updated handler exceptions
This commit is contained in:
@@ -14,20 +14,6 @@ from api_events.events.address.address import (
|
||||
AddressPostCodeUpdateEventMethod,
|
||||
AddressPostCodeListEventMethod,
|
||||
)
|
||||
from api_events.events.application.authentication import (
|
||||
AuthenticationLoginEventMethod,
|
||||
AuthenticationSelectEventMethod,
|
||||
AuthenticationCheckTokenEventMethod,
|
||||
AuthenticationRefreshEventMethod,
|
||||
AuthenticationChangePasswordEventMethod,
|
||||
AuthenticationCreatePasswordEventMethod,
|
||||
AuthenticationResetPasswordEventMethod,
|
||||
AuthenticationDisconnectUserEventMethod,
|
||||
AuthenticationLogoutEventMethod,
|
||||
AuthenticationRefreshTokenEventMethod,
|
||||
AuthenticationForgotPasswordEventMethod,
|
||||
AuthenticationDownloadAvatarEventMethod,
|
||||
)
|
||||
from api_events.events.account.account_records import (
|
||||
AccountRecordsListEventMethod,
|
||||
AccountRecordsCreateEventMethod,
|
||||
@@ -184,18 +170,6 @@ __all__ = [
|
||||
"PeopleUpdateEventMethod",
|
||||
"PeoplePatchEventMethod",
|
||||
"PeopleCreateEventMethod",
|
||||
"AuthenticationLoginEventMethod",
|
||||
"AuthenticationSelectEventMethod",
|
||||
"AuthenticationCheckTokenEventMethod",
|
||||
"AuthenticationRefreshEventMethod",
|
||||
"AuthenticationChangePasswordEventMethod",
|
||||
"AuthenticationCreatePasswordEventMethod",
|
||||
"AuthenticationResetPasswordEventMethod",
|
||||
"AuthenticationDisconnectUserEventMethod",
|
||||
"AuthenticationLogoutEventMethod",
|
||||
"AuthenticationRefreshTokenEventMethod",
|
||||
"AuthenticationForgotPasswordEventMethod",
|
||||
"AuthenticationDownloadAvatarEventMethod",
|
||||
"AccountRecordsListEventMethod",
|
||||
"AccountRecordsCreateEventMethod",
|
||||
"AccountRecordsUpdateEventMethod",
|
||||
|
||||
@@ -64,7 +64,7 @@ class AccountRecordsListEventMethods(MethodToEvent):
|
||||
token_dict: typing.Union[EmployeeTokenObject, OccupantTokenObject],
|
||||
):
|
||||
if not isinstance(token_dict, OccupantTokenObject):
|
||||
raise AccountRecords().raise_http_exception(
|
||||
raise AccountRecords.raise_http_exception(
|
||||
status_code="HTTP_404_NOT_FOUND",
|
||||
error_case="UNAUTHORIZED",
|
||||
message="Only Occupant can see this data",
|
||||
@@ -76,7 +76,7 @@ class AccountRecordsListEventMethods(MethodToEvent):
|
||||
id=token_dict.selected_occupant.living_space_id
|
||||
).data
|
||||
if not living_space:
|
||||
raise AccountRecords().raise_http_exception(
|
||||
raise AccountRecords.raise_http_exception(
|
||||
status_code="HTTP_404_NOT_FOUND",
|
||||
error_case="UNAUTHORIZED",
|
||||
message="Living space not found",
|
||||
@@ -214,7 +214,7 @@ class AccountRecordsCreateEventMethods(MethodToEvent):
|
||||
BuildIbans.build_id == token_dict.selected_occupant.build_id,
|
||||
).data
|
||||
if not build_iban:
|
||||
BuildIbans.raise_http_exception(
|
||||
raise BuildIbans.raise_http_exception(
|
||||
status_code="HTTP_404_NOT_FOUND",
|
||||
error_case="UNAUTHORIZED",
|
||||
message=f"{data.iban} is not found in company related to your organization",
|
||||
|
||||
@@ -1,5 +0,0 @@
|
||||
from api_events.events.abstract_class import MethodToEvent, ActionsSchema
|
||||
from api_objects.auth.token_objects import EmployeeTokenObject, OccupantTokenObject
|
||||
|
||||
|
||||
class DecisionBookEvents(MethodToEvent): ...
|
||||
@@ -1,5 +0,0 @@
|
||||
from api_events.events.abstract_class import MethodToEvent, ActionsSchema
|
||||
from api_objects.auth.token_objects import EmployeeTokenObject, OccupantTokenObject
|
||||
|
||||
|
||||
class ApplicationEvents(MethodToEvent): ...
