diff options
| -rw-r--r-- | wqflask/wqflask/user_manager.py | 60 |
1 files changed, 57 insertions, 3 deletions
diff --git a/wqflask/wqflask/user_manager.py b/wqflask/wqflask/user_manager.py index 15eaf8cc..d652f2e9 100644 --- a/wqflask/wqflask/user_manager.py +++ b/wqflask/wqflask/user_manager.py @@ -13,6 +13,7 @@ import urlparse import simplejson as json +#from redis import StrictRedis import redis # used for collections Redis = redis.StrictRedis() @@ -41,6 +42,7 @@ from smtplib import SMTP from utility.tools import SMTP_CONNECT, SMTP_USERNAME, SMTP_PASSWORD, LOG_SQL_ALCHEMY THREE_DAYS = 60 * 60 * 24 * 3 +#THREE_DAYS = 45 def timestamp(): return datetime.datetime.utcnow().isoformat() @@ -64,6 +66,16 @@ class AnonUser(object): def set_cookie(response): response.set_cookie(self.cookie_name, self.cookie) + def add_collection(self, new_collection): + collection_dict = dict(name = new_collection.name, + created_timestamp = datetime.datetime.utcnow().strftime('%b %d %Y %I:%M%p'), + changed_timestamp = datetime.datetime.utcnow().strftime('%b %d %Y %I:%M%p'), + num_members = new_collection.num_members, + members = new_collection.get_members()) + + Redis.set(self.key, json.dumps(collection_dict)) + Redis.expire(self.key, 60 * 60 * 24 * 5) + def delete_collection(self, collection_name): existing_collections = self.get_collections() updated_collections = [] @@ -159,11 +171,19 @@ class UserSession(object): self.session_id = session_id self.record = Redis.hgetall(self.redis_key) + if not self.record: # This will occur, for example, when the browser has been left open over a long # weekend and the site hasn't been visited by the user self.logged_in = False + ########### Grrr...this won't work because of the way flask handles cookies + # Delete the cookie + #response = make_response(redirect(url_for('login'))) + #response.set_cookie(self.cookie_name, '', expires=0) + #flash( + # "Due to inactivity your session has expired. If you'd like please login again.") + #return response return if Redis.ttl(self.redis_key) < THREE_DAYS: @@ -198,6 +218,7 @@ class UserSession(object): self.db_object = model.User.query.get(self.user_id) return self.db_object + def delete_session(self): # And more importantly delete the redis record Redis.delete(self.cookie_name) @@ -213,10 +234,12 @@ class UsersManager(object): self.users = model.User.query.all() logger.debug("Users are:", self.users) + class UserManager(object): def __init__(self, kw): self.user_id = kw['user_id'] logger.debug("In UserManager locals are:", pf(locals())) + #self.user = model.User.get(user_id) #logger.debug("user is:", user) self.user = model.User.query.get(self.user_id) logger.debug("user is:", self.user) @@ -230,8 +253,10 @@ class UserManager(object): logger.debug(" Confidential:", dataset.check_confidentiality()) #logger.debug(" ---> self.datasets:", self.datasets) + class RegisterUser(object): def __init__(self, kw): + self.thank_you_mode = False self.errors = [] self.user = Bunch() es = kw.get('es_connection', None) @@ -279,6 +304,7 @@ def set_password(password, user): pwfields.algorithm = "pbkdf2" pwfields.hashfunc = "sha256" + #hashfunc = getattr(hashlib, pwfields.hashfunc) # Encoding it to base64 makes storing it in json much easier pwfields.salt = base64.b64encode(os.urandom(32)) @@ -307,6 +333,7 @@ def set_password(password, user): sort_keys=True, ) + class VerificationEmail(object): template_name = "email/verification.txt" key_prefix = "verification_code" @@ -321,6 +348,7 @@ class VerificationEmail(object): ) Redis.set(key, data) + #two_days = 60 * 60 * 24 * 2 Redis.expire(key, THREE_DAYS) to = user.email_address subject = self.subject @@ -435,6 +463,7 @@ def password_reset_step2(): logger.debug("locals are:", locals()) + user = Bunch() password = request.form['password'] set_password(password, user) @@ -460,6 +489,8 @@ class DecodeUser(object): def __init__(self, code_prefix): verify_url_hmac(request.url) + #params = urlparse.parse_qs(url) + self.verification_code = request.args['code'] self.user = self.actual_get_user(code_prefix, self.verification_code) @@ -631,6 +662,8 @@ class LoginUser(object): else: import_col = "false" + #g.cookie_session.import_traits_to_user() + return self.actual_login(user, import_collections=import_col) else: @@ -658,6 +691,7 @@ class LoginUser(object): login_rec.successful = True login_rec.session_id = str(uuid.uuid4()) login_rec.assumed_by = assumed_by + #session_id = "session_id:{}".format(login_rec.session_id) session_id_signature = actual_hmac_creation(login_rec.session_id) session_id_signed = login_rec.session_id + ":" + session_id_signature logger.debug("session_id_signed:", session_id_signed) @@ -692,12 +726,13 @@ def logout(): response.set_cookie(UserSession.cookie_name, '', expires=0) return response + @app.route("/n/forgot_password", methods=['GET']) def forgot_password(): """Entry point for forgotten password""" - logger.debug("ARGS: ", request.args) + print("ARGS: ", request.args) errors = {"no-email": request.args.get("no-email")} - logger.debug("ERRORS: ", errors) + print("ERRORS: ", errors) return render_template("new_security/forgot_password.html", errors=errors) @app.route("/n/forgot_password_submit", methods=('POST',)) @@ -733,6 +768,8 @@ def super_only(): flash("You must be a superuser to access that page.", "alert-error") abort(401) + + @app.route("/manage/users") def manage_users(): super_only() @@ -773,11 +810,13 @@ def assume_identity(): assumed_by = g.user_session.user_id return LoginUser().actual_login(user, assumed_by=assumed_by) + @app.route("/n/register", methods=('GET', 'POST')) def register(): params = None errors = None + params = request.form if request.form else request.args params = params.to_dict(flat=True) es = get_elasticsearch_connection() @@ -794,6 +833,7 @@ def register(): return render_template("new_security/register_user.html", values=params, errors=errors) + ################################# Sign and unsign ##################################### def url_for_hmac(endpoint, **values): @@ -812,6 +852,7 @@ def data_hmac(stringy): """Takes arbitray data string and appends :hmac so we know data hasn't been tampered with""" return stringy + ":" + actual_hmac_creation(stringy) + def verify_url_hmac(url): """Pass in a url that was created with url_hmac and this assures it hasn't been tampered with""" logger.debug("url passed in to verify is:", url) @@ -846,6 +887,13 @@ app.jinja_env.globals.update(url_for_hmac=url_for_hmac, ####################################################################################### +# def send_email(to, subject, body): +# msg = json.dumps(dict(From="no-reply@genenetwork.org", +# To=to, +# Subject=subject, +# Body=body)) +# Redis.rpush("mail_queue", msg) + def send_email(toaddr, msg, fromaddr="no-reply@genenetwork.org"): """Send an E-mail through SMTP_CONNECT host. If SMTP_USERNAME is not 'UNKNOWN' TLS is used @@ -870,4 +918,10 @@ def send_email(toaddr, msg, fromaddr="no-reply@genenetwork.org"): class GroupsManager(object): def __init__(self, kw): - self.datasets = create_datasets_list()
\ No newline at end of file + self.datasets = create_datasets_list() + + +class RolesManager(object): + def __init__(self): + self.roles = model.Role.query.all() + logger.debug("Roles are:", self.roles) |