def get(self, email):
# Get values
server = request.headers.get('server')
# Validate required fields
validation = Validation()
validation.add_required_field('email', email)
validation.add_required_field('server', server)
validation.check_email('email', email)
if not validation.is_valid():
return validation.get_validation_response()
# Validate user exits
user = user_service.get_user_by_email(email)
if user is None:
return Failures.unknown_user_email(email)
if user.auth_source != 'local':
return Failures.wrong_auth_source(user.auth_source)
success, code, message = user_service.send_email_confirm(
user.id, server)
db.session.commit()
if success:
logging.info('LocalUser-controller: RequestConfirm: success: %s',
user.id)
return {'success': True}
else:
if code == 10:
return Failures.rate_exceeded()
return {'success': False, 'message': message, 'code': 520}
def get(email):
# TODO: Validate the format of the email address before attempting database IO
# Validate user exists, is validated and is not blocked
user = user_service.get_user_by_email(email)
if user is None:
return Failures.unknown_user_email(email)
logging.info('User-controller: getUserByEmail: success: %s (%s)',
email, user.screen_name)
return {
'success': True,
'user': {
'id': user.id,
'email': user.email,
'locale': user.locale,
'screenname': user.screen_name,
'authentication-source': user.auth_source,
'bdmonth': user.birth_month,
'bdyear': user.birth_year,
'parent-email': user.parent_email,
'parent-email-source': user.parent_email_source
}
}
def post(self):
# Get values
server = request.headers.get('server')
email = request.form.get('email')
source = request.form.get('source')
# Validate required fields
validation = Validation()
validation.add_required_field('server', server)
validation.add_required_field('email', email)
validation.add_required_field('source', source)
validation.check_email('email', email)
if not validation.is_valid():
return validation.get_validation_response()
# Validate user exits
user = user_service.get_user_by_email(email)
if user is None:
return Failures.unknown_user_email(email)
# Validate auth source
if user.auth_source != source:
return Failures.wrong_auth_source(user.auth_source)
logging.info('OAuth-controller: Validate: success: %s', user.id)
return {'success': True, 'user': {
'id': user.id,
'email': user.email,
'locale': user.locale,
'screenname': user.screen_name
}}
def post(self):
# Get values
server = request.headers.get('server')
email = request.form.get('email')
password = request.form.get('password')
# Validate required fields
validation = Validation()
validation.add_required_field('server', server)
validation.add_required_field('email', email)
validation.add_required_field('password', password)
if not validation.is_valid():
return validation.get_validation_response()
# Validate user exists, is validated and is not blocked
user = user_services.get_user_by_email(email)
if user is None:
return Failures.unknown_user_email(email)
if not user.confirmed:
return Failures.email_not_confirmed(email)
if user.blocked:
return Failures.user_blocked(email)
if user.auth_source != 'local':
return Failures.wrong_auth_source(user.auth_source)
if not rate_limiting_services.has_sufficient_tokens(user.id, 'failed-password', 1):
return Failures.rate_exceeded()
