def get_user_data_by_email(): token = get_param_or_default("token") email = get_param_or_default("email") if db.is_connected(token): if db.find_user(email) != None: user_data = db.find_user(email) user_data = json.loads(user_data) user_data.pop("password",None) success(SUC_GET_USER_DATA,user_data) else: err(ERR_USER_NOT_FOUND) else: err(ERR_USER_NOT_CONNECTED) return json.dumps(output)
def changePW(): data = request.get_json() #have to send in token as json string for now oldPW = data['password'] newPW = data['newPW'] userToken = request.headers.get( 'token') # Got THROUGH request.header() instead if (oldPW == newPW): return jsonify(success=False, message="dont use same password") if not validatePW(newPW): return jsonify(success=False, message="use a longer password") email = database_helper.get_email_by_token(userToken) if email is None: return jsonify(success=False, message="Cant find logged in user") if database_helper.find_user(email, oldPW): if database_helper.change_user_PW(email, newPW): return jsonify(success=True, message="successfully changed pw") else: return jsonify(success=False, message="Couldnt change pw") else: return jsonify(success=False, message="Password is wrong for that email")
def message_by_email(token, email): if database_helper.find_inlogged(token) is not None: if database_helper.find_user(email) is not None: messages = database_helper.get_messages(email) if messages is not None: sum = "" for message in messages: #do we have to add the senders email? sum += message[0] + "\n" return json.dumps({ "success": True, "message": "User messages retrieved", "data": sum }) return json.dumps({ "success": True, "message": "No messages on this users profile", "data": "" }) else: return json.dumps({"success": False, "message": "No such user"}) else: return json.dumps({ "success": False, "message": "You are not signed in" })
def get_user_data_by_email(token = None, email=None): if token is None or email is None: return json.dumps({"success": False, "message":"Key error."}),400 # Check if the token exists (current user) if not token: return json.dumps({"success": False, "message":"You are not signed in."}),403 # Check if the current user exists currentUser = database_helper.get_emailByToken(token) if not currentUser: return json.dumps({"success": False, "message":"No such user."}),404 # Return the user profile data = database_helper.find_user(email) if data: # Update the no. of views email = str(email) if email in view_table: view_table[email] += 1 else: view_table[email] = 1 send_num_view(email) return json.dumps({"success": True, "message": "User data retrieved.", "data": [dict(x) for x in data]}),200 else: return json.dumps({"success": False, "message":"No such user."}),404
def change_password(): req = request.get_json(force=True) token = req['token'] old_password = req['old_password'] new_password = req['new_password'] # First see if passwords differ if old_password == new_password: return jsonify(success=False, message="Can't use the same password!") # Is the new password long enough? if not validate(new_password): return jsonify(success=False, message="Password has to be at least 5 characters!") # Use token to get email (also makes sure token is valid and that they are logged in) email = database_helper.get_email(token) if email is None: return jsonify(success=False, message="User is not logged in!") # Make sure old password is correct if not database_helper.find_user(email, old_password): return jsonify(success=False, message="Incorrect password!") # Try changing the password if not database_helper.change_password(new_password, email): return jsonify(success=False, message="Failed to change password!") return jsonify(success=True, message="Password successfully changed!")
