def populate_sample_data():
with db:
u = User(login_id="test",
password_hashed=pbkdf2_sha256.hash("test"),
role="ST",
email="*****@*****.**",
first_name="TEST",
last_name="USER",
inst_id="CSB1000")
u.save()
u = User(login_id="admin",
password_hashed=pbkdf2_sha256.hash("admin"),
role="SU",
email="*****@*****.**",
first_name="ADMIN",
last_name="USER",
inst_id="CSB1001")
u.save()
u = User(login_id="test1",
password_hashed=pbkdf2_sha256.hash("test1"),
role="ST",
email="*****@*****.**",
first_name="TEST",
last_name="USER1",
inst_id="CSB1002",
is_locked='Y')
u.save()
def test_mark_attendance(client):
""" Tests mark attendance """
# Add test users
with db:
u = User(login_id="A",
password=pbkdf2_sha256.hash("A"),
role="GN",
email="*****@*****.**",
first_name="A",
last_name="",
inst_id="CSB1000")
u.save()
u = User(login_id="B",
password=pbkdf2_sha256.hash("B"),
role="GN",
email="*****@*****.**",
first_name="B",
last_name="",
inst_id="CSB1000")
u.save()
u = User(login_id="C",
password=pbkdf2_sha256.hash("C"),
role="GN",
email="*****@*****.**",
first_name="C",
last_name="",
inst_id="CSB1000")
u.save()
# Test incorrect data format
response = client.post('/fras/app/login',
json={
'login_id': 'admin',
'password': '******'
})
response = client.post('/fras/app/mark_attendance',
data={'file': './../test_data/modi_grp1.jpeg'})
assert response.json["status"] == "ERROR"
# Test empty file name
data = {'group_photo': (io.BytesIO(b'image data'), '')}
response = client.post('/fras/app/login',
json={
'login_id': 'admin',
'password': '******'
})
response = client.post('/fras/app/mark_attendance', data=data)
assert response.json["status"] == "ERROR"
# Successful test
data = {'group_photo': (io.BytesIO(b'image data'), 'image.jpg')}
response = client.post('/fras/app/login',
json={
'login_id': 'admin',
'password': '******'
})
response = client.post('/fras/app/mark_attendance', data=data)
assert response.json["status"] == "OK"
assert response.json["body"]["names_found"] == ['A', 'B', 'C']
def before_insert(resource, documents):
if resource == 'users':
for document in documents:
document['password'] = pbkdf2_sha256.hash(document['password'])
else:
categories = current_app.data.driver.db['categories']
new_bulk = []
for document in documents:
_id = ObjectId(document.get('parent_category'))
category = categories['categories'].find({
'_id': _id
})
if category:
if resource == 'items':
new_bulk.append(UpdateOne(
{'_id': _id},
{'$inc': {'items': 1}}
))
elif resource == 'categories':
if resource == 'items':
new_bulk.append(UpdateOne(
{'_id': _id},
{'$inc': {'child_categories': 1}}
))
try:
categories.bulk_write(new_bulk)
except BulkWriteError as bwe:
pprint(bwe.details)
except pymongo.errors.InvalidOperation:
pass
def create_director(dirEmail, password, facultyEmail, start_date):
try:
# Faculty.objects.filter()faculty_id=faculty_ID)
AuthObj = AuthTable.objects.get(emailID=facultyEmail)
Faculty.objects.get(faculty_id=Employee.objects.get(emp_ID = AuthObj))
except:
print('Director should be Faculty')
return
try:
aa = Director.objects.get(end_date=None)
aa.end_date = datetime.date.today()
aa.save()
AuthTable.objects.get(aa.dir_ID).delete()
except:
pass
Authobj = AuthTable()
Authobj.emailID = dirEmail
Authobj.password = pbkdf2_sha256.hash(password)
Authobj.role = 'DIRECTOR'
Authobj.save()
EmpObj = Employee.objects.get(emp_ID=AuthObj)
EmpObj.current_role = 'DIRECTOR'
EmpObj.save()
DirObj = Director()
DirObj.dirEmail = dirEmail
DirObj.faculty_ID = Faculty.objects.get(faculty_id=EmpObj)
DirObj.start_date = start_date
DirObj.save()
def createFaculty(emp_ID, password, dept_ID, first_name, last_name, date_of_birth, gender, address, PAN,
date_of_join, leave_available, borrow_available, grade, past_exp):
Authobj = AuthTable()
Authobj.emailID = emp_ID
Authobj.password = pbkdf2_sha256.hash(password)
Authobj.role = 'FACULTY'
Authobj.save()
newOBJ = AuthTable.objects.get(emailID=emp_ID)
empObj = Employee()
empObj.emp_ID = newOBJ
empObj.first_name = first_name
empObj.last_name = last_name
empObj.date_of_birth = date_of_birth
empObj.gender = gender
empObj.address = address
empObj.PAN = PAN
empObj.date_of_join = date_of_join
empObj.current_role = 'Faculty'
empObj.leave_available = leave_available
empObj.borrow_available = borrow_available
empObj.grade_of_employment = grade
empObj.past_experience = past_exp
empObj.save()
FacultyObj = Faculty()
FacultyObj.faculty_id = emp_ID
FacultyObj.dept_ID = dept_ID
FacultyObj.save()
def login_user(self, username: str, password: str, captcha: str,
captcha_id: str, ip: str, browser: str) -> dict:
# verify captcha in the first place.
redis = Redis().r
correct_captcha = redis.get(captcha_id)
if correct_captcha is None:
return {
"status_code": HTTPStatus.BAD_REQUEST,
"message": "验证码已过期",
"status": False
}
elif correct_captcha.lower() == captcha.lower():
redis.expire(captcha_id, 0)
else:
return {
"status_code": HTTPStatus.FORBIDDEN,
"message": "验证码错误",
"status": False
}
# check user account is locked.
data = self.db["users"].find_one({"username": username}) or {}
if data.get("status", {}).get("disable"):
return {
"status_code": HTTPStatus.FORBIDDEN,
"status": False,
"message": data.get("status", {}).get("reason")
}
returned_value = {"status_code": 0, "message": ""}
if data:
# try to login
stored_password = data["password"]
if pbkdf2_sha256.verify(password, stored_password):
returned_value["status_code"] = HTTPStatus.OK
else:
returned_value["status_code"] = HTTPStatus.FORBIDDEN
returned_value["message"] = "用户名或密码错误"
else:
# register
hash_value = pbkdf2_sha256.hash(password)
try:
self.db["users"].insert_one(
dict(username=username,
password=hash_value,
date=ts_date(),
ip=ip,
browser=browser))
returned_value["status_code"] = HTTPStatus.CREATED
except Exception as e:
returned_value[
"status_code"] = HTTPStatus.INTERNAL_SERVER_ERROR
returned_value["message"] = str(e)
returned_value["username"] = data.get("username")
returned_value["group"] = data.get("group", ["user"])
return returned_value
def createCCFS(emp_ID, password, dept_ID, first_name, last_name, date_of_birth, gender, address, PAN,
date_of_join, leave_available, borrow_available, grade, past_exp,contact):
Authobj = AuthTable()
Authobj.emailID = emp_ID
Authobj.password = pbkdf2_sha256.hash(password)
Authobj.role = 'CCFS'
Authobj.save()
newOBJ = AuthTable.objects.get(emailID=emp_ID)
empObj = Employee()
empObj.emp_ID = newOBJ
empObj.first_name = first_name
empObj.last_name = last_name
empObj.date_of_birth = date_of_birth
empObj.gender = gender
empObj.address = address
empObj.PAN = PAN
empObj.date_of_join = date_of_join
empObj.current_role = 'CCFS'
empObj.leave_available = leave_available
empObj.borrow_available = borrow_available
empObj.grade_of_employment = grade
empObj.past_experience = past_exp
empObj.contact = contact
empObj.save()
CCFSObj = Ccfs()
CCFSObj.ccfs_id = empObj
CCFSObj.dept_ID = Department.objects.get(dept_ID=dept_ID)
CCFSObj.save()
def login_user(self, username: str, password: str, ip: str,
browser: str) -> dict:
data = self.db["users"].find_one({"username": username})
returned_value = {"status_code": 0, "message": ""}
if data:
# try to login
stored_password = data["password"]
if pbkdf2_sha256.verify(password, stored_password):
returned_value["status_code"] = HTTPStatus.OK
else:
returned_value["status_code"] = HTTPStatus.FORBIDDEN
returned_value["message"] = "用户名或密码错误"
else:
hash_value = pbkdf2_sha256.hash(password)
try:
self.db["users"].insert_one(
dict(username=username,
password=hash_value,
date=ts_date(),
ip=ip,
browser=browser))
returned_value["status_code"] = HTTPStatus.CREATED
except Exception as e:
returned_value[
"status_code"] = HTTPStatus.INTERNAL_SERVER_ERROR
returned_value["message"] = str(e)
return returned_value