# The password might not be encoded correctly when submitted. This
# could cause the check_password method to fault. We trap that
# possibility and address it here.
try:
if not user_services.check_password(user.id, password):
rate_limiting_services.consume_tokens(user.id, 'failed-password', 1)
return Failures.wrong_password(email)
except TypeError:
return Failures.password_unknown_format("Unicode-objects must be encoded before hashing")
db.session.commit()
logging.info('Authenticate-controller: Authenticate: success: %s', email)
return {
'success': True,
'user': {
'id': user.id,
'email': user.email,
'locale': user.locale,
'screenname': user.screen_name,
'authentication-source': user.auth_source,
'bdmonth': user.birth_month,
'bdyear': user.birth_year,
'parent-email': user.parent_email,
'parent-email-source': user.parent_email_source
}}
def post(self, email):
# Get values
token = request.form.get('token')
password = request.form.get('password')
password_confirm = request.form.get('password-confirm')
# Validate required fields
validation = Validation()
validation.add_required_field('email', email)
validation.add_required_field('token', token)
validation.add_required_field('password', password)
validation.add_required_field('password-confirm', password_confirm)
validation.check_email('email', email)
if not validation.is_valid():
return validation.get_validation_response()
# Validate user exits
user = user_service.get_user_by_email(email)
if user is None:
return Failures.unknown_user_email(email)
if user.auth_source != 'local':
return Failures.wrong_auth_source(user.auth_source)
# Validate password strength and confirm
if password != password_confirm:
return Failures.passwords_do_not_match()
if not user_service.check_password_complexity(password):
return Failures.password_complexity()
# Delete expired tokens
ResetToken.query.filter(
ResetToken.validity < datetime.datetime.now()).delete()
db.session.flush()
reset_token = ResetToken.query.filter_by(token=token).first()
if reset_token is None:
# Unkown token
return {'success': False, 'code': 510}
if reset_token.id_user != user.id:
# Token is not for this user
return {'success': False, 'code': 510}
salt, password_hash = user_service.get_password_hash(password)
user.password = password_hash
user.salt = salt
db.session.delete(reset_token)
db.session.commit()
logging.info('LocalUser-controller: DoPasswordReset: success: %s',
user.id)
return {'success': True}
def post(self):
# Get values
server = request.headers.get('server')
email = request.form.get('email')
password = request.form.get('password')
#browser = request.form.get('browser')
#ip_address = request.form.get('ipAddress')
# Validate required fields
validation = Validation()
validation.add_required_field('server', server)
validation.add_required_field('email', email)
validation.add_required_field('password', password)
#validation.add_required_field('browser', browser)
#validation.add_required_field('ipAddress', ip_address)
if not validation.is_valid():
return validation.get_validation_response()
# Validate user exists, is validated and is not blocked
user = user_services.get_user_by_email(email)
if user is None:
return Failures.unknown_user_email(email)
if not user.confirmed:
return Failures.email_not_confirmed()
if user.blocked:
return Failures.user_blocked()
if user.auth_source != 'local':
return Failures.wrong_auth_source(user.auth_source)
if not rate_limiting_services.has_sufficient_tokens(
user.id, 'failed-password', 1):
return Failures.rate_exceeded()
if not user_services.check_password(user.id, password):
rate_limiting_services.consume_tokens(user.id, 'failed-password',
1)
db.session.commit()
return Failures.wrong_password()
db.session.commit()
logging.info('Authenticate-controller: Authenticate: success: %s',
user.id)
return {
'success': True,
'user': {
'id': user.id,
'email': user.email,
'locale': user.locale,
'screenname': user.screen_name,
'authentication-source': user.auth_source
}
}
def post(self):
# Get values
server = request.headers.get('server')
email = request.form.get('email')
password = request.form.get('password')
# Validate required fields
validation = Validation()
validation.add_required_field('server', server)
validation.add_required_field('email', email)
validation.add_required_field('password', password)
if not validation.is_valid():
return validation.get_validation_response()
# Validate user exists, is validated and is not blocked
user = user_services.get_user_by_email(email)
if user is None:
return Failures.unknown_user_email(email)
if not user.confirmed:
return Failures.email_not_confirmed(email)
if user.blocked:
return Failures.user_blocked(email)
if user.auth_source != 'local':
return Failures.wrong_auth_source(user.auth_source)
if not rate_limiting_services.has_sufficient_tokens(user.id, 'failed-password', 1):
return Failures.rate_exceeded()
if not user_services.check_password(user.id, password):
rate_limiting_services.consume_tokens(user.id, 'failed-password', 1)
db.session.commit()
return Failures.wrong_password(email)
db.session.commit()
logging.info('Authenticate-controller: Authenticate: success: %s', email)