|
||||
@@ -1,750 +0,0 @@
|
||||
import json
|
||||
from typing import Union
|
||||
from fastapi import status
|
||||
from fastapi.requests import Request
|
||||
from fastapi.exceptions import HTTPException
|
||||
|
||||
from api_objects import OccupantTokenObject, EmployeeTokenObject
|
||||
from api_objects.auth.token_objects import CompanyToken, OccupantToken
|
||||
from api_services.templates.password_templates import (
|
||||
password_is_changed_template,
|
||||
change_your_password_template,
|
||||
)
|
||||
from api_services.token_service import TokenService
|
||||
from api_services.redis.functions import RedisActions
|
||||
from api_library.response_handlers import ResponseHandler
|
||||
from api_library.date_time_actions.date_functions import system_arrow
|
||||
|
||||
# from api_library.user_logger import UserLogger
|
||||
|
||||
from api_validations.validations_request import (
|
||||
Login,
|
||||
Logout,
|
||||
ChangePassword,
|
||||
EmployeeSelection,
|
||||
OccupantSelection,
|
||||
CreatePassword,
|
||||
Forgot,
|
||||
# ResetPassword,
|
||||
# RefreshToken,
|
||||
)
|
||||
from api_validations.validations_response import (
|
||||
AuthenticationLoginResponse,
|
||||
AuthenticationRefreshResponse,
|
||||
AuthenticationUserInfoResponse,
|
||||
)
|
||||
from ApiServices.api_handlers.auth_actions.auth import AuthActions
|
||||
from api_configs import Auth, ApiStatic
|
||||
from api_events.events.abstract_class import MethodToEvent, ActionsSchema
|
||||
|
||||
from databases import (
|
||||
Companies,
|
||||
Staff,
|
||||
Duties,
|
||||
Departments,
|
||||
Employees,
|
||||
BuildLivingSpace,
|
||||
BuildParts,
|
||||
Build,
|
||||
Duty,
|
||||
Event2Occupant,
|
||||
Event2Employee,
|
||||
Users,
|
||||
UsersTokens,
|
||||
OccupantTypes,
|
||||
RelationshipEmployee2Build,
|
||||
)
|
||||
|
||||
from api_services import (
|
||||
send_email,
|
||||
)
|
||||
|
||||
|
||||
class AuthenticationLoginEventMethods(MethodToEvent):
|
||||
event_type = "LOGIN"
|
||||
event_description = "Login via domain and access key : [email] | [phone]"
|
||||
event_category = "AUTHENTICATION"
|
||||
|
||||
__event_keys__ = {
|
||||
"e672846d-cc45-4d97-85d5-6f96747fac67": "authentication_login_with_domain_and_creds",
|
||||
}
|
||||
__event_validation__ = {
|
||||
"e672846d-cc45-4d97-85d5-6f96747fac67": AuthenticationLoginResponse,
|
||||
}
|
||||
|
||||
@classmethod
|
||||
def authentication_login_with_domain_and_creds(cls, data: Login, request: Request):
|
||||
try:
|
||||
access_dict = Users.login_user_with_credentials(data=data, request=request)
|
||||
found_user = access_dict.get("user")
|
||||
if not found_user:
|
||||
# UserLogger.log_login_attempt(
|
||||
# request,
|
||||
# None,
|
||||
# data.domain,
|
||||
# data.access_key,
|
||||
# success=False,
|
||||
# error="Invalid credentials",
|
||||
# )
|
||||
return ResponseHandler.unauthorized("Invalid credentials")
|
||||
|
||||
# UserLogger.log_login_attempt(
|
||||
# request, found_user.id, data.domain, data.access_key, success=True
|
||||
# )
|
||||
response_data = {
|
||||
"access_token": access_dict.get("access_token"),
|
||||
"refresh_token": access_dict.get("refresher_token"),
|
||||
"access_object": access_dict.get("access_object"),
|
||||
"user": found_user.get_dict(),
|
||||
}
|
||||
return ResponseHandler.success(
|
||||
message="User logged in successfully",
|
||||
data=response_data,
|
||||
)
|
||||
except Exception as e:
|
||||
# UserLogger.log_login_attempt(
|
||||
# request, None, data.domain, data.access_key, success=False, error=str(e)
|
||||
# )
|
||||
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=str(e))
|
||||
|
||||
|
||||
class AuthenticationSelectEventMethods(MethodToEvent):
|
||||
event_type = "LOGIN"
|
||||
event_description = "Select Employee Duty or Occupant Type"
|
||||
event_category = "AUTHENTICATION"
|
||||
|
||||
__event_keys__ = {
|
||||
"cee96b9b-8487-4e9f-aaed-2e8c79687bf9": "authentication_select_company_or_occupant_type",
|
||||
}
|
||||
__event_validation__ = {
|
||||
"cee96b9b-8487-4e9f-aaed-2e8c79687bf9": "authentication_select_company_or_occupant_type",
|
||||
}
|
||||
|
||||
@classmethod
|
||||
def _handle_employee_selection(
|
||||
cls, data: EmployeeSelection, token_dict: EmployeeTokenObject, request: Request
|
||||
):
|
||||
"""Handle employee company selection"""
|
||||
if data.company_uu_id not in token_dict.companies_uu_id_list:
|
||||
return ResponseHandler.unauthorized(
|
||||
"Company not found in user's company list"
|
||||
)
|
||||
|
||||
selected_company = Companies.filter_one(
|
||||
Companies.uu_id == data.company_uu_id
|
||||
).data
|
||||
if not selected_company:
|
||||
return ResponseHandler.not_found("Company not found")
|
||||
|
||||
# Get department IDs for the company
|
||||
department_ids = [
|
||||
dept.id
|
||||
for dept in Departments.filter_all(
|
||||
Departments.company_id == selected_company.id
|
||||
).data
|
