university-final-iot-backend/app/accounts/api.py

139 lines
3.6 KiB
Python

import datetime
from app.core import bcrypt
from .models import Account, Role
from .emailtoken import generate_confirmation_token, confirm_token
def create_account(username, email, password):
"""
Tries to create account with given parameters. Raises error on failure
:param username: Desired username for Account
:param email: Desired email for Account
:param password: Desired password for Account
:type username: string
:type email: string
:type password: string
:returns: Account and Email confirmation token if creation was successful
:rtype: string
:raises: ValueError if account already exists
"""
if not Account.exists_with_any_of(username=username, email=email):
pw_hash = bcrypt.generate_password_hash(password).decode('utf-8')
account = Account(username, pw_hash, email)
account.save()
emailtoken = generate_confirmation_token(account.email)
return account, emailtoken
raise ValueError("Account with given parameters already exists")
def confirm_email_token(token):
try:
email = confirm_token(token)
except Exception:
return False, None
user = Account.query.filter_by(email=email).first_or_404()
if user.confirmed:
return True, user.email
else:
user.confirmed = True
user.confirmed_on = datetime.datetime.now()
user.save()
return True, user.email
def update_account_role(account_id, role_id):
"""
Tries to update account role
:param account_id: Target account id
:param role_id: New role role_id
:type account_id: int
:type role_id: int
:returns: True if role is updated successfully
:rtype: Boolean
"""
acc = Account.get(id=account_id)
acc.role_id = role_id
acc.save()
return acc
def create_role(display_name, permissions):
"""
Tries to create role
:param display_name: Name of role - display only
:param permissions: List of strings - permissions that this role has
:type display_name: String
:type permissions: List of String
:returns: True if role is successfully created
:rtype: Boolean
:raises: ValueError if role already exists
"""
role = Role(display_name, permissions)
role.save()
return role
def get_role(role_id):
"""
Tries to get role
:param role_id: Id of role
:type role_id: int
:returns: Role if found
:rtype: Role
"""
return Role.get(role_id)
def get_all_roles():
"""
Gets all roles
:returns: Role list if found
:rtype: List of Roles
"""
return Role.get_all()
def create_token(username, password):
"""
Tries to create token for account with given parameters.
Raises error on failure
:param username: username of Account
:param password: password of Account
:type username: string
:type password: string
:returns: created token
:rtype: string
:raises: ValueError if credentials are invalid or account does not exist
"""
if not Account.exists(username=username):
raise ValueError("Invalid credentials")
account = Account.get(username=username)
if not bcrypt.check_password_hash(account.password, password):
raise ValueError("Invalid credentials")
if not account.confirmed:
raise ValueError("Email not confirmed")
return account.create_auth_token()
def validate_token(token):
"""
Validates token and returns associated account
:param token: auth token to validate
:type token: string
:returns: created token
:rtype: Account
"""
return Account.validate_token(token)