def createEvent(name,begin,end,location,description,leader,img): size=6 chars=string.ascii_uppercase + string.digits unHashed = ''.join(random.choice(chars) for _ in range(size)) qr_code = pbkdf2_sha256.hash(unHashed) if(name == '' or begin == '' or end == '' or location == '' or description == '' or leader== '' or img==''): return 400 event = Event( name=name, begin=begin, end=end, location=location, desc=description, leader=leader, cancel=0, img=img, qr_code=qr_code, created= datetime.datetime.now(), link= None ) return Persister.persist_object(event)
def create_registrar(regEmail, password, staffEmail, start_date):
try:
AuthObj = AuthTable.objects.get(emailID=staffEmail)
StaffObj = Staff.objects.get(staff_id=Employee.objects.get(emp_ID=AuthObj))
except:
print('This employee is not staff')
return
try:
aa = Registrar.objects.get(end_date=None)
aa.end_date = datetime.date.today()
aa.save()
AuthTable.objects.get(emailID=aa.regEmail).delete()
except:
pass
Authobj = AuthTable()
Authobj.emailID = regEmail
Authobj.password = pbkdf2_sha256.hash(password)
Authobj.role = 'REGISTRAR'
Authobj.save()
EmpObj = Employee.objects.get(emp_ID=AuthObj)
EmpObj.current_role = 'REGISTRAR'
EmpObj.save()
RegObj = Registrar()
RegObj.regEmail = regEmail
RegObj.staff_id = StaffObj
RegObj.start_date = start_date
RegObj.save()
def _changepass(self):
h1 = pw.hash(getpass("Enter new passphrase: "))
if not pw.verify(getpass("Confirm passphrase: "), h1):
print("Passphrases do not match.")
return False
self.model["hash"] = h1
print("Passphrase set. Change must be manually uploaded via 'commit'.")
return True
def updateEvent(id, name, begin, end, location, description, leader, img):
size = 6
chars = string.ascii_uppercase + string.digits
unHashed = ''.join(random.choice(chars) for _ in range(size))
qr_code = pbkdf2_sha256.hash(unHashed)
if (id == '' or name == '' or begin == '' or end == '' or location == ''
or description == '' or leader == '' or img == ''):
return 400
return Persister.update_object(id, name, begin, end, location, description,
leader, img, qr_code)
def generate_and_save_wallet(**kwargs):
password = kwargs.pop('password', None)
password_hash = pbkdf2_sha256.hash(password) if password is not None else None
link_id = uuid()
wallet = MinterWallet.create()
return PushWallet.create(
link_id=link_id,
address=wallet['address'],
mnemonic=wallet['mnemonic'],
password_hash=password_hash, **kwargs)
def signup_view(request):
if request.method == 'POST':
if not request.POST['password'] or not request.POST['username']:
messages.add_message(request, messages.ERROR,
'Please provide a username/password')
return render(request, 'alpha/signup.html')
elif not request.POST['confirmpassword']:
messages.add_message(request, messages.ERROR,
'Please enter confirm password')
return render(
request, 'alpha/signup.html', {
'username': request.POST['username'],
'password': request.POST['password']
})
form = userForm(request.POST)
if form.is_valid():
try:
username = form.cleaned_data['username']
# print(username)
userInstance = User.objects.get(username=username)
messages.add_message(request, messages.ERROR,
'User already exists. Please login.')
except User.DoesNotExist:
userInstance = None
if (userInstance == None):
password = request.POST['password']
confirmpassword = request.POST['confirmpassword']
if password == confirmpassword:
hash = pbkdf2_sha256.hash(password)
pbkdf2_sha256. \
form = User()
form.username = request.POST['username']
# print(hash)
form.password = hash
# print(form.password)
form.save()
else:
messages.add_message(request, messages.ERROR,
"Password mismatch.")