return {'success': True, 'user': {
'id': user.id,
'email': user.email,
'locale': user.locale,
'screenname': user.screen_name,
'authentication-source': user.auth_source,
'bdmonth': user.birth_month,
'bdyear': user.birth_year,
'parent-email': user.parent_email,
'parent-email-source': user.parent_email_source
}}
def post(self, email):
# Get values
token = request.form.get('token')
password = request.form.get('password')
password_confirm = request.form.get('password-confirm')
# Validate required fields
validation = Validation()
validation.add_required_field('email', email)
validation.add_required_field('token', token)
validation.add_required_field('password', password)
validation.add_required_field('password-confirm', password_confirm)
validation.check_email('email', email)
if not validation.is_valid():
return validation.get_validation_response()
# Validate user exits
user = user_service.get_user_by_email(email)
if user is None:
return Failures.unknown_user_email(email)
if user.auth_source != 'local':
return Failures.wrong_auth_source(user.auth_source)
# Validate password strength and confirm
if password != password_confirm:
return Failures.passwords_do_not_match()
if not user_service.check_password_complexity(password):
return Failures.password_complexity()
# Delete expired tokens
ResetToken.query.filter(ResetToken.validity < datetime.datetime.now()).delete()
db.session.flush()
reset_token = ResetToken.query.filter_by(token=token).first()
if reset_token is None:
# Unkown token
return {'success': False, 'code': 510}
if reset_token.id_user != user.id:
# Token is not for this user
return {'success': False, 'code': 510}
salt, password_hash = user_service.get_password_hash(password)
user.password = password_hash
user.salt = salt
db.session.delete(reset_token)
db.session.commit()
logging.info('LocalUser-controller: DoPasswordReset: success: %s', user.id)
return {'success': True}
def post(self):
# Get values
email = request.form.get('email') # User account email address
token = request.form.get(
'token') # Token assigned to account during account registration
# Validate required fields
validation = Validation()
validation.add_required_field('email', email)
validation.add_required_field('token', token)
validation.check_email('email', email)
if not validation.is_valid():
return validation.get_validation_response()
# Validate user exits
user = user_service.get_user_by_email(email)
if user is None:
return Failures.unknown_user_email(email)
if user.auth_source != 'local':
return Failures.wrong_auth_source(user.auth_source)
# Delete expired tokens
ConfirmToken.query.filter(
ConfirmToken.validity < datetime.datetime.now()).delete()
db.session.flush()
confirm_token = ConfirmToken.query.filter_by(token=token).first()
if confirm_token is None:
# Unknown token
return {'success': False, 'code': 510}
if confirm_token.id_user != user.id:
# Token is not for this user
return {'success': False, 'code': 510}
# Set user account status to 'Confirmed'
user.confirmed = True
# Delete the account confirmation token; it is no longer required
db.session.delete(confirm_token)
# Commit the user account changes
db.session.commit()
logging.info('LocalUser-controller: DoConfirm: success: %s', user.id)
return {'success': True}
def post(self):
# Get values
server = request.headers.get('server')
email = request.form.get('email')
password = request.form.get('password')
password_confirm = request.form.get('password-confirm')
locale = request.form.get('locale')
screen_name = request.form.get('screenname')
# Validate required fields
validation = Validation()
validation.add_required_field('server', server)
validation.add_required_field('email', email)
validation.add_required_field('password', password)
validation.add_required_field('password-confirm', password_confirm)
validation.add_required_field('locale', locale)
validation.add_required_field('screenname', screen_name)
validation.check_email('email', email)
if not validation.is_valid():
return validation.get_validation_response()
# Validate email is not yet used
existing_user = user_service.get_user_by_email(email)
if existing_user is not None:
return Failures.email_already_in_use(email)
# Validate screen name is not yet used
existing_user = user_service.get_user_by_screen_name(screen_name)
if existing_user is not None:
return Failures.screen_name_already_in_use(screen_name)
# Validate password strength and confirm
if password != password_confirm:
return Failures.passwords_do_not_match()
if not user_service.check_password_complexity(password):
return Failures.password_complexity()
id_user = user_service.create_local_user(server, email, password,
locale, screen_name)
user_service.send_email_confirm(id_user, server)
db.session.commit()
logging.info('User-controller: register success: %s', id_user)
# Create user
return {'success': True, 'user': id_user}
def post(self):
# Get values
email = request.form.get('email') # User account email address
token = request.form.get('token') # Token assigned to account during account registration
# Validate required fields
validation = Validation()
