diff --git a/ereuse_devicehub/config.py b/ereuse_devicehub/config.py index 79a9b75b..4dd3f12e 100644 --- a/ereuse_devicehub/config.py +++ b/ereuse_devicehub/config.py @@ -94,3 +94,4 @@ class DevicehubConfig(Config): MAIL_PORT = config('MAIL_PORT', 587) MAIL_USE_TLS = config('MAIL_USE_TLS', True) MAIL_DEFAULT_SENDER = config('MAIL_DEFAULT_SENDER', '') + API_DLT = config('API_DLT', None) diff --git a/ereuse_devicehub/forms.py b/ereuse_devicehub/forms.py index 0f4cefbe..fbb136d8 100644 --- a/ereuse_devicehub/forms.py +++ b/ereuse_devicehub/forms.py @@ -1,4 +1,5 @@ -from flask import g +from flask import current_app as app +from flask import g, session from flask_wtf import FlaskForm from werkzeug.security import generate_password_hash from wtforms import BooleanField, EmailField, PasswordField, validators @@ -60,6 +61,12 @@ class LoginForm(FlaskForm): if not user.is_active: self.form_errors.append(self.error_messages['inactive']) + if 'trublo' not in app.blueprints.keys(): + token_dlt = ( + user.get_dlt_keys(self.password.data).get('data', {}).get('api_token') + ) + session['token_dlt'] = token_dlt + return user.is_active @@ -95,6 +102,15 @@ class PasswordForm(FlaskForm): return True def save(self, commit=True): + if 'trublo' not in app.blueprints.keys(): + keys_dlt = g.user.get_dlt_keys(self.password.data) + g.user.reset_dlt_keys(self.newpassword.data, keys_dlt) + + token_dlt = ( + user.get_dlt_keys(self.password.data).get('data', {}).get('api_token') + ) + session['token_dlt'] = token_dlt + g.user.password = self.newpassword.data db.session.add(g.user) diff --git a/ereuse_devicehub/resources/user/models.py b/ereuse_devicehub/resources/user/models.py index 5eadb21d..efb569e8 100644 --- a/ereuse_devicehub/resources/user/models.py +++ b/ereuse_devicehub/resources/user/models.py @@ -1,5 +1,7 @@ +import json from uuid import uuid4 +from citext import CIText from flask import current_app as app from flask_login import UserMixin from sqlalchemy import BigInteger, Boolean, Column, Sequence @@ -28,6 +30,7 @@ class User(UserMixin, Thing): token = Column(UUID(as_uuid=True), default=uuid4, unique=True, nullable=False) active = Column(Boolean, default=True, nullable=False) phantom = Column(Boolean, default=False, nullable=False) + api_keys_dlt = Column(CIText(), nullable=True) inventories = db.relationship( Inventory, backref=db.backref('users', lazy=True, collection_class=set), @@ -93,6 +96,37 @@ class User(UserMixin, Thing): # take advantage of SQL Alchemy PasswordType to verify password return self.password == password + def set_new_dlt_keys(self, password): + if 'trublo' not in app.blueprints.keys(): + return + + from ereuseapi.methods import register_user + + from modules.trublo.utils import encrypt + + api_dlt = app.config.get('API_DLT') + data = register_user(api_dlt) + data = json.dumps(data) + self.api_keys_dlt = encrypt(password, data) + + def get_dlt_keys(self, password): + if 'trublo' not in app.blueprints.keys(): + return {} + + from modules.trublo.utils import decrypt + + data = decrypt(password, self.api_keys_dlt) + return json.loads(data) + + def reset_dlt_keys(self, password, data): + if 'trublo' not in app.blueprints.keys(): + return + + from modules.trublo.utils import encrypt + + data = json.dumps(data) + self.api_keys_dlt = encrypt(password, data) + class UserInventory(db.Model): """Relationship between users and their inventories.""" diff --git a/ereuse_devicehub/views.py b/ereuse_devicehub/views.py index 89ccc6e4..1316efae 100644 --- a/ereuse_devicehub/views.py +++ b/ereuse_devicehub/views.py @@ -1,7 +1,7 @@ import flask from flask import Blueprint from flask import current_app as app -from flask import g +from flask import g, session from flask.views import View from flask_login import current_user, login_required, login_user, logout_user from sqlalchemy import or_