||||
]
|
||||
|
||||
# Get duties IDs for the company
|
||||
duties_ids = [
|
||||
duty.id
|
||||
for duty in Duties.filter_all(Duties.company_id == selected_company.id).data
|
||||
]
|
||||
|
||||
# Get staff IDs
|
||||
staff_ids = [
|
||||
staff.id for staff in Staff.filter_all(Staff.duties_id.in_(duties_ids)).data
|
||||
]
|
||||
|
||||
# Get employee
|
||||
employee = Employees.filter_one(
|
||||
Employees.people_id == token_dict.person_id,
|
||||
Employees.staff_id.in_(staff_ids),
|
||||
).data
|
||||
|
||||
if not employee:
|
||||
return ResponseHandler.not_found("Employee not found")
|
||||
|
||||
# Get reachable events
|
||||
reachable_event_list_id = Event2Employee.get_event_id_by_employee_id(
|
||||
employee_id=employee.id
|
||||
)
|
||||
|
||||
# Get staff and duties
|
||||
staff = Staff.filter_one(Staff.id == employee.staff_id).data
|
||||
duties = Duties.filter_one(Duties.id == staff.duties_id).data
|
||||
department = Departments.filter_one(Departments.id == duties.department_id).data
|
||||
|
||||
# Get bulk duty
|
||||
bulk_id = Duty.filter_by_one(system=True, duty_code="BULK").data
|
||||
bulk_duty_id = Duties.filter_by_one(
|
||||
company_id=selected_company.id,
|
||||
duties_id=bulk_id.id,
|
||||
**Duties.valid_record_dict,
|
||||
).data
|
||||
|
||||
# Create company token
|
||||
company_token = CompanyToken(
|
||||
company_uu_id=selected_company.uu_id.__str__(),
|
||||
company_id=selected_company.id,
|
||||
department_id=department.id,
|
||||
department_uu_id=department.uu_id.__str__(),
|
||||
duty_id=duties.id,
|
||||
duty_uu_id=duties.uu_id.__str__(),
|
||||
bulk_duties_id=bulk_duty_id.id,
|
||||
staff_id=staff.id,
|
||||
staff_uu_id=staff.uu_id.__str__(),
|
||||
employee_id=employee.id,
|
||||
employee_uu_id=employee.uu_id.__str__(),
|
||||
reachable_event_list_id=reachable_event_list_id,
|
||||
)
|
||||
|
||||
# Update Redis
|
||||
AuthActions.update_selected_to_redis(request=request, add_payload=company_token)
|
||||
return ResponseHandler.success("Company selected successfully")
|
||||
|
||||
@classmethod
|
||||
def _handle_occupant_selection(
|
||||
cls, data: OccupantSelection, token_dict: OccupantTokenObject, request: Request
|
||||
):
|
||||
"""Handle occupant type selection"""
|
||||
# Get occupant type
|
||||
occupant_type = OccupantTypes.filter_by_one(
|
||||
system=True, uu_id=data.occupant_uu_id
|
||||
).data
|
||||
if not occupant_type:
|
||||
return ResponseHandler.not_found("Occupant Type not found")
|
||||
|
||||
# Get build part
|
||||
build_part = BuildParts.filter_by_one(
|
||||
system=True, uu_id=data.build_part_uu_id
|
||||
).data
|
||||
if not build_part:
|
||||
return ResponseHandler.not_found("Build Part not found")
|
||||
|
||||
# Get build and company info
|
||||
build = Build.filter_one(Build.id == build_part.build_id).data
|
||||
related_company = RelationshipEmployee2Build.filter_one(
|
||||
RelationshipEmployee2Build.member_id == build.id
|
||||
).data
|
||||
company_related = Companies.filter_one(
|
||||
Companies.id == related_company.company_id
|
||||
).data
|
||||
responsible_employee = Employees.filter_one(
|
||||
Employees.id == related_company.employee_id
|
||||
).data
|
||||
|
||||
# Get selected occupant type
|
||||
selected_occupant_type = BuildLivingSpace.filter_one(
|
||||
BuildLivingSpace.occupant_type == occupant_type.id,
|
||||
BuildLivingSpace.person_id == token_dict.person_id,
|
||||
BuildLivingSpace.build_parts_id == build_part.id,
|
||||
).data
|
||||
if not selected_occupant_type:
|
||||
return ResponseHandler.not_found("Selected occupant type not found")
|
||||
|
||||
# Get reachable events
|
||||
reachable_event_list_id = Event2Occupant.get_event_id_by_build_living_space_id(
|
||||
build_living_space_id=selected_occupant_type.id
|
||||
)
|
||||
|
||||
# Create occupant token
|
||||
occupant_token = OccupantToken(
|
||||
living_space_id=selected_occupant_type.id,
|
||||
living_space_uu_id=selected_occupant_type.uu_id.__str__(),
|
||||
occupant_type_id=occupant_type.id,
|
||||
occupant_type_uu_id=occupant_type.uu_id.__str__(),
|
||||
occupant_type=occupant_type.occupant_type,
|
||||
build_id=build.id,
|
||||
build_uuid=build.uu_id.__str__(),
|
||||
build_part_id=build_part.id,
|
||||
build_part_uuid=build_part.uu_id.__str__(),
|
||||
responsible_employee_id=responsible_employee.id,
|
||||
responsible_employee_uuid=responsible_employee.uu_id.__str__(),
|
||||
responsible_company_id=company_related.id,
|
||||
responsible_company_uuid=company_related.uu_id.__str__(),
|
||||
reachable_event_list_id=reachable_event_list_id,
|
||||
)
|
||||
|
||||
# Update Redis
|
||||
AuthActions.update_selected_to_redis(
|
||||
request=request, add_payload=occupant_token
|
||||
)
|
||||
return ResponseHandler.success("Occupant selected successfully")
|
||||
|
||||
@classmethod
|
||||
def authentication_select_company_or_occupant_type(
|
||||
cls,
|
||||
request: Request,
|
||||