def change_password(): token = get_param_or_default("token") userMail = db.get_email(token) if userMail != None: userMail = userMail[0] oldPassword = get_param_or_default("oldPassword") newPassword = get_param_or_default("newPassword") user = db.find_user(userMail) if user != None: user = json.loads(user) if user["password"] == oldPassword: if len(newPassword) > 5: db.change_password(userMail, newPassword) success(SUC_PASSWORD_CHANGED) else: err(ERR_PASSWORD_TOO_SHORT) else: err(ERR_INVALID_PASSWORD) else: err(ERR_USER_NOT_FOUND) else: err(ERR_USER_NOT_CONNECTED) return json.dumps(output)
def get_user_data_by_token(): body = json.loads(request.data.decode("utf-8")) token = body['token'] user = database_helper.email_from_token(token) result = database_helper.find_user(user['email']) if result != None: return _return_json_message(True, "Successfully found user", result) else: return _return_json_message(False, "No such user")
def data_by_email(token, email): if database_helper.find_inlogged(token) is not None: if database_helper.find_user(email) is not None: user = database_helper.find_user(email) del user['password'] return json.dumps({ "success": True, "message": "User data retrieved.", "data": user }) else: return json.dumps({"success": False, "message": "No such user."}) else: return json.dumps({ "success": False, "message": "You are not signed in." })
def find_user(email=None): if email is not None: result = database_helper.find_user(email) else: result = False if not result: return False else: return jsonify(result)
def get_user_data_by_email(): token = request.args.get('token') # Get the token from the URL email = request.args.get('email') # Get the token from the URL result = database_helper.find_sign_in_user(token) # Make sure the current user has logged in if result: result = database_helper.find_user(email) return jsonify(result=result) else: return jsonify({"status": 400})
def sign_in(): data = request.get_json() email = data["email"] password = data['password'] found_user = database_helper.find_user(email) user = database_helper.match_email_to_password(data['email'], data['password']) if (user["success"]): return jsonify({"success":True, "message":"User signed in successfully", "token":user["token"]}) else: return jsonify({"success":False, "Message":user})
def post_message(): data = request.get_json() token = get_token() if database_helper.find_user(data["email"]) != data["email"]: return jsonify({"success": False, "msg": "could not find user"}) if not database_helper.validate_user(data["email"], token): return jsonify({"success": False, "msg": "Unauthorized"}) if not database_helper.create_post(data, token): return jsonify({"success": False, "msg": "could not send msg"}) return jsonify({"success": True, "msg": "message sent"})
def get_user_data_by_email(): body = json.loads(request.data.decode("utf-8")) token = body['token'] if database_helper.email_from_token(token) == None: return _return_json_message(False, "User not signed in") email = body['email'] result = database_helper.find_user(email) if result != None: return _return_json_message(True, "Successfully found user", result) else: return _return_json_message(False, "No such user")
def reset_password(): data = request.get_json() resetEmail = data['email'] oldPwd = data['oldPwd'] url = '/reset_password' key = make_key() token = database_helper.get_token_from_email(resetEmail) hashed_old_password = bcrypt.generate_password_hash(oldPwd).decode('utf-8') hashed_password = database_helper.get_hashed_password(resetEmail) print('hashed_password for this email is: ', hashed_password) correct_password = bcrypt.check_password_hash(hashed_password, oldPwd) hashed_new_password = bcrypt.generate_password_hash( str(key)).decode('utf-8') print('correct_password: '******'utf-8')).hexdigest() print('RESETPASSWORD: server_hash is:', server_hash, ' and hashed_token is: ', hashed_token) email = database_helper.find_user(resetEmail) if (email) and correct_password and server_hash == hashed_token: try: #print('success! hashed_new_password: '******'reset user password from: ',str(hashed_password), ' to: ', str(hashed_new_password) ) print('result is: ', result) if (result): print('trying to set up SMTP connection...') yag = yagmail.SMTP(user=resetEmail) print('setting contents...') contents = [ "You've requested to reset your Twidder password.", 'Your new password is: ', str(key) ] print(contents) print('creating recipients') recipients = {resetEmail: 'Twidder user'} print(recipients) print('trying to send email...') yag.send(to=recipients, subject='Your temporary Twidder password', contents=contents) print("Email sent successfully") res = jsonify({'message': 'Email sent successfully'}) return res except: print("Error, email was not sent") return ''