context = {'username': username, 'password': password}
return render(request, 'alpha/signup.html', context)
return redirect('/')
else:
messages.add_message(request, messages.ERROR, '')
print(form.errors)
else:
return render(request, 'alpha/signup.html')
def populate_sample_data():
""" Populates the database with sample data """
with db:
u = User(login_id="test",
password=pbkdf2_sha256.hash("test"),
role="ST",
email="*****@*****.**",
first_name="TEST",
last_name="USER",
inst_id="CSB1000")
u.save()
u = User(login_id="admin",
password=pbkdf2_sha256.hash("admin"),
role="SU",
email="*****@*****.**",
first_name="ADMIN",
last_name="USER",
inst_id="CSB1001")
u.save()
def mutate(root, info, username, password):
user = UserModel(username=username,
password=pbkdf2_sha256.hash(password),
articles=[])
user.save()
return UserCreate.Success(
user=user,
refresh_token=create_refresh_token(user),
access_token=create_access_token(user),
)
def init_database():
db.drop_all()
db.create_all()
add(Url(url='/music-archive/api/v1/artists', description='LIST artist'))
add(User(id=1, username='******', password=pbkdf2_sha256.hash('1234')))
add(Artist(id=1, name='Dua Lipa', genres='Pop, R&B',
born='22 August 1995'))
add(
Artist(id=2,
name='Shirley Ann Manson',
genres='Alternative rock',
born='26 de agosto de 1966'))
def authorize():
session = Session()
try:
auth_response = session.post(
f'http://{FACE_RECOGNITION_SERVER}/auth',
json={
'username': FACE_RECOGNITION_API_LOGIN,
'password': pbkdf2_sha256.hash(FACE_RECOGNITION_API_PASSWORD)
})
except requests.ConnectionError:
print('Server authentication error')
else:
access_token = auth_response.json()['jwt']
session.headers.update({'Authorization': f'Bearer {access_token}'})
return session
def givePost(postEmail, password, ccfsEmail,start_date,name):
try:
AuthObj = AuthTable.objects.get(emailID=ccfsEmail)
CCFSObj = Ccfs.objects.get(ccfs_id=Employee.objects.get(emp_ID=AuthObj))
# CCFSObj = Ccfs.objects.get(ccfs_id=ccfs_id)
except:
print('This employee is not CCFS')
return
try:
aa = Post.objects.filter(end_date=None)
for postobj in aa.iterator():
if postobj.name == name:
postobj.end_date = datetime.date.today()
postobj.save()
EmpObj = Employee.objects.get(emp_ID=postobj.ccfs.ccfs_id)
EmpObj.current_role = 'CCFS'
EmpObj.save()
AuthTable.objects.get(emailID = postobj.post_ID).delete()
# EmpObj = Employee.objects.get(emp_ID=asreg.staff_id.staff_id)
# EmpObj.current_role = 'STAFF'
# EmpObj.save()
# AuthTable.objects.get(emailID=asreg.assRegEmail).delete()
except:
print('Something wrong')
pass
Authobj = AuthTable()
Authobj.emailID = postEmail
Authobj.password = pbkdf2_sha256.hash(password)
Authobj.role = name
Authobj.save()
EmpObj = Employee.objects.get(emp_ID=AuthObj)
EmpObj.current_role = name
EmpObj.save()
postObj = Post()
postObj.postEmail = postEmail
postObj.ccfs = CCFSObj
postObj.start_date = start_date
postObj.name = name
postObj.save()
def test_login_logout(client):
""" Test for login and logout """
# Test successful login, current user and logout
response = client.post('/fras/app/login',
json={
'login_id': 'admin',
'password': '******'
})
response = client.get('/fras/app/current_user')
assert response.json["body"]["user"] == session["user"]
response = client.get('/fras/app/logout')
response = client.get('/fras/app/current_user')
assert response.json["status"] == "ERROR"
# Test unsuccesful login request
response = client.post('/fras/app/login',
data={
'login_id': 'admin',
'password': '******'
})
assert response.json["status"] == "ERROR"
# Test incorrect password
response = client.post('/fras/app/login',
json={
'login_id': 'admin',
'password': '******'
})
assert response.json["status"] == "ERROR"
# Test locked user
with db:
u = User(login_id="locked",
password=pbkdf2_sha256.hash("locked"),
