def post(self):
parser = reqparse.RequestParser()
id = int(requests.get(f"{api_url}/users/count").text)
parser.add_argument('sessionUserID')
parser.add_argument('form')
args = parser.parse_args()
sessionUserID = args['sessionUserID']
formData = args['form']
formDict = Helper.ParseArgs(formData)
try:
usertype = formDict['usertype']
except:
usertype = 'regular_user'
firstname = formDict['firstname']
lastname = formDict['lastname']
email = formDict['email']
time = datetime.now()
year = time.strftime("%Y")[2:4]
month = time.strftime("%m")
username = firstname[0].lower() + lastname.lower() + month + year
avatarlink = formDict['avatarlink']
password_expiration_date = time + timedelta(days=7)
password_Ex = password_expiration_date.strftime('%Y-%m-%d')
if (avatarlink == ''):
avatarlink = 'https://www.jennstrends.com/wp-content/uploads/2013/10/bad-profile-pic-2-768x768.jpeg'
try:
password = formDict['password']
except:
password = Helper.GeneratePassword()
hashed_password = generate_password_hash(password)
engine.execute(
f"""INSERT INTO Users (id, username, email, usertype, firstname, lastname, avatarlink, is_active,
is_password_expired, reactivate_user_date, hashed_password, failed_login_attempts, password_expiration_date)
VALUES ({id}, '{username}', '{email}','{usertype}', '{firstname}', '{lastname}', '{avatarlink}', 1, 0, '1900-01-01', '{hashed_password}', 0,'{password_Ex}');
INSERT INTO Passwords (id, password) VALUES ({id}, '{hashed_password}');"""
)
message = f"User created"
data = {
'SessionUserID': sessionUserID,
'UserID': id,
'AccountNumber': 0,
'Amount': 0,
'Event': message
}
requests.post(f"{api_url}/events/create", json=data)
msg = Message('Hello from appdomainteam3!', recipients=[email])
msg.body = f"Hello, your login for appdomainteam3 is:\nUsername: {username}\nPassword: {password}"
mail.send(msg)
def post(self):
parser = reqparse.RequestParser()
parser.add_argument('form')
parser.add_argument('sessionUserID')
args = parser.parse_args()
formDict = Helper.ParseArgs(args['form'])
sessionUserID = args['sessionUserID']
username = formDict['username']
email = formDict['email']
response = requests.get(f"{api_url}/users/{username}")
if (response.status_code != 200):
return Response("No user with that username!",
status=404,
mimetype='application/json')
if (response.json()[0]['email'] != email):
return Response(
f"Email does not match email on file for {username}!",
status=406,
mimetype='application/json')
id = response.json()[0]['id']
password = Helper.GeneratePassword()
msg = Message('Hello from appdomainteam3!', recipients=[email])
msg.body = f"Hello, your login for appdomainteam3 is:\nUsername: {username}\nPassword: {password}"
mail.send(msg)
password = generate_password_hash(password)
engine.execute(
f"""UPDATE Users SET hashed_password = '******' WHERE id = {id}; INSERT INTO Passwords (id, password) VALUES ({id}, '{password}');"""
)
message = 'Used forgot password function'
data = {
'SessionUserID': sessionUserID,
'UserID': id,
'AccountNumber': 0,
'Amount': 0,
'Event': message
}
requests.post(f"{api_url}/events/create", json=data)
return Response(f"Temporary password sent!",
status=200,
mimetype='application/json')
