def get_user_by(field, value): client = cognito.create_client() value_quoted = value.replace('"', '\\"') filter_string = f'{field} = "{value_quoted}"' resp, msg = cognito.idp_list_users(client, filter_string) if msg is not None: return {"message": msg, "error": True, "success": False, "data": None} if len(resp["Users"]) == 0: return { "message": "success", "error": False, "success": True, "data": None } return { "message": "success", "error": False, "success": True, "data": resp["Users"][0], }
def reset_password(username): client = cognito.create_client() # pylint:disable=unused-variable resp, msg = cognito.idp_forgot_password(client, username) if msg is not None: return {"message": msg, "error": True, "success": False, "data": None} return { "message": "success", "error": False, "success": True, "data": None, }
def resend_confirmation(username): client = cognito.create_client() # pylint:disable=unused-variable resp, msg = cognito.idp_resend_confirmation_code(client, username) if msg is not None: return {"message": msg, "error": True, "success": False, "data": None} return { "message": "success", "error": False, "success": True, "data": None, }
def reset_password_confirm(username, confirmation_code, new_password): client = cognito.create_client() # pylint:disable=unused-variable resp, msg = cognito.idp_confirm_forgot_password( client, username, confirmation_code, new_password ) if msg is not None: return {"message": msg, "error": True, "success": False, "data": None} user = User.objects.get(username=username) user.is_active = True user.set_password(new_password) user.save() return { "message": "success", "error": False, "success": True, "data": None, }
def change_password(access_token, previous_password, proposed_password): user_jwt = decode_token(access_token) client = cognito.create_client() # pylint:disable=unused-variable resp, msg = cognito.idp_change_password(client, access_token, previous_password, proposed_password) if msg is not None: return {"message": msg, "error": True, "success": False, "data": None} user = User.objects.get(username=user_jwt["username"]) user.set_password(proposed_password) user.save() return { "message": "success", "error": False, "success": True, "data": None, }
def signup_confirm(username, confirmation_code): client = cognito.create_client() # pylint:disable=unused-variable resp, msg = cognito.idp_confirm_sign_up(client, username, confirmation_code) if msg is not None: return {"message": msg, "error": True, "success": False, "data": None} user = User.objects.get(username=username) user.is_active = True slug = slugify(f"{user.first_name} {user.last_name}") # profile = user.profiles.create( slug=slug, first_name=user.first_name, last_name=user.last_name, gender=user.gender, birthdate=user.birthdate, email=user.email, phone=user.phone, profile_picture_uri=user.profile_picture_uri, # timezone="Europe/Berlin", ) user.save() return { "message": "success", "error": False, "success": True, "data": None, }
def login(username, password): client = cognito.create_client() resp, msg = cognito.idp_admin_initiate_auth(client, username, password) if msg is not None: return {"message": msg, "error": True, "success": False, "data": None} if resp.get("AuthenticationResult"): return { "message": "success", "error": False, "success": True, "data": { "id_token": resp["AuthenticationResult"]["IdToken"], "refresh_token": resp["AuthenticationResult"]["RefreshToken"], "access_token": resp["AuthenticationResult"]["AccessToken"], "expires_in": resp["AuthenticationResult"]["ExpiresIn"], "token_type": resp["AuthenticationResult"]["TokenType"], }, } # this code block is relevant only when MFA is enabled return {"error": True, "success": False, "data": None, "message": None}
def signup( login, password, first_name=None, last_name=None, gender=None, birthdate=None, email=None, phone=None, profile_picture_uri=None, locale=None, ): login_is_email = strings.check_if_email(login) email_sanitized = strings.sanitize_email(login if login_is_email else email) phone_sanitized = strings.sanitize_phone(phone if login_is_email else login) login_sanitized = email_sanitized if login_is_email else phone_sanitized profile_picture_uri_sanitized = strings.sanitize_url(profile_picture_uri) if login_is_email: if "email" not in settings.LOGIN_OPTIONS: return { "message": "login by e-mail is disabled", "error": True, "success": False, "data": None, } if email is not None: return { "message": f"both {login_sanitized} and {email_sanitized} is specified as e-mail", "error": True, "success": False, "data": None, } else: if "phone" not in settings.LOGIN_OPTIONS: return { "message": "login by phone is disabled", "error": True, "success": False, "data": None, } if phone is not None: return { "message": f"both {login_sanitized} and {phone_sanitized} is specified as phone number", "error": True, "success": False, "data": None, } # now = time() client = cognito.create_client() user_attributes = dicts.create_dict_for_attributes( given_name=first_name, family_name=last_name, gender=gender, birthdate=birthdate, email=email_sanitized, phone_number=phone_sanitized, picture=profile_picture_uri_sanitized, locale=locale, # TODO re-enable later # updated_at=now, ) resp, msg = cognito.idp_sign_up(client, login_sanitized, password, user_attributes) if msg is not None: return {"message": msg, "error": True, "success": False, "data": None} if not resp.get("CodeDeliveryDetails"): # this code block is relevant only when MFA is enabled return {"error": True, "success": False, "data": None, "message": None} user_uuid = resp["UserSub"] # created_user = User.objects.create_user( user_uuid, password=password, is_active=False, username=user_uuid, first_name=first_name, last_name=last_name, gender=gender, birthdate=birthdate, email=login_sanitized, phone=phone_sanitized, profile_picture_uri=profile_picture_uri_sanitized, locale=locale, ) return { "message": "success", "error": False, "success": True, "data": { "code_delivery_details": { "attribute_name": resp["CodeDeliveryDetails"]["AttributeName"], "delivery_medium": resp["CodeDeliveryDetails"]["DeliveryMedium"], "destination": resp["CodeDeliveryDetails"]["Destination"], }, "user_confirmed": resp["UserConfirmed"], "user_sub": resp["UserSub"], }, }