data: Union[EmployeeSelection, OccupantSelection],
|
||||
token_dict: Union[EmployeeTokenObject, OccupantTokenObject],
|
||||
):
|
||||
"""Handle selection of company or occupant type"""
|
||||
try:
|
||||
if isinstance(token_dict, EmployeeTokenObject):
|
||||
return cls._handle_employee_selection(data, token_dict, request)
|
||||
elif isinstance(token_dict, OccupantTokenObject):
|
||||
return cls._handle_occupant_selection(data, token_dict, request)
|
||||
return ResponseHandler.error(
|
||||
"Invalid token type", status_code=status.HTTP_400_BAD_REQUEST
|
||||
)
|
||||
except Exception as e:
|
||||
return ResponseHandler.error(
|
||||
str(e), status_code=status.HTTP_500_INTERNAL_SERVER_ERROR
|
||||
)
|
||||
|
||||
|
||||
class AuthenticationCheckTokenEventMethods(MethodToEvent):
|
||||
event_type = "LOGIN"
|
||||
event_description = "Check Token is valid for user"
|
||||
event_category = "AUTHENTICATION"
|
||||
|
||||
__event_keys__ = {
|
||||
"73d77e45-a33f-4f12-909e-3b56f00d8a12": "authentication_check_token_is_valid",
|
||||
}
|
||||
__event_validation__ = {
|
||||
"73d77e45-a33f-4f12-909e-3b56f00d8a12": "authentication_check_token_is_valid",
|
||||
}
|
||||
|
||||
@classmethod
|
||||
def authentication_check_token_is_valid(cls, request: Request):
|
||||
try:
|
||||
if RedisActions.get_object_via_access_key(request=request):
|
||||
return ResponseHandler.success("Access Token is valid")
|
||||
except HTTPException:
|
||||
return ResponseHandler.unauthorized("Access Token is NOT valid")
|
||||
|
||||
|
||||
class AuthenticationRefreshEventMethods(MethodToEvent):
|
||||
event_type = "LOGIN"
|
||||
event_description = "Refresh user info using access token"
|
||||
event_category = "AUTHENTICATION"
|
||||
|
||||
__event_keys__ = {
|
||||
"48379bb2-ba81-4d8e-a9dd-58837cfcbf67": "authentication_refresh_user_info",
|
||||
}
|
||||
__event_validation__ = {
|
||||
"48379bb2-ba81-4d8e-a9dd-58837cfcbf67": AuthenticationRefreshResponse,
|
||||
}
|
||||
|
||||
@classmethod
|
||||
def authentication_refresh_user_info(
|
||||
cls,
|
||||
request: Request,
|
||||
token_dict: Union[EmployeeTokenObject, OccupantTokenObject],
|
||||
):
|
||||
try:
|
||||
access_token = request.headers.get(Auth.ACCESS_TOKEN_TAG)
|
||||
if not access_token:
|
||||
return ResponseHandler.unauthorized()
|
||||
|
||||
# Get user and token info
|
||||
found_user = Users.filter_one(Users.uu_id == token_dict.user_uu_id).data
|
||||
if not found_user:
|
||||
return ResponseHandler.not_found("User not found")
|
||||
user_token = UsersTokens.filter_one(
|
||||
UsersTokens.domain == found_user.domain_name,
|
||||
UsersTokens.user_id == found_user.id,
|
||||
UsersTokens.token_type == "RememberMe",
|
||||
).data
|
||||
response_data = {
|
||||
"access_token": access_token,
|
||||
"refresh_token": getattr(user_token, "token", None),
|
||||
"user": found_user.get_dict(),
|
||||
}
|
||||
return ResponseHandler.success(
|
||||
"User info refreshed successfully",
|
||||
data=response_data,
|
||||
)
|
||||
except Exception as e:
|
||||
return ResponseHandler.error(str(e))
|
||||
|
||||
|
||||
class AuthenticationChangePasswordEventMethods(MethodToEvent):
|
||||
event_type = "LOGIN"
|
||||
event_description = "Change password with access token"
|
||||
event_category = "AUTHENTICATION"
|
||||
|
||||
__event_keys__ = {
|
||||
"f09f7c1a-bee6-4e32-8444-962ec8f39091": "authentication_change_password",
|
||||
}
|
||||
__event_validation__ = {
|
||||
"f09f7c1a-bee6-4e32-8444-962ec8f39091": "authentication_change_password",
|
||||
}
|
||||
|
||||
@classmethod
|
||||
def authentication_change_password(
|
||||
cls,
|
||||
request: Request,
|
||||
data: ChangePassword,
|
||||
token_dict: Union[EmployeeTokenObject, OccupantTokenObject],
|
||||
):
|
||||
try:
|
||||
if not isinstance(token_dict, EmployeeTokenObject):
|
||||
return ResponseHandler.unauthorized(
|
||||
"Only employees can change password"
|
||||
)
|
||||
|
||||
found_user = Users.filter_one(Users.uu_id == token_dict.user_uu_id).data
|
||||
if not found_user:
|
||||
return ResponseHandler.not_found("User not found")
|
||||
|
||||
if not found_user.check_password(data.old_password):
|
||||
# UserLogger.log_password_change(
|
||||
# request,
|
||||
# found_user.id,
|
||||
# "change",
|
||||
# success=False,
|
||||
# error="Invalid old password",
|
||||
# )
|
||||
return ResponseHandler.unauthorized("Old password is incorrect")
|
||||
|
||||
found_user.set_password(data.new_password)
|
||||
# UserLogger.log_password_change(
|
||||
# request, found_user.id, "change", success=True
|
||||
# )
|
||||
|
||||
return ResponseHandler.success("Password changed successfully")
|
||||
except Exception as e:
|
||||
# UserLogger.log_password_change(
|
||||
# request,
|
||||
# found_user.id if found_user else None,
|
||||
# "change",
|
||||
# success=False,
|
||||
# error=str(e),
|
||||
# )
|
||||
return ResponseHandler.error(str(e))
|
||||
|
||||