def get_user_messages_by_email(): token = get_param_or_default("token") email = get_param_or_default("email") if db.is_connected(token): if db.find_user(email) != None: success(SUC_GET_USER_DATA, db.get_user_messages_by_email(token, email)) else: err(ERR_USER_NOT_FOUND) else: err(ERR_USER_NOT_CONNECTED) return json.dumps(output)
def post_message(): data = request.json token = data["token"] message = data["messages"] receiver = data["receiver"] #print(receiver) if database_helper.find_inlogged(token) is not None: sender = database_helper.find_inlogged(token) if receiver is None: receiver = sender if database_helper.find_user(receiver) is not None: recipient = database_helper.find_user(receiver)['email'] print(recipient) print(database_helper.create_post(sender, message, recipient)) return json.dumps({"success": True, "message": "Message posted"}) else: return json.dumps({"success": False, "message": "No such user."}) else: return json.dumps({ "success": False, "message": "You are not signed in." })
def sign_in(): ''' Return; A text string containing a randomly generated access token if the authentication is successful. ''' email = request.form['email'] password = request.form['password'] result = database_helper.find_user(email, password=password, status='LOGIN') if result: letters = "abcdefghiklmnopqrstuvwwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890" token = "" for i in range(0, 36): token += letters[random.randint(0, 61)] database_helper.add_sign_in_user(result[0],email,token) return jsonify({"status": 200, "token": token}) else: return jsonify({"status": 404})
def get_user_messages_by_email(): token = get_param_or_default("token") email = get_param_or_default("email") if db.is_connected(token): if db.find_user(email) != None: messages = [] for message_id, message, sender in db.get_user_messages_by_email(token,email): messageObject = {"id": message_id, "content": message, "writer": sender} messages.append(messageObject) success(SUC_GET_USER_DATA, messages) else: err(ERR_USER_NOT_FOUND) else: err(ERR_USER_NOT_CONNECTED) return json.dumps(output)
def sign_in(): data = request.json email = data["email"] password = data["password"] print(password) database_helper.delete_logged_in_by_email(email) if database_helper.find_user( email) is not None and database_helper.find_user( email)["password"] == password: token = str(uuid.uuid4()) database_helper.insert_token(token, email) return json.dumps({ "Success": True, "message": "Successfully signed in", "data": token }) else: return json.dumps({ "Success": False, "message": "Wrong username or password" })
def sign_in(): data = request.get_json() if (database_helper.find_user( data['email'], data['password'])): #verify with database password, userToken = secrets.token_hex(12) #CREATE TOKEN if database_helper.login_user(data['email'], userToken): return jsonify(success="true", message="Login checks out B)", token=userToken) #SAVE TOKEN else: return jsonify(success=False, message="couldnt add a user with that email") else: return 'wrong credentials', 400
def sign_in(email, password): res = dh.find_user(email, password) if not res: # Not logged in return json.dumps({"message": "Invalid email or password"}), 501 else: # Logged in letters = "abcdefghiklmnopqrstuvwwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890" token = "" for i in range(36): token += letters[int(math.floor(random.random() * len(letters)))] dh.sign_in(email, token) return json.dumps({ "message": "You are now signed in", "data": token }), 200
def post_message(): token = get_param_or_default("token") receiver = get_param_or_default("email") message = get_param_or_default("message") if db.is_connected(token): sender = db.get_email(token)[0] if db.find_user(receiver) != None: if message != "": db.post_message(sender, receiver, message) success(SUC_MESSAGE_POSTED) else: err(ERR_EMPTY_MESSAGE) else: err(ERR_USER_NOT_FOUND) else: err(ERR_USER_NOT_CONNECTED) return json.dumps(output)
def signin(): req = request.get_json(force=True) email = req['email'] password = req['password'] # See if user exists in database if database_helper.find_user(email, password): token = uuid.uuid4().hex # Add user to logged in users if database_helper.login_user(email, token): # Send stats to all users send_stats(True) return jsonify(success=True, message="Login successful!", data=token) else: # Shouldn't happen return jsonify(success=False, message="Failed to login user!") else: return jsonify(success=False, message="Username or password incorrect!")
