def ChangePassword():
try:
req = ChangePasswordReq(request.json)
result = AccountSvc.ChangePassword(req)
return jsonify(result)
except ErrorRsp as e:
return json.dumps(e.__dict__, ensure_ascii=False).encode('utf8'), 401
def CreateCustomerAccount():
try:
req = CreateCustomerAccountReq(request.json)
result = AccountSvc.CreateCustomerAccount(req)
return jsonify(result)
except ErrorRsp as e:
return json.dumps(e.__dict__, ensure_ascii=False).encode('utf-8'), 401
def GetAccounts():
req = GetItemsByPageReq(request.json)
result = AccountSvc.GetAccountsByPage(req)
res = GetItemsByPageRsp(has_next=result['has_next'],
has_prev=result['has_prev'],
items=result['accounts']).serialize()
return jsonify(res)
def updateSession():
not_authenticated_msg = {
'message': 'Bạn không có quyền truy cập.',
'authenticated': False
}
invalid_msg = {'message': 'Token không hợp lệ.', 'authenticated': False}
expired_msg = {'message': 'Token hết hạn sử dụng.', 'authenticated': False}
try:
req = UpdateSessionReq(request.json)
account = AccountSvc.extractToken(req.access_token)
if (account['role']['role_id'] == 3): # customer
user = (models.Customers.query.filter(
models.Customers.account_id == account['account_id'],
models.Customers.account_id != None).first().serialize())
if (account['role']['role_id'] == 1
or account['role']['role_id'] == 2): # admin, manager
user = (models.Employees.query.filter(
models.Employees.account_id == account['account_id'],
models.Employees.account_id != None).first().serialize())
result = {
'access_token': req.access_token,
'account': account,
'user_info': user,
}
return jsonify(result)
except jwt.ExpiredSignatureError:
return jsonify(
expired_msg), 401 # 401 is Unauthorized HTTP status code
except (jwt.InvalidTokenError) as e:
return jsonify(invalid_msg), 401
except ErrorRsp as e:
return json.dumps(e.__dict__, ensure_ascii=False).encode('utf8'), 401
def LoginAccount():
try:
req = LoginReq(request.json)
result = AccountSvc.AuthenticateUser(req)
res = LoginRsp(result).serialize()
return jsonify(res)
except ErrorRsp as e:
return json.dumps(e.__dict__, ensure_ascii=False).encode('utf8'), 401
def _verify():
auth_headers = request.headers.get('Authorization', '').split()
invalid_msg = {
'message': 'Token không hợp lệ.',
'authenticated': False
}
expired_msg = {
'message': 'Token hết hạn sử dụng.',
'authenticated': False
}
if len(auth_headers) != 2:
return jsonify(invalid_msg), 401
try:
token = auth_headers[1]
data = jwt.decode(token, app.config['SECRET_KEY'])
search_accounts_req = SearchAccountsReq(
{'account_id': data['account_id']})
account = AccountSvc.SearchAccounts(search_accounts_req)[0]
search_employees_req = SearchEmployeesReq(
{'account_id': account['account_id']})
employee = EmployeeRep.SearchEmployees(
search_employees_req)[0] if len(
EmployeeRep.SearchEmployees(
search_employees_req)) > 0 else None
search_customers_req = SearchCustomersReq(
{'account_id': account['account_id']})
customer = CustomerRep.SearchCustomers(
search_customers_req)[0] if len(
CustomerRep.SearchCustomers(
search_customers_req)) > 0 else None
auth_info = {
'account': account,
'employee': employee,
'customer': customer
}
return f(auth_info)
except jwt.ExpiredSignatureError:
return jsonify(
expired_msg), 401 # 401 is Unauthorized HTTP status code
except (jwt.InvalidTokenError) as e:
return jsonify(invalid_msg), 401
def _verify():
auth_headers = request.headers.get('Authorization', '').split()
invalid_role = {
'message': 'Yêu cầu quyền hạn của chủ shop',
'authenticated': False
}
not_authenticated_msg = {
'message': 'Bạn không có quyền truy cập.',
'authenticated': False
}
invalid_msg = {
'message': 'Token không hợp lệ.',
'authenticated': False
}
expired_msg = {
'message': 'Token hết hạn sử dụng.',
'authenticated': False
}
if len(auth_headers) != 2:
return jsonify(not_authenticated_msg), 401
try:
token = auth_headers[1]
account = AccountSvc.extractToken(token)
if (account["role"]["role_id"] == 1 or account["role_id"] == 2):
user_info = Employees.query.filter(Employees.delete_at == None,
Employees.account_id == account["account_id"])
session = {
"account": account,
"user_info": user_info
}
return function(session)
except jwt.ExpiredSignatureError:
return jsonify(expired_msg), 401 # 401 is Unauthorized HTTP status code
except (jwt.InvalidTokenError) as e:
return jsonify(invalid_msg), 401
return jsonify(invalid_role), 403
def ResetPassword():
req = ResetPasswordReq(request.json)
result = AccountSvc.ResetPassword(req)
return jsonify(result)
def SendResetPasswordEmailEmployee():
req = SendResetPasswordEmailReq(request.json)
result = AccountSvc.SendResetPasswordEmailEmployee(req)
return result
def SendResetPasswordEmailCustomer():
req = SendResetPasswordEmailReq(request.json)
result = AccountSvc.SendResetPasswordEmailCustomer(req)
return jsonify(result)
def SearchAccounts():
req = SearchAccountsReq(request.json)
info_accounts = AccountSvc.SearchAccounts(req)
res = SearchAccountsRsp(info_accounts).serialize()
return jsonify(res)
def DeleteAccount():
req = DeleteAccountReq(request.json)
res = AccountSvc.DeleteAccount(req)
return jsonify(res.serialize())
def CreateAccount() -> CreateAccountReq:
req = CreateAccountReq(request.json)
result = AccountSvc.CreateAccount(req)
return result