|
||||
class AuthenticationCreatePasswordEventMethods(MethodToEvent):
|
||||
|
||||
event_type = "LOGIN"
|
||||
event_description = "Create password with password reset token requested via email"
|
||||
event_category = "AUTHENTICATION"
|
||||
|
||||
__event_keys__ = {
|
||||
"c519f9af-92e1-47b2-abf7-5a3316d075f7": "authentication_create_password",
|
||||
}
|
||||
__event_validation__ = {
|
||||
"c519f9af-92e1-47b2-abf7-5a3316d075f7": "authentication_create_password",
|
||||
}
|
||||
|
||||
@classmethod
|
||||
def authentication_create_password(cls, data: CreatePassword):
|
||||
|
||||
if not data.re_password == data.password:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_406_NOT_ACCEPTABLE, detail="Password must match"
|
||||
)
|
||||
if found_user := Users.filter_one(
|
||||
Users.password_token == data.password_token
|
||||
).data:
|
||||
found_user.create_password(found_user=found_user, password=data.password)
|
||||
found_user.password_token = ""
|
||||
found_user.save()
|
||||
send_email_completed = send_email(
|
||||
subject=f"Dear {found_user.user_tag}, your password has been changed.",
|
||||
receivers=[str(found_user.email)],
|
||||
html=password_is_changed_template(user_name=found_user.user_tag),
|
||||
)
|
||||
if not send_email_completed:
|
||||
raise HTTPException(
|
||||
status_code=400, detail="Email can not be sent. Try again later"
|
||||
)
|
||||
return ResponseHandler.success(
|
||||
"Password is created successfully",
|
||||
data=found_user.get_dict(),
|
||||
)
|
||||
return ResponseHandler.not_found("Record not found")
|
||||
|
||||
|
||||
class AuthenticationDisconnectUserEventMethods(MethodToEvent):
|
||||
|
||||
event_type = "LOGIN"
|
||||
event_description = "Disconnect all sessions of user in access token"
|
||||
event_category = "AUTHENTICATION"
|
||||
|
||||
__event_keys__ = {
|
||||
"8b586848-2fb3-4161-abbe-642157eec7ce": "authentication_disconnect_user",
|
||||
}
|
||||
__event_validation__ = {
|
||||
"8b586848-2fb3-4161-abbe-642157eec7ce": "authentication_disconnect_user",
|
||||
}
|
||||
|
||||
@classmethod
|
||||
def authentication_disconnect_user(
|
||||
cls, data: Logout, token_dict: Union[EmployeeTokenObject, OccupantTokenObject]
|
||||
):
|
||||
found_user = Users.filter_one(Users.uu_id == token_dict.user_uu_id).data
|
||||
if not found_user:
|
||||
return ResponseHandler.not_found("User not found")
|
||||
if already_tokens := RedisActions.get_object_via_user_uu_id(
|
||||
user_id=str(found_user.uu_id)
|
||||
):
|
||||
for key, token_user in already_tokens.items():
|
||||
RedisActions.delete(key)
|
||||
selected_user = Users.filter_one(
|
||||
Users.uu_id == token_user.get("uu_id"),
|
||||
).data
|
||||
selected_user.remove_refresher_token(
|
||||
domain=data.domain, disconnect=True
|
||||
)
|
||||
return ResponseHandler.success(
|
||||
"All sessions are disconnected",
|
||||
data=selected_user.get_dict(),
|
||||
)
|
||||
return ResponseHandler.not_found("Invalid data")
|
||||
|
||||
|
||||
class AuthenticationLogoutEventMethods(MethodToEvent):
|
||||
|
||||
event_type = "LOGIN"
|
||||
event_description = "Logout only single session of user which domain is provided"
|
||||
event_category = "AUTHENTICATION"
|
||||
|
||||
__event_keys__ = {
|
||||
"5cc22e4e-a0f7-4077-be41-1871feb3dfd1": "authentication_logout_user",
|
||||
}
|
||||
__event_validation__ = {
|
||||
"5cc22e4e-a0f7-4077-be41-1871feb3dfd1": "authentication_logout_user",
|
||||
}
|
||||
|
||||
@classmethod
|
||||
def authentication_logout_user(
|
||||
cls, request: Request, data: Logout, token_dict: dict = None
|
||||
):
|
||||
token_user = None
|
||||
if already_tokens := RedisActions.get_object_via_access_key(request=request):
|
||||
for key in already_tokens:
|
||||
token_user = RedisActions.get_json(key)
|
||||
if token_user.get("domain") == data.domain:
|
||||
RedisActions.delete(key)
|
||||
selected_user = Users.filter_one(
|
||||
Users.uu_id == token_user.get("uu_id"),
|
||||
).data
|
||||
selected_user.remove_refresher_token(domain=data.domain)
|
||||
|
||||
return ResponseHandler.success(
|
||||
"Session is logged out",
|
||||
data=token_user,
|
||||
)
|
||||
return ResponseHandler.not_found("Logout is not successfully completed")
|
||||
|
||||
|
||||
class AuthenticationRefreshTokenEventMethods(MethodToEvent):
|
||||
|
||||
event_type = "LOGIN"
|
||||
event_description = "Refresh access token with refresher token"
|
||||
event_category = "AUTHENTICATION"
|
||||
|
||||
__event_keys__ = {
|
||||
"c90f3334-10c9-4181-b5ff-90d98a0287b2": "authentication_refresher_token",
|
||||
}
|
||||
__event_validation__ = {
|
||||
"c90f3334-10c9-4181-b5ff-90d98a0287b2": AuthenticationRefreshResponse,
|
||||
}
|
||||
|
||||
@classmethod
|
||||
def authentication_refresher_token(
|
||||
# cls, request: Request, data: RefreshToken, token_dict: dict = None
|
||||
cls,
|
||||
request: Request,
|
||||
data,
|
||||
token_dict: dict = None,