def sign_up(): body = json.loads(request.data.decode("utf-8")) data = body['data'] password = _password_hasher(data['password']) result = database_helper.find_user(data['email']) if result != None: return _return_json_message(False, "User already exists") if (len(data["email"]) == 0 or len(data["password"]) < 4 or len(data['firstname']) == 0 or len(data['familyname']) == 0 or len(data['gender']) == 0 or len(data['city']) == 0 or len(data['country']) == 0): return _return_json_message(False, "Error in provided data") else: database_helper.signup(data['email'], data['firstname'], data['familyname'], data['city'], data['gender'], password, data['country']) return _return_json_message(True, "Successfully created user")
def signin(): email = request.form['email'] password = request.form['password'] # See if user exists in database if database_helper.find_user(email, password): token = uuid.uuid4().hex # Add user to logged in users if database_helper.login_user(email, token): return jsonify(success="true", message="Login successful!", data=token) else: # Shouldn't happen return jsonify(success=False, message="Failed to login user!") else: return jsonify(success=False, message="Username or password incorrect!")
def get_user_data_by_token(token = None): if token is None: return json.dumps({"success": False, "message":"Key error."}),400 # Check if the token exists if not token: return json.dumps({"success": False, "message":"You are not signed in."}),403 # Check if the current user exists email = database_helper.get_emailByToken(token) if not email: return json.dumps({"success": False, "message":"No such user."}),404 # Return the user profile data = database_helper.find_user(email) numOfPost = database_helper.get_num_post(email) totalOfPost = database_helper.get_totalnum_post() return json.dumps({"success": True, "message": "User data retrieved.", "data": [dict(x) for x in data], "NumOfPost":str(numOfPost), "TotalOfPost":str(totalOfPost)}),200
def sign_up(): user = {"email" : get_param_or_default("email"), \ "password" : get_param_or_default("password"), \ "firstname" : get_param_or_default("firstname"), \ "familyname" : get_param_or_default("familyname"), \ "gender" : get_param_or_default("gender"), \ "city" : get_param_or_default("city"), \ "country" : get_param_or_default("country") \ } if emailRegex.match(user["email"]): if user["firstname"] != "": if user["familyname"] != "": if user["city"] != "": if user["country"] != "": if db.find_user(user["email"]) == None: if len(user["password"]) > 5: if user["gender"] == "male" or user["gender"] == "female": db.sign_up(user) success(SUC_USER_SIGNED_UP) else: err(ERR_GENDER_IS_NOT_CORRECT) else: err(ERR_PASSWORD_TOO_SHORT) else: err(ERR_USER_ALREADY_EXISTS) else: err(ERR_EMPTY_COUNTRY) else: err(ERR_EMPTY_CITY) else: err(ERR_EMPTY_FAMILY_NAME) else: err(ERR_EMPTY_FIRST_NAME) else: err(ERR_INVALID_EMAIL) return json.dumps(output)
def Change_password(): data = request.json token = data["token"] oldPassword = data["oldpassword"] newPassword = data["newpassword"] if database_helper.find_inlogged(token) is not None: email = database_helper.find_inlogged(token) if oldPassword == database_helper.find_user(email)["password"]: database_helper.update_password(email, newPassword) return json.dumps({ "success": True, "message": "Password changed." }) else: return json.dumps({"success": False, "message": "Wrong password."}) else: return Json.dumps({ "success": False, "message": "You are not logged in." })
def sign_in(): """Sign in Gets email and password from JSON form and searches for user in database If user exists, log in user """ data = request.get_json() email = data['email'] pwd = data['pwd'] if not (database_helper.find_user(email, pwd)): res = jsonify({'success': False, 'message': 'Wrong email or password'}) return res token = database_helper.login_user(email) if(token): res = jsonify( {'success': True, 'message': 'Signed in!', 'token': token}) return res else: res = jsonify({'success': False, 'message': 'Something went wrong!'}) return res
def get_user_messages_by_email(token = None, toEmail = None): if token is None or toEmail is None: return json.dumps({"success": False, "message":"Key error."}),400 # Check if the token exists (current user) if not token: return json.dumps({"success": False, "message":"You are not signed in."}),403 # Check if the current user exists email = database_helper.get_emailByToken(token) if not email: return json.dumps({"success": False, "message":"No such user."}),404 # Check if the target user exists if not database_helper.find_user(toEmail): return json.dumps({"success": False, "message":"No such user."}),404 # Return all messages of target user message = database_helper.get_msglist(toEmail) return json.dumps({"success": True, "message": "User data retrieved.", "data": [dict(x) for x in message]}),200