role="ST",
email="*****@*****.**",
first_name="LOCKED",
last_name="USER",
inst_id="CSB1000",
is_locked=True)
u.save()
response = client.post('/fras/app/login',
json={
'login_id': 'admin',
'password': '******'
})
assert response.json["status"] == "ERROR"
def editprofile(request):
userid = request.session.get('userid')
if userid:
if request.method == 'POST' and request.is_ajax():
print("here")
Firstname = request.POST.get("firstname").strip()
Lastname = request.POST.get("lastname").strip()
Email = request.POST.get("email").strip()
password = request.POST.get("password").strip()
encryptedpass= pbkdf2_sha256.hash(request.POST.get("password"))
stuff = Userreg.objects.filter(id=userid).update(Firstname=Firstname, Lastname=Lastname, Useremail=Email,
password=encryptedpass)
print("here2")
return JsonResponse({"update": "success"})
print("nothere")
return JsonResponse({"update": "fail"})
def test_kface_view(client):
""" Test kface view view """
# NO kface view
response = client.post('/fras/app/login',
json={
'login_id': 'admin',
'password': '******'
})
response = client.get('/fras/app/kface/1')
assert response.json["status"] == "ERROR"
# Successful kface view
with db:
u = User(login_id="A",
password=pbkdf2_sha256.hash("A"),
role="GN",
email="*****@*****.**",
first_name="A",
last_name="",
inst_id="CSB1000")
u.save()
img = cv2.imread('./../../test_data/nmodi.jpg')
data = {
'photo': str(cv2.imencode('.jpg', img)[1].tobytes()),
'id': 2,
'user': {
'login_id': "A",
'password': '******',
'role': "GN",
'email': "*****@*****.**",
'first_name': "A",
'last_name': "",
'inst_id': "CSB1000",
}
}
response = client.post('/fras/app/login',
json={
'login_id': 'admin',
'password': '******'
})
response = client.post('/fras/app/kface_save', json=data)
response = client.get('/fras/app/kface/5')
assert response.json["status"] == "ERROR"
def create_assist_registrar(aregEmail, password, staffEmail, start_date):
try:
AuthObj = AuthTable.objects.get(emailID=staffEmail)
StaffObj = Staff.objects.get(staff_id=Employee.objects.get(emp_ID=AuthObj))
department = StaffObj.dept_ID
except:
print('This employee is not staff')
return
Authobj = AuthTable()
Authobj.emailID = aregEmail
Authobj.password = pbkdf2_sha256.hash(password)
Authobj.role = 'ASSIST_REGISTRAR'
Authobj.save()
try:
aa = AssistRegistrar.objects.filter(end_date=None)
for asreg in aa.iterator():
if asreg.staff_id.dept_ID == department:
asreg.end_date = datetime.date.today()
asreg.save()
# EmpObj = Employee.objects.get(emp_ID=asreg.staff_id)
# EmpObj.current_role = 'STAFF'
# EmpObj.save()
# AuthTable.objects.get(emailID = asreg.areg_ID).delete()
EmpObj = Employee.objects.get(emp_ID=asreg.staff_id.staff_id)
EmpObj.current_role = 'STAFF'
EmpObj.save()
AuthTable.objects.get(emailID=asreg.assRegEmail).delete()
except:
pass
EmpObj = Employee.objects.get(emp_ID=AuthObj)
EmpObj.current_role = 'ASSIST_REGISTRAR'
EmpObj.save()
AregObj = AssistRegistrar()
AregObj.assRegEmail = aregEmail
AregObj.staff_id = StaffObj
AregObj.start_date = start_date
AregObj.save()
def create_campaign(recipients,
sender,
cost,
campaign_pass=None,
wallet_pass=None,
target=None,
customization_id=None):
campaign_pass_hash = pbkdf2_sha256.hash(
campaign_pass) if campaign_pass is not None else None
campaign_wallet = generate_and_save_wallet()
campaign = PushCampaign.create(wallet_link_id=campaign_wallet.link_id,
status='open',
cost_pip=str(to_pip(cost)),
company=sender,
password_hash=campaign_pass_hash,
customization_setting_id=customization_id)
for info in recipients.values():
balance = str(to_pip(info['amount'] + 0.01))
wallet = generate_and_save_wallet(
sender=sender,
recipient=info['name'],
password=wallet_pass,
campaign_id=campaign.id,
virtual_balance=balance,
customization_setting_id=customization_id)