validation.add_required_field('email', email)
validation.add_required_field('token', token)
validation.check_email('email', email)
if not validation.is_valid():
return validation.get_validation_response()
# Validate user exits
user = user_service.get_user_by_email(email)
if user is None:
return Failures.unknown_user_email(email)
if user.auth_source != 'local':
return Failures.wrong_auth_source(user.auth_source)
# Delete expired tokens
ConfirmToken.query.filter(ConfirmToken.validity < datetime.datetime.now()).delete()
db.session.flush()
confirm_token = ConfirmToken.query.filter_by(token=token).first()
if confirm_token is None:
# Unknown token
return {'success': False, 'code': 510}
if confirm_token.id_user != user.id:
# Token is not for this user
return {'success': False, 'code': 510}
# Set user account status to 'Confirmed'
user.confirmed = True
# Delete the account confirmation token; it is no longer required
db.session.delete(confirm_token)
# Commit the user account changes
db.session.commit()
logging.info('LocalUser-controller: DoConfirm: success: %s', user.id)
return {'success': True}
def get(self, email):
# Get server URL
server = request.headers.get('server')
logging.info("Requesting email confirmation for %s from server %s", email, server)
# Validate required fields
validation = Validation()
validation.add_required_field('email', email)
validation.add_required_field('server', server)
validation.check_email('email', email)
if not validation.is_valid():
return validation.get_validation_response()
# Validate user exits
user = user_service.get_user_by_email(email)
if user is None:
return Failures.unknown_user_email(email)
if user.auth_source != 'local':
return Failures.wrong_auth_source(user.auth_source)
success, code, message = user_service.send_email_confirm(user.id, server)
db.session.commit()
if success:
logging.info('LocalUser-controller: RequestConfirm: success: %s', user.id)
return {'success': True}
else:
if code == 10:
return Failures.rate_exceeded()
elif code == 99:
return {
'success': False,
'message': message,
'code': 540
}
else:
return {
'success': False,
'message': message,
'code': 520
}
def get(self, email):
# Validate user exists, is validated and is not blocked
user = user_service.get_user_by_email(email)
if user is None:
return Failures.unknown_user_email(email)
logging.info('User-controller: getUserByEmail: success: %s (%s)',
email, user.screen_name)
return {
'success': True,
'user': {
'id': user.id,
'email': user.email,
'locale': user.locale,
'screenname': user.screen_name,
'authentication-source': user.auth_source
}
}
def get(email):
# TODO: Validate the format of the email address before attempting database IO
# Validate user exists, is validated and is not blocked
user = user_service.get_user_by_email(email)
if user is None:
return Failures.unknown_user_email(email)
logging.info('User-controller: getUserByEmail: success: %s (%s)', email, user.screen_name)
return {'success': True, 'user': {
'id': user.id,
'email': user.email,
'locale': user.locale,
'screenname': user.screen_name,
'authentication-source': user.auth_source,
'bdmonth': user.birth_month,
'bdyear': user.birth_year,
'parent-email': user.parent_email,
'parent-email-source': user.parent_email_source
}}
def get(self, email):
# Get values
server = request.headers.get('server')
# Validate required fields
validation = Validation()
validation.add_required_field('email', email)
validation.add_required_field('server', server)
validation.check_email('email', email)
if not validation.is_valid():
return validation.get_validation_response()
# Validate user exits
user = user_service.get_user_by_email(email)
if user is None:
return Failures.unknown_user_email(email)
if user.auth_source != 'local':
return Failures.wrong_auth_source(user.auth_source)
if not user.confirmed:
return Failures.email_not_confirmed(user.email)
success, code, message = user_service.send_password_reset(user.id, server)
db.session.commit()
if success:
logging.info('LocalUser-controller: RequestPasswordReset: success: %s', user.id)
return {'success': True}
else:
if code == 10:
return Failures.rate_exceeded()
return {
'success': False,
'message': message,
'code': 520
}
def post(self):
# Get values
server = request.headers.get('server')
email = request.form.get('email')
locale = request.form.get('locale')
screen_name = request.form.get('screenname')
source = request.form.get('source')
# Validate required fields
validation = Validation()
validation.add_required_field('server', server)
validation.add_required_field('email', email)
validation.add_required_field('locale', locale)
validation.add_required_field('screenname', screen_name)
validation.add_required_field('source', source)
validation.check_email('email', email)
if not validation.is_valid():
return validation.get_validation_response()
# Validate email is not yet used
existing_user = user_service.get_user_by_email(email)
if existing_user is not None:
return Failures.email_already_in_use(email)
# Validate screen name is not yet used
existing_user = user_service.get_user_by_screen_name(screen_name)
if existing_user is not None:
return Failures.screen_name_already_in_use(screen_name)
id_user = user_service.create_oauth_user(server, email, source, locale, screen_name)
db.session.commit()
logging.info('OAuth-controller: create success: %s', id_user)
# Create user
return {'success': True, 'user': id_user}
def post():
# Get values
server = request.headers.get('server')
email = request.form.get('email')
password = request.form.get('password')
password_confirm = request.form.get('password-confirm')
locale = request.form.get('locale')
screen_name = request.form.get('screenname')
# COPPA support
birth_month = request.form.get('bdmonth')
birth_year = request.form.get('bdyear')
parent_email = request.form.get('parent-email')
parent_email_source = request.form.get('parent-email-source')
# Validate required fields
validation = Validation()
validation.add_required_field('server', server)
validation.add_required_field('email', email)
validation.add_required_field('password', password)
validation.add_required_field('password-confirm', password_confirm)
validation.add_required_field('locale', locale)
validation.add_required_field('screenname', screen_name)
# COPPA support
validation.add_required_field('bdmonth', birth_month)
validation.add_required_field('bdyear', birth_year)
if parent_email:
validation.check_email('parent-email', parent_email)
if not validation.is_valid():
return validation.get_validation_response()
# Verify user email address
validation.check_email('email', email)
if not validation.is_valid():
return validation.get_validation_response()
# Validate email is not yet used
existing_user = user_service.get_user_by_email(email)
if existing_user is not None:
return Failures.email_already_in_use(email)
# Validate screen name is not yet used
existing_user = user_service.get_user_by_screen_name(screen_name)
if existing_user is not None:
return Failures.screen_name_already_in_use(screen_name)
# Validate password strength and confirm
if password != password_confirm:
return Failures.passwords_do_not_match()
if not user_service.check_password_complexity(password):
return Failures.password_complexity()
# Write user details to the database
id_user = user_service.create_local_user(server, email, password,
locale, screen_name,
birth_month, birth_year,
parent_email,
parent_email_source)
# Send a confirmation request email to user or parent
(result, errno,
mesg) = user_service.send_email_confirm(id_user, server)
if result:
# Commit the database record
db.session.commit()
logging.info('User-controller: register success: %s', id_user)
# Create user
return {'success': True, 'user': id_user}
else:
logging.error("Unable to register user. Error %s: %s", errno, mesg)
return {'success': False, 'user': 0}
def post():
# Get values
server = request.headers.get('server')
email = request.form.get('email')
password = request.form.get('password')
password_confirm = request.form.get('password-confirm')
locale = request.form.get('locale')
screen_name = request.form.get('screenname')
# COPPA support
birth_month = request.form.get('bdmonth')
birth_year = request.form.get('bdyear')
parent_email = request.form.get('parent-email')
parent_email_source = request.form.get('parent-email-source')
# Validate required fields
validation = Validation()
validation.add_required_field('server', server)
validation.add_required_field('email', email)
validation.add_required_field('password', password)
validation.add_required_field('password-confirm', password_confirm)
validation.add_required_field('locale', locale)
validation.add_required_field('screenname', screen_name)
# COPPA support
validation.add_required_field('bdmonth', birth_month)
validation.add_required_field('bdyear', birth_year)
if parent_email:
validation.check_email('parent-email', parent_email)
if not validation.is_valid():
return validation.get_validation_response()
# Verify user email address
validation.check_email('email', email)
if not validation.is_valid():
return validation.get_validation_response()
# Validate email is not yet used
existing_user = user_service.get_user_by_email(email)
if existing_user is not None:
return Failures.email_already_in_use(email)
# Validate screen name is not yet used
existing_user = user_service.get_user_by_screen_name(screen_name)
if existing_user is not None:
return Failures.screen_name_already_in_use(screen_name)
# Validate password strength and confirm
if password != password_confirm:
return Failures.passwords_do_not_match()
if not user_service.check_password_complexity(password):
return Failures.password_complexity()
# Write user details to the database
id_user = user_service.create_local_user(
server, email, password, locale, screen_name,
birth_month, birth_year, parent_email, parent_email_source)
# Send a confirmation request email to user or parent
(result, errno, mesg) = user_service.send_email_confirm(id_user, server)
if result:
# Commit the database record
db.session.commit()
logging.info('User-controller: register success: %s', id_user)
# Create user
return {'success': True, 'user': id_user}
else:
logging.error("Unable to register user. Error %s: %s", errno, mesg)
return {'success': False, 'user': 0}
