def post(self): '''Log in user''' try: # Get User-agent and ip address my_ip = request.environ.get('HTTP_X_FORWARDED_FOR') if my_ip is None: ip = request.environ['REMOTE_ADDR'] else: ip = request.environ['HTTP_X_FORWARDED_FOR'] if ip is None or str(ip) == '127.0.0.1'or str(ip) == '172.17.0.1': return{'message': 'This request has been rejected. Please use a recognised device'}, 403 # Compute operating system and location device_operating_system = generate_device_data() if 'error' in device_operating_system.keys(): return {'message': device_operating_system['error']}, 403 device_os = device_operating_system['device_os'] data = api.payload if not data: return {'message': 'No input data detected'}, 400 email = data['email'] this_user = UserModel.fetch_by_email(email) if this_user: if check_password_hash(this_user.password, data['password']): # current_user = user_schema.dump(this_user) # This line would be used if we were outputing the user user_id = this_user.id # fetch User role user_role = UserRoleModel.fetch_by_user_id(user_id) # UserPrivilege.get_privileges(user_id = user_id, role= user_role.role) # privileges = UserPrivilege.privileges privileges = user_role.role.role # Create access token expiry_time = timedelta(minutes=30) my_identity = {'id':this_user.id, 'privileges':privileges} access_token = create_access_token(identity=my_identity, expires_delta=expiry_time, fresh=True) refresh_token = create_refresh_token(my_identity) # Save session info to db new_session_record = SessionModel(user_ip_address=ip, device_operating_system=device_os, user_id=user_id) new_session_record.insert_record() return { 'access_token': access_token, "refresh_token": refresh_token}, 200 if not this_user or not check_password_hash(this_user.password, data['password']): return {'message': 'Could not log in, please check your credentials'}, 400 except Exception as e: print('========================================') print('error description: ', e) print('========================================') return {'message': 'Could not log in user.'}, 500
def put(self, reset_token: str): '''Reset User Password''' # Get User-agent and ip address try: my_ip = request.environ.get('HTTP_X_FORWARDED_FOR') if my_ip is None: ip = request.environ['REMOTE_ADDR'] else: ip = request.environ['HTTP_X_FORWARDED_FOR'] if ip is None or str(ip) == '127.0.0.1' or str(ip) == '172.17.0.1': return { 'message': 'This request has been rejected. Please use a recognised device' }, 403 # Compute operating system device_operating_system = generate_device_data() if 'error' in device_operating_system.keys(): return {'message': device_operating_system['error']}, 403 device_os = device_operating_system['device_os'] received_reset_token = reset_token TokenGenerator.decode_token(received_reset_token) token = TokenGenerator.token # Check for an existing reset_token with is_expired status as False reset_code_record = PasswordResetModel.fetch_by_reset_code( reset_code=token) if not reset_code_record: return {'message': 'This reset token does not exist'}, 404 if reset_code_record.is_expired == True: user_id = reset_code_record.user_id is_expired = True user_records = PasswordResetModel.fetch_by_user_id(user_id) record_ids = [] for record in user_records: record_ids.append(record.id) for record_id in record_ids: PasswordResetModel.expire_token(id=record_id, is_expired=is_expired) return { 'message': 'Password reset token has already been used. Please request a new password reset.' }, 403 user_id = reset_code_record.user_id is_expired = True user_records = PasswordResetModel.fetch_by_user_id(user_id) record_ids = [] for record in user_records: record_ids.append(record.id) for record_id in record_ids: PasswordResetModel.expire_token(id=record_id, is_expired=is_expired) data = api.payload if not data: return {'message': 'No input data detected'}, 400 password = data['password'] hashed_password = generate_password_hash(data['password'], method='sha256') UserModel.update_password(id=user_id, password=hashed_password) this_user = UserModel.fetch_by_id(id=user_id) # user = user_schema.dump(this_user) # This line would be used if we were outputing the user user_id = this_user.id # fetch User role user_role = UserRoleModel.fetch_by_user_id(user_id) privileges = user_role.role.role # Create access token expiry_time = timedelta(minutes=30) my_identity = {'id': this_user.id, 'privileges': privileges} access_token = create_access_token(identity=my_identity, expires_delta=expiry_time, fresh=True) refresh_token = create_refresh_token(my_identity) # Save session info to db new_session_record = SessionModel( user_ip_address=ip, device_operating_system=device_os, user_id=user_id) new_session_record.insert_record() # Record this event in user's logs log_method = 'put' log_description = 'Password reset' auth_token = {"Authorization": "Bearer %s" % access_token} record_user_log(auth_token, log_method, log_description) return { 'access_token': access_token, "refresh_token": refresh_token }, 200 except Exception as e: print('========================================') print('error description: ', e) print('========================================') return {'message': 'Could not reset password.'}, 500