info['token'] = wallet.link_id
Recipient.bulk_create([
Recipient(email=email,
campaign_id=campaign.id,
name=info['name'],
amount_pip=str(to_pip(info['amount'])),
wallet_link_id=info['token'],
target_shop=target) for email, info in recipients.items()
],
batch_size=100)
return campaign, campaign_wallet
def create_hod(hodEmail,password, facultyEmail, start_date):
try:
AuthObj = AuthTable.objects.get(emailID=facultyEmail)
FacultyObj = Faculty.objects.get(faculty_id=Employee.objects.get(emp_ID=AuthObj))
department = FacultyObj.dept_ID
except:
print('This employee is not faculty')
return
try:
aa = Hod.objects.filter(end_date=None)
for hod in aa.iterator():
if department == hod.faculty_ID.dept_ID:
hod.end_date = datetime.date.today()
hod.save()
EmpObj = Employee.objects.get(emp_ID=hod.faculty_ID.faculty_id)
EmpObj.current_role = 'FACULTY'
EmpObj.save()
AuthTable.objects.get(emailID=hod.hodEmail).delete()
except:
pass
Authobj = AuthTable()
Authobj.emailID = hodEmail
Authobj.password = pbkdf2_sha256.hash(password)
Authobj.role = 'HOD'
Authobj.save()
EmpObj = Employee.objects.get(emp_ID=AuthObj)
EmpObj.current_role = 'HOD'
EmpObj.save()
HodObj = Hod()
HodObj.hodEmail = hodEmail
HodObj.faculty_ID = FacultyObj
HodObj.start_date = start_date
HodObj.save()
def userlogin():
if request.method == "POST":
try:
connection = psycopg2.connect(
user="******",
password="******",
host="localhost",
port="5432",
database="postgres",
)
cursor = connection.cursor()
email_entered = request.form["email"]
password_entered = request.form["password"]
print(email_entered, password_entered)
record_to_search = (email_entered, )
sql_login_query = """SELECT * FROM users WHERE users.email = %s"""
cursor.execute(sql_login_query, record_to_search)
# hash the password entered by the user
hash = pbkdf2_sha256.hash(password_entered)
# check the hashed password
pbkdf2_sha256.verify(password_entered, hash)
print("Password successful")
# check the role of the user
sql_role_query = """SELECT users.designation,
users.motp, users.eotp, users.phone, users.email, users.designation FROM users WHERE users.email = %s"""
cursor.execute(sql_role_query, record_to_search)
query = cursor.fetchone()
designation = query[0]
motp = query[1]
eotp = query[2]
phone = query[3]
email = query[4]
role = query[5]
print(designation, motp, eotp, phone, email)
if (motp == False) and (eotp == False):
# Need of OTP
client = Client(account_sid, auth_token)
# send OTP on email
email_input = email
# the account which sends OTP , edit values in other.py
usr_mail = user_email_id
# "" password, edit values in other.py
usr_pwd = user_pwd
# generating email OTP
# selects a random number from a list(nums) in other.py file
# this method will be used only for testing purposes
email_otp = random.choice(nums)
content = (
"Hello Use This OTP to sign in to your SS RPA account! Do not Share this code: "
+ str(email_otp))
msg = EmailMessage()
msg["Subject"] = "OTP Verification For SS RPA Login."
msg["From"] = usr_mail
msg["To"] = email_input
msg.set_content(content)
with smtplib.SMTP(
"smtp.gmail.com", 587
) as smtp: # make sure to enable "less secure apps" on google before sending (not recievig) mail , link:https://myaccount.google.com/lesssecureapps
smtp.ehlo()
smtp.starttls()
smtp.ehlo()
smtp.login(usr_mail, usr_pwd)
smtp.send_message(msg)
print("Printing email OTP")
print(email_otp)
# send OTP on mobile
phone_num = phone
# right now, for indian numbers only
phone_number = "+91" + str(phone_num)
# generating email OTP
# selects a random number from a list(nums) in other.py file
# this method will be used only for testing purposes
mobile_otp = random.choice(nums)
msg = ("Your One Time Password(OTP) for SS RPA is:" +
str(mobile_otp) + " Do Not Share This Code!")
