Пример #1
0
    def get(self, encrypted_credentials):

        error = {}

        log.debug(f'encrypted_credentials: {encrypted_credentials}')
        try:
            credentials = json.loads(auth.decrypt(encrypted_credentials))
            verified = users_table.verify(credentials['usr'],
                                          credentials['psw'])
            assert (verified), 'unverified user or password'
            token = auth.encode_auth_token(credentials['sys'],
                                           credentials['usr'],
                                           credentials['psw'],
                                           credentials['grp'])
            log.debug(f'credentials: {credentials}, verified: {verified}')

        except Exception as e:
            error['authorization'] = str(e)
        finally:
            if len(error) > 0:
                abort(401, description=error)
        result = {'token': token}
        log.debug('')

        response = make_response(json.dumps(result))
        return response
Пример #2
0
def verify_otp_request():
    mob_number = request.form.get('mob_number')
    otp = request.form.get('otp')
    userData = verify_volunteer_exists(mob_number)
    if not userData['status']:
        return json.dumps({
            'Response': {},
            'status':
            False,
            'string_response':
            'No user found for this mobile number'
        })
    response, success = verify_otp(otp, mob_number)
    responseObj = {}
    if success:
        user_id = int(str(userData['volunteer_id']))
        country = userData['country']
        name = userData['name']
        encodeKey = f'{user_id} {country}'
        responseObj = {
            'auth_token': encode_auth_token(encodeKey).decode(),
            'name': name,
            'volunteer_id': user_id
        }
    return json.dumps({
        'Response': responseObj,
        'status': success,
        'string_response': response
    })
Пример #3
0
def login_request():
    name = request.form.get('username')
    password = request.form.get('password')
    response = verify_user(name, password)
    user_id, access_type = get_user_id(name, password)
    if not user_id:
        return {
            'Response': {},
            'status': False,
            'string_response': 'Failed to find user.'
        }
    response['Response']['auth_token'] = encode_auth_token(
        f'{user_id} {access_type}').decode()
    return json.dumps(response)
Пример #4
0
def login():
    username = request.json.get("username")
    password = request.json.get("password")
    if not username or not password:
        return abort(
            make_response(
                jsonify(code="BAD_REQUEST",
                        message="\"username\" or \"password\" not provided."),
                400))
    user = User.get_by_username(username)
    if not bcrypt.check_password_hash(user.password, password):
        return abort(
            make_response(
                jsonify(code="NOT_ACCEPTABLE", message="Wrong Password"), 406))
    access_token = encode_auth_token(username)

    return jsonify({
        "success": True,
        "accessToken": access_token,
        "user": user.dictionary()
    }), 202
Пример #5
0
def register():
    username = request.json.get("username")
    password = request.json.get("password")
    if not username or not password:
        return abort(
            make_response(
                jsonify(code="BAD_REQUEST",
                        message="\"username\" or \"password\" not provided."),
                400))
    user = User(
        username=username,
        password=bcrypt.generate_password_hash(password).decode("UTF-8"),
        email=request.json.get("email"),
        first_name=request.json.get("firstName"),
        last_name=request.json.get("lastName"))
    user.insert()
    access_token = encode_auth_token(user.username)

    return jsonify({
        "success": True,
        "accessToken": access_token,
        "user": user.dictionary()
    }), 201
Пример #6
0
 def test_decode_auth_token(self):
     token = auth.encode_auth_token(TestServer.secret, 'user1')
     self.assertTrue(isinstance(token, bytes), 'Wrong result')
     result: str = auth.decode_auth_token(TestServer.secret, token)
     self.assertEqual('user1', result, 'Wrong user')
Пример #7
0
 def test_encode_auth_token(self):
     token = auth.encode_auth_token(TestServer.secret, 'user1')
     self.assertTrue(isinstance(token, bytes))
Пример #8
0
def new_user(*args, **kwargs):
    name = request.form.get('name')
    mob_number = request.form.get('mob_number')
    email_id = request.form.get('email_id')
    password = request.form.get('password')
    organisation = request.form.get('organisation')
    creator_access_type = request.form.get('creator_access_type')
    user_access_type = request.form.get('user_access_type')
    creator_user_id = request.form.get('creator_user_id')
    verification_team = request.form.get('verification_team', 1)
    current_time = dt.datetime.utcnow() + dt.timedelta(minutes=330)
    if (user_access_type == 'moderator'):
        access_type = 2
    elif (user_access_type == 'viewer'):
        access_type = 3
    elif (user_access_type == 'superuser'):
        response = {
            'Response': {},
            'status': False,
            'string_response': 'You cannot create superuser'
        }
        return json.dumps(response)
    else:
        response = {
            'Response': {},
            'status': False,
            'string_response': 'Invalid access type'
        }
        return json.dumps(response)
    req_dict = {
        'creation_date': [current_time],
        'name': [name],
        'mob_number': [mob_number],
        'email_id': [email_id],
        'organisation': [organisation],
        'password': [password],
        'access_type': [access_type],
        'created_by': [creator_user_id],
        'verification_team': [verification_team]
    }
    df = pd.DataFrame(req_dict)
    if (creator_access_type == 'superuser'):
        response = add_user(df)
        user_id, access_type = get_user_id(mob_number, password)
        if not user_id:
            return {
                'Response': {},
                'status': False,
                'string_response':
                'Failed to create user. Please try again later'
            }
        response['auth_token'] = encode_auth_token(
            f'{user_id} {access_type}').decode()
    else:
        response = {
            'Response': {},
            'status': False,
            'string_response':
            'User does not have permission to create new users'
        }
    return json.dumps(response)