def signup():
if request.json and "name" in request.json:
name = request.json["name"]
email = request.json["email"]
password = request.json["password"]
provider = request.json.get("provider", "basic")
text = request.json.get("text", "")
try:
user_id = db.save_user(str(uuid4()), name, email, password, provider, text)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
else:
return jsonify(status="error", message="must supply user 'name', 'email' and 'password' as parameters"), 400
if user_id:
user = db.get_user(user_id)
else:
user = db.get_users(query={"login": email})[0]
if app.config["CUSTOMER_VIEWS"]:
try:
customer = customer_match(email, groups=[email.split("@")[1]])
except NoCustomerMatch:
return jsonify(status="error", message="No customer lookup defined for user %s" % email), 403
else:
customer = None
token = create_token(user["id"], user["name"], email, provider="basic", customer=customer, role=role(email))
return jsonify(token=token)
def get_users():
name = request.args.get("name")
login = request.args.get("login")
if name:
query = {'name': name}
elif login:
query = {'login': login}
else:
query = {}
try:
users = db.get_users(query)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
if len(users):
return jsonify(status="ok",
total=len(users),
users=users,
domains=app.config['ALLOWED_EMAIL_DOMAINS'],
orgs=app.config['ALLOWED_GITHUB_ORGS'],
groups=app.config['ALLOWED_GITLAB_GROUPS'],
roles=app.config['ALLOWED_KEYCLOAK_ROLES'],
time=datetime.datetime.utcnow())
else:
return jsonify(status="ok",
message="not found",
total=0,
users=[],
domains=app.config['ALLOWED_EMAIL_DOMAINS'],
orgs=app.config['ALLOWED_GITHUB_ORGS'],
time=datetime.datetime.utcnow())
def find_all(query: Query = None,
page: int = 1,
page_size: int = 1000) -> List['User']:
return [
User.from_db(user)
for user in db.get_users(query, page, page_size)
]
def get_users():
try:
users = db.get_users()
except Exception as e:
return jsonify(status="error", message=str(e)), 500
if len(users):
return jsonify(
status="ok",
total=len(users),
users=users,
domains=app.config['ALLOWED_EMAIL_DOMAINS'],
orgs=app.config['ALLOWED_GITHUB_ORGS'],
groups=app.config['ALLOWED_GITLAB_GROUPS'],
time=datetime.datetime.utcnow()
)
else:
return jsonify(
status="ok",
message="not found",
total=0,
users=[],
domains=app.config['ALLOWED_EMAIL_DOMAINS'],
orgs=app.config['ALLOWED_GITHUB_ORGS'],
time=datetime.datetime.utcnow()
)
def login():
try:
email = request.json['email']
password = request.json['password']
except KeyError:
return jsonify(status="error", message="Must supply email address and password"), 401, \
{'WWW-Authenticate': 'Basic realm="%s"' % BASIC_AUTH_REALM}
if app.config['AUTH_REQUIRED'] and not db.is_user_valid(login=email):
return jsonify(status="error", message="User %s is not authorized" % email), 401, \
{'WWW-Authenticate': 'Basic realm="%s"' % BASIC_AUTH_REALM}
elif not db.is_user_valid(login=email):
return jsonify(status="error", message="User %s does not exist" % email), 401, \
{'WWW-Authenticate': 'Basic realm="%s"' % BASIC_AUTH_REALM}
else:
user = db.get_users(query={"login": email}, password=True)[0]
if not bcrypt.hashpw(password.encode('utf-8'), user['password'].encode('utf-8')) == user['password'].encode('utf-8'):
return jsonify(status="error", message="User %s is not authorized" % email), 401, \
{'WWW-Authenticate': 'Basic realm="%s"' % BASIC_AUTH_REALM}
try:
customer = customer_match(email, groups=[email.split('@')[1]])
except NoCustomerMatch:
return jsonify(status="error", message="No customer lookup defined for user %s" % email), 403
token = create_token(user['id'], user['name'], email, provider='basic', customer=customer, role=role(email))
return jsonify(token=token)
def get_users():
try:
users = db.get_users()
except Exception as e:
return jsonify(status="error", message=str(e)), 500
if len(users):
return jsonify(
status="ok",
total=len(users),
users=users,
domains=app.config['ALLOWED_EMAIL_DOMAINS'],
orgs=app.config['ALLOWED_GITHUB_ORGS'],
groups=app.config['ALLOWED_GITLAB_GROUPS'],