|
||||
):
|
||||
token_refresher = UsersTokens.filter_by_one(
|
||||
token=data.refresh_token,
|
||||
domain=data.domain,
|
||||
**UsersTokens.valid_record_dict,
|
||||
).data
|
||||
if not token_refresher:
|
||||
return ResponseHandler.not_found("Invalid data")
|
||||
if found_user := Users.filter_one(
|
||||
Users.id == token_refresher.user_id,
|
||||
).data:
|
||||
found_user: Users = found_user
|
||||
access_key = AuthActions.save_access_token_to_redis(
|
||||
request=request, found_user=found_user, domain=data.domain
|
||||
)
|
||||
found_user.last_agent = request.headers.get("User-Agent", None)
|
||||
found_user.last_platform = request.headers.get("Origin", None)
|
||||
found_user.last_remote_addr = getattr(
|
||||
request, "remote_addr", None
|
||||
) or request.headers.get("X-Forwarded-For", None)
|
||||
found_user.last_seen = str(system_arrow.now())
|
||||
response_data = {
|
||||
"access_token": access_key,
|
||||
"refresh_token": data.refresh_token,
|
||||
}
|
||||
return ResponseHandler.success(
|
||||
"User is logged in successfully via refresher token",
|
||||
data=response_data,
|
||||
)
|
||||
return ResponseHandler.not_found("Invalid data")
|
||||
|
||||
|
||||
class AuthenticationForgotPasswordEventMethods(MethodToEvent):
|
||||
|
||||
event_type = "LOGIN"
|
||||
event_description = "Send an email to user for a valid password reset token"
|
||||
event_category = "AUTHENTICATION"
|
||||
|
||||
__event_keys__ = {
|
||||
"e3ca6e24-b9f8-4127-949c-3bfa364e3513": "authentication_forgot_password",
|
||||
}
|
||||
__event_validation__ = {
|
||||
"e3ca6e24-b9f8-4127-949c-3bfa364e3513": "authentication_forgot_password",
|
||||
}
|
||||
|
||||
@classmethod
|
||||
def authentication_forgot_password(
|
||||
cls,
|
||||
request: Request,
|
||||
data: Forgot,
|
||||
):
|
||||
found_user: Users = Users.check_user_exits(
|
||||
access_key=data.access_key, domain=data.domain
|
||||
)
|
||||
forgot_key = AuthActions.save_access_token_to_redis(
|
||||
request=request, found_user=found_user, domain=data.domain
|
||||
)
|
||||
forgot_link = ApiStatic.forgot_link(forgot_key=forgot_key)
|
||||
send_email_completed = send_email(
|
||||
subject=f"Dear {found_user.user_tag}, your forgot password link has been sent.",
|
||||
receivers=[str(found_user.email)],
|
||||
html=change_your_password_template(
|
||||
user_name=found_user.user_tag, forgot_link=forgot_link
|
||||
),
|
||||
)
|
||||
if not send_email_completed:
|
||||
raise HTTPException(
|
||||
status_code=400, detail="Email can not be sent. Try again later"
|
||||
)
|
||||
found_user.password_token = forgot_key
|
||||
found_user.password_token_is_valid = str(system_arrow.shift(days=1))
|
||||
found_user.save()
|
||||
|
||||
return ResponseHandler.success(
|
||||
"Password is change link is sent to your email or phone",
|
||||
data={},
|
||||
)
|
||||
|
||||
|
||||
class AuthenticationResetPasswordEventMethods(MethodToEvent):
|
||||
|
||||
event_type = "UPDATE"
|
||||
__event_keys__ = {
|
||||
"af9e121e-24bb-44ac-a616-471d5754360e": "authentication_reset_password",
|
||||
}
|
||||
|
||||
@classmethod
|
||||
def authentication_reset_password(cls, data: Forgot):
|
||||
from sqlalchemy import or_
|
||||
|
||||
found_user = Users.query.filter(
|
||||
or_(
|
||||
Users.email == str(data.access_key).lower(),
|
||||
Users.phone_number == str(data.access_key).replace(" ", ""),
|
||||
),
|
||||
).first()
|
||||
if not found_user:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
detail="Given access key or domain is not matching with the any user record.",
|
||||
)
|
||||
|
||||
reset_password_token = found_user.reset_password_token(found_user=found_user)
|
||||
send_email_completed = send_email(
|
||||
subject=f"Dear {found_user.user_tag}, a password reset request has been received.",
|
||||
receivers=[str(found_user.email)],
|
||||
html=change_your_password_template(
|
||||
user_name=found_user.user_tag,
|
||||
forgot_link=ApiStatic.forgot_link(forgot_key=reset_password_token),
|
||||
),
|
||||
)
|
||||
if not send_email_completed:
|
||||
raise found_user.raise_http_exception(
|
||||
status_code=400, message="Email can not be sent. Try again later"
|
||||
)
|
||||
return ResponseHandler.success(
|
||||
"Password change link is sent to your email or phone",
|
||||
data=found_user.get_dict(),
|
||||
)
|
||||
|
||||
|
||||
class AuthenticationDownloadAvatarEventMethods(MethodToEvent):
|
||||
|
||||
event_type = "LOGIN"
|
||||
event_description = "Download avatar icon and profile info of user"
|
||||
event_category = "AUTHENTICATION"
|
||||
|
||||
__event_keys__ = {
|
||||
"c140cd5f-307f-4046-a93e-3ade032a57a7": "authentication_download_avatar",
|
||||
}
|
||||
__event_validation__ = {
|
||||
"c140cd5f-307f-4046-a93e-3ade032a57a7": AuthenticationUserInfoResponse,
|
||||
}
|
||||
|
||||
@classmethod
|
||||
def authentication_download_avatar(
|
||||
cls, token_dict: Union[EmployeeTokenObject, OccupantTokenObject]