message = client.messages.create(
body=msg,
from_=str(from_phone),
status_callback=
"http://postb.in/1234abcd", # you can use this too maybe(?)
to=str(phone_number),
)
print("Mobile OTP")
print(mobile_otp)
# update database with motp and eotp
sql_update_m_query = (
"""Update users set m_otp_received = %s where email = %s"""
)
cursor.execute(sql_update_m_query, (mobile_otp, email))
sql_update_e_query = (
"""Update users set e_otp_received = %s where email = %s"""
)
cursor.execute(sql_update_e_query, (email_otp, email))
connection.commit()
return redirect(url_for("otp", email=email))
# connection.commit()
else:
if role == "Admin":
return redirect(url_for("dashboard"))
else:
return redirect(url_for("masterpageuser"))
connection.commit()
print("Logged in sucessfully")
except (Exception, psycopg2.Error) as error:
print("Error in select operation", error)
finally:
# closing database connection.
if connection:
cursor.close()
connection.close()
print("PostgreSQL connection is closed")
return render_template("login_user.html")
def createuser():
if request.method == "POST":
connection = psycopg2.connect(
user="******",
password="******",
host="localhost",
port="5432",
database="postgres",
)
cursor = connection.cursor()
try:
# connection = psycopg2.connect(
# user="******",
# password="******",
# host="localhost",
# port="5432",
# database="postgres",
# )
# cursor = connection.cursor()
username = request.form["username"]
email = request.form["email"]
phone = request.form["phone"]
password = request.form["password"]
# # hashing the password
# # pbkdf2_sha256.using(rounds=1000, salt_size=8).hash(password) to modify the salt & rounds
hashed_pwd = pbkdf2_sha256.hash(password)
gender = request.form["gender"]
designation = request.form["role"]
status = "Disable"
sso = False
motp = False
eotp = False
m_otp_received = "None"
e_otp_received = "None"
print(
username,
email,
phone,
hashed_pwd,
gender,
designation,
status,
sso,
motp,
eotp,
m_otp_received,
e_otp_received,
)
sql_insert_query = """INSERT INTO users (username, email, phone, password,
gender, designation, status, sso, motp, eotp, m_otp_received, e_otp_received)
VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)"""
record_to_insert = (
username,
email,
phone,
hashed_pwd,
gender,
designation,
status,
sso,
motp,
eotp,
m_otp_received,
e_otp_received,
)
cursor.execute(sql_insert_query, record_to_insert)
connection.commit()
print("Record inserted sucessfully")
return redirect(url_for("userlogin"))
except (Exception, psycopg2.Error) as error:
print("Error in select operation", error)
finally:
# closing database connection.
if connection:
cursor.close()
connection.close()
print("PostgreSQL connection is closed")
return render_template("index.html")
SCHEMA = {
2: {
'up': [
[
"""
CREATE TABLE users(
id BIGSERIAL PRIMARY KEY,
email VARCHAR (64) UNIQUE NOT NULL,
password TEXT NOT NULL
);"""
],
[
"INSERT INTO users (email, password) values ($1, $2)",
os.getenv('API_ADMIN_EMAIL'),
pbkdf2_sha256.hash(os.getenv('API_ADMIN_PASSWORD'))
],
["CREATE INDEX idx_users_email ON users(email);"],
],
'down': [
["DROP INDEX idx_users_email"],
["DROP TABLE users;"],
]
},
1: {
'up': [["CREATE TABLE versions( id integer NOT NULL);"],
["INSERT INTO versions VALUES ($1);", 1]],
'down': [
["DROP TABLE versions;"],
]
}
def hash_pass_code(code: []) -> str:
return pbkdf2_sha256.hash(''.join(str(k) for k in code),
salt=b'',
rounds=5000)
from django.test import TestCase
# Create your tests here.
from passlib.handlers.pbkdf2 import pbkdf2_sha256
hased= pbkdf2_sha256.hash("password")
print(hased)