time=datetime.datetime.utcnow()
)
else:
return jsonify(
status="ok",
message="not found",
total=0,
users=[],
domains=app.config['ALLOWED_EMAIL_DOMAINS'],
orgs=app.config['ALLOWED_GITHUB_ORGS'],
time=datetime.datetime.utcnow()
)
def login():
try:
email = request.json["email"]
domain = email.split("@")[1]
password = request.json["password"]
except KeyError:
return (
jsonify(status="error", message="Must supply 'email' and 'password'"),
401,
{"WWW-Authenticate": 'Basic realm="%s"' % BASIC_AUTH_REALM},
)
if app.config["AUTH_REQUIRED"] and not db.is_user_valid(login=email):
return (
jsonify(status="error", message="User or password not valid"),
401,
{"WWW-Authenticate": 'Basic realm="%s"' % BASIC_AUTH_REALM},
)
elif not db.is_user_valid(login=email):
return (
jsonify(status="error", message="User %s does not exist" % email),
401,
{"WWW-Authenticate": 'Basic realm="%s"' % BASIC_AUTH_REALM},
)
else:
user = db.get_users(query={"login": email}, password=True)[0]
if not bcrypt.hashpw(password.encode("utf-8"), user["password"].encode("utf-8")) == user["password"].encode(
"utf-8"
):
return (
jsonify(status="error", message="User or password not valid"),
401,
{"WWW-Authenticate": 'Basic realm="%s"' % BASIC_AUTH_REALM},
)
if app.config["EMAIL_VERIFICATION"] and not db.is_email_verified(email):
return jsonify(status="error", message="email address %s has not been verified" % email), 401
if app.config["AUTH_REQUIRED"] and not (
"*" in app.config["ALLOWED_EMAIL_DOMAINS"] or domain in app.config["ALLOWED_EMAIL_DOMAINS"]
):
return jsonify(status="error", message="Login for user domain %s not allowed" % domain), 403
if app.config["CUSTOMER_VIEWS"]:
try:
customer = customer_match(email, groups=[domain])
except NoCustomerMatch:
return jsonify(status="error", message="No customer lookup defined for user domain %s" % domain), 403
else:
customer = None
token = create_token(user["id"], user["name"], email, provider="basic", customer=customer, role=role(email))
return jsonify(token=token)
def login():
try:
email = request.json['email']
domain = email.split('@')[1]
password = request.json['password']
except KeyError:
return jsonify(status="error", message="Must supply 'email' and 'password'"), 401, \
{'WWW-Authenticate': 'Basic realm="%s"' % BASIC_AUTH_REALM}
if app.config['AUTH_REQUIRED'] and not db.is_user_valid(login=email):
return jsonify(status="error", message="User or password not valid"), 401, \
{'WWW-Authenticate': 'Basic realm="%s"' % BASIC_AUTH_REALM}
elif not db.is_user_valid(login=email):
return jsonify(status="error", message="User %s does not exist" % email), 401, \
{'WWW-Authenticate': 'Basic realm="%s"' % BASIC_AUTH_REALM}
else:
user = db.get_users(query={"login": email}, password=True)[0]
if not bcrypt.hashpw(password.encode('utf-8'), user['password'].encode(
'utf-8')) == user['password'].encode('utf-8'):
return jsonify(status="error", message="User or password not valid"), 401, \
{'WWW-Authenticate': 'Basic realm="%s"' % BASIC_AUTH_REALM}
if app.config['EMAIL_VERIFICATION'] and not db.is_email_verified(email):
return jsonify(status="error",
message="email address %s has not been verified" %
email), 401
if app.config['AUTH_REQUIRED'] and not (
'*' in app.config['ALLOWED_EMAIL_DOMAINS']
or domain in app.config['ALLOWED_EMAIL_DOMAINS']):
return jsonify(status="error",
message="Login for user domain %s not allowed" %
domain), 403
if app.config['CUSTOMER_VIEWS']:
try:
customer = customer_match(email, groups=[domain])
except NoCustomerMatch:
return jsonify(
status="error",
message="No customer lookup defined for user domain %s" %
domain), 403
else:
customer = None
token = create_token(user['id'],
user['name'],
email,
provider='basic',
customer=customer,
scopes=scopes(email, groups=[user['role']]))
return jsonify(token=token)
def login():
try:
email = request.json["email"]
password = request.json["password"]
except KeyError:
return (
jsonify(status="error", message="Must supply email address and password"),
401,