|
||||
):
|
||||
if found_user := Users.filter_one(Users.id == token_dict.user_id).data:
|
||||
expired_starts = str(
|
||||
system_arrow.now() - system_arrow.get(str(found_user.expiry_ends))
|
||||
)
|
||||
expired_int = (
|
||||
system_arrow.now() - system_arrow.get(str(found_user.expiry_ends))
|
||||
).days
|
||||
|
||||
user_info = {
|
||||
"lang": token_dict.lang,
|
||||
"full_name": found_user.person.full_name,
|
||||
"avatar": found_user.avatar,
|
||||
"remember_me": found_user.remember_me,
|
||||
"expiry_ends": str(found_user.expiry_ends),
|
||||
"expired_str": expired_starts,
|
||||
"expired_int": int(expired_int),
|
||||
}
|
||||
return ResponseHandler.success(
|
||||
"Avatar and profile is shared via user credentials",
|
||||
data=user_info,
|
||||
)
|
||||
return ResponseHandler.not_found("Invalid data")
|
||||
|
||||
|
||||
AuthenticationLoginEventMethod = AuthenticationLoginEventMethods(
|
||||
action=ActionsSchema(endpoint="/authentication/login")
|
||||
)
|
||||
AuthenticationSelectEventMethod = AuthenticationSelectEventMethods(
|
||||
action=ActionsSchema(endpoint="/authentication/select")
|
||||
)
|
||||
AuthenticationCheckTokenEventMethod = AuthenticationCheckTokenEventMethods(
|
||||
action=ActionsSchema(endpoint="/authentication/valid")
|
||||
)
|
||||
AuthenticationRefreshEventMethod = AuthenticationRefreshEventMethods(
|
||||
action=ActionsSchema(endpoint="/authentication/refresh")
|
||||
)
|
||||
AuthenticationChangePasswordEventMethod = AuthenticationChangePasswordEventMethods(
|
||||
action=ActionsSchema(endpoint="/authentication/change_password")
|
||||
)
|
||||
AuthenticationCreatePasswordEventMethod = AuthenticationCreatePasswordEventMethods(
|
||||
action=ActionsSchema(endpoint="/authentication/create_password")
|
||||
)
|
||||
AuthenticationDisconnectUserEventMethod = AuthenticationDisconnectUserEventMethods(
|
||||
action=ActionsSchema(endpoint="/authentication/disconnect")
|
||||
)
|
||||
AuthenticationLogoutEventMethod = AuthenticationLogoutEventMethods(
|
||||
action=ActionsSchema(endpoint="/authentication/logout")
|
||||
)
|
||||
AuthenticationRefreshTokenEventMethod = AuthenticationRefreshTokenEventMethods(
|
||||
action=ActionsSchema(endpoint="/authentication/refresher")
|
||||
)
|
||||
AuthenticationForgotPasswordEventMethod = AuthenticationForgotPasswordEventMethods(
|
||||
action=ActionsSchema(endpoint="/authentication/forgot")
|
||||
)
|
||||
AuthenticationDownloadAvatarEventMethod = AuthenticationDownloadAvatarEventMethods(
|
||||
action=ActionsSchema(endpoint="/authentication/avatar")
|
||||
)
|
||||
AuthenticationResetPasswordEventMethod = AuthenticationResetPasswordEventMethods(
|
||||
action=ActionsSchema(endpoint="/authentication/reset_password")
|
||||
)
|
||||
@@ -1,5 +0,0 @@
|
||||
from api_events.events.abstract_class import MethodToEvent, ActionsSchema
|
||||
from api_objects.auth.token_objects import EmployeeTokenObject, OccupantTokenObject
|
||||
|
||||
|
||||
class RulesEvents(MethodToEvent): ...
|
||||
@@ -80,7 +80,7 @@ class BuildAreaCreateEventMethods(MethodToEvent):
|
||||
selected_build = None
|
||||
if isinstance(token_dict, OccupantTokenObject):
|
||||
if not token_dict.selected_occupant.build_uuid == data.build_uu_id:
|
||||
BuildArea.raise_http_exception(
|
||||
raise BuildArea.raise_http_exception(
|
||||
status_code="HTTP_403_FORBIDDEN",
|
||||
error_case="UNAUTHORIZED",
|
||||
message=f"Occupant can not create build area for {data.build_uu_id}",
|
||||
@@ -96,7 +96,7 @@ class BuildAreaCreateEventMethods(MethodToEvent):
|
||||
employee_id=token_dict.selected_company.employee_id
|
||||
).all()
|
||||
if not str(data.build_uu_id) in [str(build.uu_id) for build in build_ids]:
|
||||
BuildArea.raise_http_exception(
|
||||
raise BuildArea.raise_http_exception(
|
||||
status_code="HTTP_403_FORBIDDEN",
|
||||
error_case="UNAUTHORIZED",
|
||||
message=f"Employee can not create build area for {data.build_uu_id}",
|
||||
|
||||
@@ -47,7 +47,7 @@ class BuildSitesListEventMethods(MethodToEvent):
|
||||
)
|
||||
employees_build_list = [build.address_id for build in employees_build.all()]
|
||||
if not employees_build_list:
|
||||
BuildSites.raise_http_exception(
|
||||
raise BuildSites.raise_http_exception(
|
||||
status_code="HTTP_404_NOT_FOUND",
|
||||
error_case="NOT_FOUND",
|
||||
message="Employee has no build sites registered",
|
||||
@@ -86,7 +86,7 @@ class BuildSitesCreateEventMethods(MethodToEvent):
|
||||
):
|
||||
if isinstance(token_dict, OccupantTokenObject):
|
||||
if not token_dict.selected_occupant.build_uuid == data.build_uu_id:
|
||||
BuildSites.raise_http_exception(
|
||||
raise BuildSites.raise_http_exception(
|
||||
status_code="HTTP_403_FORBIDDEN",
|
||||
error_case="UNAUTHORIZED",
|
||||
message=f"Occupant can not create build sites for {data.build_uu_id}",
|
||||
@@ -99,7 +99,7 @@ class BuildSitesCreateEventMethods(MethodToEvent):
