secret", None)
if appkey is None or secret is None:
return json(
{
'error_code':
"ERROR_PARAMS",
'error_message':
u'Username or password incorrect, please check again'
},
status=520)
appInfo = db.session.query(AppInfo).filter(
AppInfo.appkey == appkey).first()
if (appInfo is not None) and (auth.verify_password(secret,
appInfo.secret)):
expired_time = app.config.get('APP_API_EXPIRATION_DELTA', 86400)
token = generate_user_token(appkey, expired_time)
return json({'error_code': "OK", 'token': 'token'}, status=520)
# token = jwt.encode(payload)
# return json({'token': token})
else:
return json(
{
'error_code':
"NOT_FOUND",
'error_message':
u'Username or password incorrect, please check again'
},
status=520)
async def change_password(request):
verify_access(request)
current_tenant = get_current_tenant(request)
if current_tenant is None or 'error_code' in current_tenant:
return json(
{
'error_code': 'TENANT_UNKNOW',
'error_message': 'Request Unknown'
},
status=523)
current_user = auth.current_user(request)
if current_user is None:
auth.logout_user(request)
return json(
{
'error_code': 'E523',
'error_message': 'Phiên làm việc hết hạn, đăng nhập lại.'
},
status=523)
current_tenant_id = current_tenant.get('id')
current_user_id = current_user['uid']
if current_user_id is None:
auth.logout_user(request)
return json(
{
'error_code': 'E523',
'error_message': 'Phiên làm việc hết hạn, đăng nhập lại.'
},
status=523)
user_info = db.session.query(User).filter(and_(User.tenant_id == current_tenant_id,\
User.id == current_user_id)).first()
if user_info is None:
return json(
{
'error_code': 'E523',
'error_message': 'Tài khoản không tồn tại.'
},
status=520)
body_data = request.json
current_password = body_data.get('current_password', None)
new_password = body_data.get('new_password', None)
# CHECK CURRENT PASSWORD CORRECT OR NOT
if auth.verify_password(current_password, user_info.password,
user_info.salt) == False:
return json(
{
'error_code': 'E523',
'error_message': 'Tên tài khoản hoặc mật khẩu không đúng'
},
status=523)
user_info.password = auth.encrypt_password(new_password, user_info['salt'])
user_info.updated_at = now_timestamp()
db.session.commit()
return json({'code': 'S200', 'message': 'Thành công'}, status=200)