def update_email(self, email): if not validate_email(email): raise IncorrectEmailError(f'Bad email given: {email}') if self.exists(email): raise IncorrectEmailError(f'This email already exists: {email}') with qdb.sql_connection.TRN: sql = 'UPDATE qiita.qiita_user SET email = %s where email = %s' qdb.sql_connection.TRN.add(sql, [email, self.email])
def create(cls, email, password, info=None): """Creates a new user on the database Parameters ---------- email : str The email of the user - used for log in password : The plaintext password of the user info: dict Other information for the user keyed to table column name Raises ------ IncorrectPasswordError Password string given is not proper format IncorrectEmailError Email string given is not a valid email QiitaDBDuplicateError User already exists """ # validate email and password for new user if not validate_email(email): raise IncorrectEmailError("Bad email given: %s" % email) if not validate_password(password): raise IncorrectPasswordError("Bad password given!") # make sure user does not already exist if cls.exists(email): raise QiitaDBDuplicateError("User", "email: %s" % email) # make sure non-info columns aren't passed in info dict if info: if cls._non_info.intersection(info): raise QiitaDBColumnError("non info keys passed: %s" % cls._non_info.intersection(info)) else: info = {} # create email verification code and hashed password to insert # add values to info info["email"] = email info["password"] = hash_password(password) info["user_verify_code"] = create_rand_string(20, punct=False) # make sure keys in info correspond to columns in table conn_handler = SQLConnectionHandler() check_table_cols(conn_handler, info, cls._table) # build info to insert making sure columns and data are in same order # for sql insertion columns = info.keys() values = [info[col] for col in columns] sql = ("INSERT INTO qiita.%s (%s) VALUES (%s)" % (cls._table, ','.join(columns), ','.join(['%s'] * len(values)))) conn_handler.execute(sql, values) return cls(email)
def login(cls, email, password): """Logs a user into the system Parameters ---------- email : str The email of the user password: str The plaintext password of the user Returns ------- User object Returns the User object corresponding to the login information if correct login information Raises ------ IncorrectEmailError Email passed is not a valid email IncorrectPasswordError Password passed is not correct for user """ with qdb.sql_connection.TRN: # see if user exists if not cls.exists(email): raise IncorrectEmailError("Email not valid: %s" % email) if not validate_password(password): raise IncorrectPasswordError("Password not valid!") # pull password out of database sql = ("SELECT password, user_level_id FROM qiita.{0} WHERE " "email = %s".format(cls._table)) qdb.sql_connection.TRN.add(sql, [email]) # Using [0] because there is only one row info = qdb.sql_connection.TRN.execute_fetchindex()[0] # verify user email verification # MAGIC NUMBER 5 = unverified email if int(info[1]) == 5: return False # verify password dbpass = info[0] hashed = qdb.util.hash_password(password, dbpass) if hashed == dbpass: return cls(email) else: raise IncorrectPasswordError("Password not valid!")
def exists(cls, email): """Checks if a user exists on the database Parameters ---------- email : str the email of the user """ if not validate_email(email): raise IncorrectEmailError("Email string not valid: %s" % email) conn_handler = SQLConnectionHandler() return conn_handler.execute_fetchone( "SELECT EXISTS(SELECT * FROM qiita.{0} WHERE " "email = %s)".format(cls._table), (email, ))[0]
def login(cls, email, password): """Logs a user into the system Parameters ---------- email : str The email of the user password: str The plaintext password of the user Returns ------- User object Returns the User object corresponding to the login information if correct login information Raises ------ IncorrectEmailError Email passed is not a valid email IncorrectPasswordError Password passed is not correct for user """ # see if user exists if not cls.exists(email): raise IncorrectEmailError("Email not valid: %s" % email) if not validate_password(password): raise IncorrectPasswordError("Password not valid!") # pull password out of database conn_handler = SQLConnectionHandler() sql = ("SELECT password, user_level_id FROM qiita.{0} WHERE " "email = %s".format(cls._table)) info = conn_handler.execute_fetchone(sql, (email, )) # verify user email verification # MAGIC NUMBER 5 = unverified email if int(info[1]) == 5: return False # verify password dbpass = info[0] hashed = hash_password(password, dbpass) if hashed == dbpass: return cls(email) else: raise IncorrectPasswordError("Password not valid!")
def exists(cls, email): """Checks if a user exists on the database Parameters ---------- email : str the email of the user """ with qdb.sql_connection.TRN: if not validate_email(email): raise IncorrectEmailError("Email string not valid: %s" % email) sql = """SELECT EXISTS( SELECT * FROM qiita.{0} WHERE email = %s)""".format(cls._table) qdb.sql_connection.TRN.add(sql, [email]) return qdb.sql_connection.TRN.execute_fetchlast()
def create(cls, email, password, info=None): """Creates a new user on the database Parameters ---------- email : str The email of the user - used for log in password : The plaintext password of the user info: dict Other information for the user keyed to table column name Raises ------ IncorrectPasswordError Password string given is not proper format IncorrectEmailError Email string given is not a valid email QiitaDBDuplicateError User already exists """ with qdb.sql_connection.TRN: # validate email and password for new user if not validate_email(email): raise IncorrectEmailError("Bad email given: %s" % email) if not validate_password(password): raise IncorrectPasswordError("Bad password given!") # make sure user does not already exist if cls.exists(email): raise qdb.exceptions.QiitaDBDuplicateError( "User", "email: %s" % email) # make sure non-info columns aren't passed in info dict if info: if cls._non_info.intersection(info): raise qdb.exceptions.QiitaDBColumnError( "non info keys passed: %s" % cls._non_info.intersection(info)) else: info = {} # create email verification code and hashed password to insert # add values to info info["email"] = email info["password"] = qdb.util.hash_password(password) info["user_verify_code"] = qdb.util.create_rand_string( 20, punct=False) # make sure keys in info correspond to columns in table qdb.util.check_table_cols(info, cls._table) # build info to insert making sure columns and data are in # same order for sql insertion columns = info.keys() values = [info[col] for col in columns] # crete user sql = "INSERT INTO qiita.{0} ({1}) VALUES ({2})".format( cls._table, ','.join(columns), ','.join(['%s'] * len(values))) qdb.sql_connection.TRN.add(sql, values) # Add system messages to user sql = """INSERT INTO qiita.message_user (email, message_id) SELECT %s, message_id FROM qiita.message WHERE expiration > %s""" qdb.sql_connection.TRN.add(sql, [email, datetime.now()]) qdb.sql_connection.TRN.execute() return cls(email)