Пример #1
0
async def query_all_users():
    """
    [Query all user records in the users database.]
    """
    logger.info('Querying all user records.')
    query = users.select()
    return await users_database.fetch_all(query)
Пример #2
0
async def delete_user(username: str):
    """
    [Delete an existing user by removing its record from the users database.]

    Args:
        username (str): [Username of user.]

    Raises:
        HTTPException: [User does not exist.]

    Returns:
        [type]: [Confirmation message.]
    """
    exist = users.select().where(users.c.username == username)
    exist_result = await users_database.fetch_one(exist)
    if exist_result:
        query = users.delete().where(users.c.username == username)
        await users_database.execute(query)
        now = datetime.now()
        logger.info(f'User {username} deleted at {now}.')
        return {"Message": f'User {username} deleted at {now}.'}
    else:
        logger.warning(f'User {username} does not exist.')
        raise HTTPException(status_code=404,
                            detail=f"User {username} does not exist.")
Пример #3
0
async def deactivate_user(username: str):
    """
    [Set the active status of an existing user to 'False' in the users database.]

    Args:
        username (str): [Username of user.]

    Raises:
        HTTPException: [User does not exist.]

    Returns:
        [type]: [Confirmation message.]
    """
    exist = users.select().where(users.c.username == username)
    exist_result = await users_database.fetch_one(exist)
    if exist_result:
        now = datetime.now()
        query = users.update().values(
            updateDate=now, active=False).where(users.c.username == username)
        await users_database.execute(query)
        logger.info(f'User {username} deactivated at {now}.')
        return {"Message": f'User {username} deactivated at {now}.'}
    else:
        logger.warning(f'User {username} does not exist.')
        raise HTTPException(status_code=404,
                            detail=f"User {username} does not exist.")
Пример #4
0
async def authenticate_user(
    request: Request, credentials: HTTPBasicCredentials = Depends(HTTPBasic())
) -> str:
    """
    [Method for authenticating user credentials.]

    Args:
        request (Request): [API request object.]
        credentials (HTTPBasicCredentials, optional): [User credentials.].
            Defaults to Depends( HTTPBasic()).

    Raises:
        HTTPException: [Incorrect password.]
        HTTPException: [Inactive user.]
        HTTPException: [Unauthorized user.]

    Returns:
        str: [Username for user.]
    """
    IP = request.client.host
    _username = credentials.username
    password = credentials.password
    query = users.select().where(users.c.username == _username)
    user = await users_database.fetch_one(query)
    if user:
        if user['active']:
            user_salt = user['salt']
            user_password = user['password']
            if verify_hash(password + user_salt, user_password):
                return _username
            else:
                logger.warning(
                    'Failed authentication attempt was made with incorrect '
                    f'password for user {_username} with IP address {IP}.')
                raise HTTPException(status_code=401,
                                    detail="Incorrect password.")
        else:
            logger.warning(
                'Failed authentication attempt was made for inactive '
                f'user {_username} with IP address {IP}.')
            raise HTTPException(status_code=401,
                                detail=f"User {_username} is inactive.")
    else:
        logger.warning(
            'Failed authentication attempt was made for unauthorized '
            f'user {_username} with IP address {IP}.')
        raise HTTPException(status_code=401,
                            detail=f"Unauthorized user {_username}.")
Пример #5
0
async def change_password(username: str, password: str, passwordConfirm: str):
    """
    [Change an existing user's password by updating
        the user's record in the users database.]

    Args:
        username (str): [Username of user.]
        password (str): [New password.]
        passwordConfirm (str): [Password confirmation.]

    Raises:
        HTTPException: [User already exists.]
        HTTPException: [Passwords do not match.]

    Returns:
        [type]: [Confirmation message.]
    """
    logger.info(f'Changing password for user {username}.')
    if (password == passwordConfirm):
        exist = users.select().where(users.c.username == username)
        exist_result = await users_database.fetch_one(exist)
        if exist_result:
            salt = exist_result['salt']
            new_password = make_hash(password + salt)
            now = datetime.now()
            query = users.update().values(
                updateDate=now,
                password=new_password).where(users.c.username == username)
            await users_database.execute(query)
            logger.info(f'Password changed for user {username} at {now}.')
            return {
                "Message": f'Password changed for user {username} at {now}.'
            }
        else:
            logger.warning(f'User {username} does not exist.')
            raise HTTPException(status_code=404,
                                detail=f"User {username} does not exist.")
    else:
        logger.warning('Password confirmation does not match.')
        raise HTTPException(status_code=400,
                            detail="Password confirmation does not match.")
Пример #6
0
async def query_user(username: str):
    """
    [Query one user record in the users database.]

    Args:
        username (str): [Username of user to be queried.]

    Raises:
        HTTPException: [User does not exist.]

    Returns:
        [type]: [User record.]
    """
    logger.info(f'Querying record for user {username}.')
    query = users.select().where(users.c.username == username)
    result = await users_database.fetch_one(query)
    if result:
        logger.info(f'Record found for user {username}.')
        return result
    else:
        logger.warning(f'User {username} does not exist.')
        raise HTTPException(status_code=404,
                            detail=f"User {username} does not exist.")