{"WWW-Authenticate": 'Basic realm="%s"' % BASIC_AUTH_REALM},
)
if app.config["AUTH_REQUIRED"] and not db.is_user_valid(login=email):
return (
jsonify(status="error", message="User %s is not authorized" % email),
401,
{"WWW-Authenticate": 'Basic realm="%s"' % BASIC_AUTH_REALM},
)
elif not db.is_user_valid(login=email):
return (
jsonify(status="error", message="User %s does not exist" % email),
401,
{"WWW-Authenticate": 'Basic realm="%s"' % BASIC_AUTH_REALM},
)
else:
user = db.get_users(query={"login": email}, password=True)[0]
if not bcrypt.hashpw(password.encode("utf-8"), user["password"].encode("utf-8")) == user["password"].encode(
"utf-8"
):
return (
jsonify(status="error", message="User %s is not authorized" % email),
401,
{"WWW-Authenticate": 'Basic realm="%s"' % BASIC_AUTH_REALM},
)
if app.config["CUSTOMER_VIEWS"]:
try:
customer = customer_match(email, groups=[email.split("@")[1]])
except NoCustomerMatch:
return jsonify(status="error", message="No customer lookup defined for user %s" % email), 403
else:
customer = None
token = create_token(user["id"], user["name"], email, provider="basic", customer=customer, role=role(email))
return jsonify(token=token)
def signup():
if request.json and 'name' in request.json:
name = request.json["name"]
email = request.json["email"]
password = request.json["password"]
provider = request.json.get("provider", "basic")
text = request.json.get("text", "")
try:
user_id = db.save_user(str(uuid4()), name, email, password,
provider, text)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
else:
return jsonify(
status="error",
message=
"must supply user 'name', 'email' and 'password' as parameters"
), 400
if user_id:
user = db.get_user(user_id)
else:
user = db.get_users(query={"login": email})[0]
if app.config['CUSTOMER_VIEWS']:
try:
customer = customer_match(email, groups=[email.split('@')[1]])
except NoCustomerMatch:
return jsonify(status="error",
message="No customer lookup defined for user %s" %
email), 403
else:
customer = None
token = create_token(user['id'],
user['name'],
email,
provider='basic',
customer=customer,
role=role(email))
return jsonify(token=token)
def get_users():
user_id = request.args.get("id")
name = request.args.get("name")
login = request.args.get("login")
if user_id:
query = {'user': user_id}
elif name:
query = {'name': name}
elif login:
query = {'login': login}
else:
query = {}
try:
users = db.get_users(query)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
if len(users):
return jsonify(
status="ok",
total=len(users),
users=users,
domains=app.config['ALLOWED_EMAIL_DOMAINS'],
orgs=app.config['ALLOWED_GITHUB_ORGS'],
groups=app.config['ALLOWED_GITLAB_GROUPS'],
time=datetime.datetime.utcnow()
)
else:
return jsonify(
status="ok",
message="not found",
total=0,
users=[],
domains=app.config['ALLOWED_EMAIL_DOMAINS'],
orgs=app.config['ALLOWED_GITHUB_ORGS'],
time=datetime.datetime.utcnow()
)
def signup():
if request.json and 'name' in request.json:
name = request.json["name"]
login = request.json["email"]
password = request.json["password"]
provider = request.json.get("provider", "basic")
text = request.json.get("text", "")
try:
user_id = db.save_user(str(uuid4()), name, login, password, provider, text)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
else:
return jsonify(status="error", message="must supply user 'name', 'email' and 'password' as parameters"), 400
if user_id:
user = db.get_user(user_id)
else:
user = db.get_users(query={"login": login})[0]
token = create_token(user['id'], user['name'], login, provider='basic')
return jsonify(token=token)
def login():
try:
email = request.json['email']
domain = email.split('@')[1]
password = request.json['password']
except KeyError:
return jsonify(status="error", message="Must supply 'email' and 'password'"), 401, \
{'WWW-Authenticate': 'Basic realm="%s"' % BASIC_AUTH_REALM}
if app.config['AUTH_REQUIRED'] and not db.is_user_valid(login=email):
return jsonify(status="error", message="User or password not valid"), 401, \