|
||||
employee_id=token_dict.selected_company.employee_id
|
||||
).all()
|
||||
if not str(data.build_uu_id) in [str(build.uu_id) for build in build_ids]:
|
||||
BuildSites.raise_http_exception(
|
||||
raise BuildSites.raise_http_exception(
|
||||
status_code="HTTP_403_FORBIDDEN",
|
||||
error_case="UNAUTHORIZED",
|
||||
message=f"Employee can not create build sites for {data.build_uu_id}",
|
||||
|
||||
@@ -47,7 +47,7 @@ class BuildingLivingSpacesListEventMethods(MethodToEvent):
|
||||
Build.id == token_dict.selected_occupant.build_id,
|
||||
).data
|
||||
if not occupants_build_id:
|
||||
Build.raise_http_exception(
|
||||
raise Build.raise_http_exception(
|
||||
status_code="HTTP_403_FORBIDDEN",
|
||||
error_case="UNAUTHORIZED",
|
||||
message=f"Occupant has no build registered in the system. Contact with your company.",
|
||||
@@ -57,7 +57,7 @@ class BuildingLivingSpacesListEventMethods(MethodToEvent):
|
||||
BuildParts.build_id.in_(occupants_build_id.id),
|
||||
).data
|
||||
if not occupants_build_parts:
|
||||
Build.raise_http_exception(
|
||||
raise Build.raise_http_exception(
|
||||
status_code="HTTP_403_FORBIDDEN",
|
||||
error_case="UNAUTHORIZED",
|
||||
message=f"Occupant has no build parts registered in the system. Contact with your company.",
|
||||
@@ -80,7 +80,7 @@ class BuildingLivingSpacesListEventMethods(MethodToEvent):
|
||||
employee_id=token_dict.selected_company.employee_id
|
||||
)
|
||||
if not build_id_list_query:
|
||||
Build.raise_http_exception(
|
||||
raise Build.raise_http_exception(
|
||||
status_code="HTTP_403_FORBIDDEN",
|
||||
error_case="UNAUTHORIZED",
|
||||
message=f"Employee has no build registered in the system. Contact with your supervisor.",
|
||||
@@ -92,7 +92,7 @@ class BuildingLivingSpacesListEventMethods(MethodToEvent):
|
||||
),
|
||||
).data
|
||||
if not build_part_id_list_query:
|
||||
Build.raise_http_exception(
|
||||
raise Build.raise_http_exception(
|
||||
status_code="HTTP_403_FORBIDDEN",
|
||||
error_case="UNAUTHORIZED",
|
||||
message=f"Employee has no build parts registered in the system. Contact with your supervisor.",
|
||||
@@ -142,7 +142,7 @@ class BuildingLivingSpacesCreateEventMethods(MethodToEvent):
|
||||
BuildParts.build_id.in_([build.id for build in build_id_list_query.all()]),
|
||||
).data
|
||||
if not build_part:
|
||||
BuildLivingSpace.raise_http_exception(
|
||||
raise BuildLivingSpace.raise_http_exception(
|
||||
status_code="HTTP_404_NOT_FOUND",
|
||||
error_case="UNAUTHORIZED",
|
||||
message=f"{data.build_parts_uu_id} - Build Part is not found in database. Check build part uu_id",
|
||||
@@ -154,7 +154,7 @@ class BuildingLivingSpacesCreateEventMethods(MethodToEvent):
|
||||
People.uu_id == data.person_uu_id,
|
||||
).data
|
||||
if not life_person:
|
||||
BuildLivingSpace.raise_http_exception(
|
||||
raise BuildLivingSpace.raise_http_exception(
|
||||
status_code="HTTP_404_NOT_FOUND",
|
||||
error_case="UNAUTHORIZED",
|
||||
message=f"{data.person_uu_id} - Living Person is not found in database.",
|
||||
@@ -164,7 +164,7 @@ class BuildingLivingSpacesCreateEventMethods(MethodToEvent):
|
||||
)
|
||||
occupant_type = OccupantTypes.filter_by_one(uu_id=data.occupant_type_uu_id).data
|
||||
if not occupant_type:
|
||||
BuildLivingSpace.raise_http_exception(
|
||||
raise BuildLivingSpace.raise_http_exception(
|
||||
status_code="HTTP_404_NOT_FOUND",
|
||||
error_case="UNAUTHORIZED",
|
||||
message=f"{data.occupant_type_uu_id} - Occupant Type is not found in database. Check occupant type uu_id",
|
||||
@@ -252,7 +252,7 @@ class BuildingLivingSpacesUpdateEventMethods(MethodToEvent):
|
||||
),
|
||||
).data
|
||||
if not build_part:
|
||||
BuildLivingSpace.raise_http_exception(
|
||||
raise BuildLivingSpace.raise_http_exception(
|
||||
status_code="HTTP_403_FORBIDDEN",
|
||||
error_case="UNAUTHORIZED",
|
||||
message=f"{data.life_person_uu_id} - Living Person is not found in database.",
|
||||
@@ -264,7 +264,7 @@ class BuildingLivingSpacesUpdateEventMethods(MethodToEvent):
|
||||
People.uu_id == data.life_person_uu_id or ""
|
||||
).data
|
||||
if not life_person:
|
||||
BuildLivingSpace.raise_http_exception(
|
||||
raise BuildLivingSpace.raise_http_exception(
|
||||
status_code="HTTP_403_FORBIDDEN",
|
||||
error_case="UNAUTHORIZED",
|
||||
message=f"{data.life_person_uu_id} - Living Person is not found in database.",
|
||||
@@ -290,7 +290,7 @@ class BuildingLivingSpacesUpdateEventMethods(MethodToEvent):
|
||||
if data_dict["is_tenant_live"]:
|
||||
owner_person = getattr(last_living_space, "owner_person_id", None)
|
||||
if not owner_person:
|
||||
BuildLivingSpace.raise_http_exception(
|
||||
raise BuildLivingSpace.raise_http_exception(
|
||||
status_code="HTTP_403_FORBIDDEN",
|
||||
error_case="UNAUTHORIZED",
|
||||
message="Owner person of build part is not defined. Please register owner of part first.",
|
||||
|
||||
Reference in New Issue
Block a user