{'WWW-Authenticate': 'Basic realm="%s"' % BASIC_AUTH_REALM}
elif not db.is_user_valid(login=email):
return jsonify(status="error", message="User %s does not exist" % email), 401, \
{'WWW-Authenticate': 'Basic realm="%s"' % BASIC_AUTH_REALM}
else:
user = db.get_users(query={"login": email}, password=True)[0]
if not bcrypt.hashpw(password.encode('utf-8'), user['password'].encode('utf-8')) == user['password'].encode('utf-8'):
return jsonify(status="error", message="User or password not valid"), 401, \
{'WWW-Authenticate': 'Basic realm="%s"' % BASIC_AUTH_REALM}
if app.config['EMAIL_VERIFICATION'] and not db.is_email_verified(email):
return jsonify(status="error", message="email address %s has not been verified" % email), 401
if app.config['AUTH_REQUIRED'] and not ('*' in app.config['ALLOWED_EMAIL_DOMAINS']
or domain in app.config['ALLOWED_EMAIL_DOMAINS']):
return jsonify(status="error", message="Login for user domain %s not allowed" % domain), 403
if app.config['CUSTOMER_VIEWS']:
try:
customer = customer_match(email, groups=[domain])
except NoCustomerMatch:
return jsonify(status="error", message="No customer lookup defined for user domain %s" % domain), 403
else:
customer = None
token = create_token(user['id'], user['name'], email, provider='basic', customer=customer, role=role(email))
return jsonify(token=token)
def login():
try:
email = request.json['email']
password = request.json['password']
except KeyError:
return jsonify(status="error", message="Must supply email address and password"), 401, \
{'WWW-Authenticate': 'Basic realm="%s"' % BASIC_AUTH_REALM}
if app.config['AUTH_REQUIRED'] and not db.is_user_valid(login=email):
return jsonify(status="error", message="User %s is not authorized" % email), 401, \
{'WWW-Authenticate': 'Basic realm="%s"' % BASIC_AUTH_REALM}
elif not db.is_user_valid(login=email):
return jsonify(status="error", message="User %s does not exist" % email), 401, \
{'WWW-Authenticate': 'Basic realm="%s"' % BASIC_AUTH_REALM}
else:
user = db.get_users(query={"login": email}, password=True)[0]
if not bcrypt.hashpw(password.encode('utf-8'), user['password'].encode(
'utf-8')) == user['password'].encode('utf-8'):
return jsonify(status="error", message="User %s is not authorized" % email), 401, \
{'WWW-Authenticate': 'Basic realm="%s"' % BASIC_AUTH_REALM}
if app.config['CUSTOMER_VIEWS']:
try:
customer = customer_match(email, groups=[email.split('@')[1]])
except NoCustomerMatch:
return jsonify(status="error",
message="No customer lookup defined for user %s" %
email), 403
else:
customer = None
token = create_token(user['id'],
user['name'],
email,
provider='basic',
customer=customer,
role=role(email))
return jsonify(token=token)
def login():
try:
email = request.json['email']
password = request.json['password']
except KeyError:
return jsonify(status="error", message="Must supply email address and password"), 401, \
{'WWW-Authenticate': 'Basic realm="%s"' % BASIC_AUTH_REALM}
if app.config['AUTH_REQUIRED'] and not db.is_user_valid(login=email):
return jsonify(status="error", message="User %s is not authorized" % email), 401, \
{'WWW-Authenticate': 'Basic realm="%s"' % BASIC_AUTH_REALM}
elif not db.is_user_valid(login=email):
return jsonify(status="error", message="User %s does not exist" % email), 401, \
{'WWW-Authenticate': 'Basic realm="%s"' % BASIC_AUTH_REALM}
else:
user = db.get_users(query={"login": email})[0]
if not bcrypt.hashpw(password.encode('utf-8'), user['password'].encode('utf-8')) == user['password'].encode('utf-8'):
return jsonify(status="error", message="User %s is not authorized" % email), 401, \
{'WWW-Authenticate': 'Basic realm="%s"' % BASIC_AUTH_REALM}
token = create_token(user['id'], user['name'], email, provider='basic')
return jsonify(token=token)
def find_all(query=None):
return [User.from_db(user) for user in db.get_users(query)]
def find_all(query: Query = None) -> List['User']:
return [User.from_db(user) for user in db.get_users(query)]
def find_all(query=None):
return [User.from_db(user) for user in db.get_users(query)]
