Working on user log in and person object

2021-04-06 17:59:44 -04:00
parent 3aa3fd8ae7
commit a3403109ae
7 changed files with 165 additions and 17 deletions
--- a/app/routers/person.py
+++ b/app/routers/person.py
@@ -12,6 +12,7 @@ from app.db_sql import *
 from .api_crud import delete_obj_template, get_obj_template, get_obj_li_template, patch_obj_template, post_obj_template

 from ..models.person_model import Person_Base
+from ..models.person_methods import load_person_obj
 from ..models.response_model import *


@@ -94,20 +95,30 @@ async def get_person_obj_li(
 async def get_person_obj(
        obj_id: str = Query(..., min_length=1, max_length=22),
        x_account_id: str = Header(...),
+        inc_contact: bool = False,
+        inc_organization: bool = False,
        by_alias: Optional[bool] = True,
        exclude_unset: Optional[bool] = True,
        ):
    log.setLevel(logging.WARNING) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
    log.debug(locals())

-    obj_type = 'person'
-    result = get_obj_template(
-        obj_type=obj_type,
-        obj_id=obj_id,
-        by_alias=True,
-        exclude_unset=True,
-        )
-    return result
+    user_obj = load_person_obj(
+        person_id=obj_id,
+        inc_contact=inc_contact,
+        inc_organization=inc_organization,
+        ).dict(by_alias=by_alias, exclude_unset=exclude_unset)
+    data = user_obj
+    return mk_resp(data=user_obj)
+
+    # obj_type = 'person'
+    # result = get_obj_template(
+    #     obj_type=obj_type,
+    #     obj_id=obj_id,
+    #     by_alias=True,
+    #     exclude_unset=True,
+    #     )
+    # return result


@router.delete('/{obj_id}', response_model=Resp_Body_Base)
--- a/app/routers/user.py
+++ b/app/routers/user.py
@@ -84,6 +84,7 @@ async def change_user_obj_password(
        password: Optional[str] = Query(None, min_length=6, max_length=50),
        x_account_id: Optional[str] = Header(..., ),
        return_obj: bool = False,
+        inc_roles: bool = False,
        inc_contact: bool = False,
        inc_organization: bool = False,
        inc_person: bool = False,
@@ -150,6 +151,46 @@ async def patch_user_obj(
    return result


+# ### BEGIN ### API User Routers ### user_new_auth_key() ###
+# Generate a new one time use authorization key
+@router.get('/new_auth_key', response_model=Resp_Body_Base)
+async def user_new_auth_key(
+        user_id: Optional[str] = Query(None, min_length=2, max_length=50),
+        x_account_id: str = Header(...),
+        return_obj: Optional[bool] = False,
+        by_alias: bool = True,
+        exclude_unset: bool = True,
+        exclude_none: bool = True,
+        ):
+    log.setLevel(logging.DEBUG) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
+    log.debug(locals())
+
+    update_user_data = {}
+    update_user_data['id_random'] = user_id
+    update_user_data['auth_key'] = secrets.token_urlsafe(default_num_bytes)
+
+    if user_rec_update_result := sql_update(table_name='user', data=update_user_data):
+        log.info('The user record was updated with a new auth_key')
+
+        if return_obj:
+            user_obj = load_user_obj(
+                user_id=user_id,
+                inc_contact=False,
+                inc_organization=False,
+                inc_person=False
+                ).dict(by_alias=by_alias, exclude_unset=exclude_unset)
+            data = user_obj
+        else:
+            user_obj = {}
+            user_obj['auth_key'] = update_user_data['auth_key']
+        return mk_resp(data=user_obj)
+    else:
+        log.info('The user record was not updated with a new auth_key')
+        log.debug(user_rec_update_result)
+
+        return mk_resp(data=False, status_code=404)
+
+
 # ### BEGIN ### API User Routers ### user_authenticate() ###
 # Authenticate a username and password OR by authorization key
 # An authorization key can only be done once. It will be deleted if found.
@@ -161,6 +202,7 @@ async def user_authenticate(
        password: Optional[str] = Query(None, min_length=6, max_length=50),
        auth_key: Optional[str] = Query(None, min_length=11, max_length=22),
        x_account_id: str = Header(...),
+        inc_roles: bool = False,
        inc_contact: bool = False,
        inc_organization: bool = False,
        inc_person: bool = False,
@@ -248,6 +290,7 @@ async def user_authenticate(

        user_obj = load_user_obj(
            user_id=user_id,
+            inc_roles=inc_roles,
            inc_contact=inc_contact,
            inc_organization=inc_organization,
            inc_person=inc_person
@@ -288,6 +331,7 @@ async def lookup_user_obj(
        for_obj_id: Union[int,str],
        for_obj_type: str = Query(..., min_length=2, max_length=50),
        x_account_id: str = Header(...),
+        inc_roles: bool = False,
        inc_contact: bool = False,
        inc_organization: bool = False,
        inc_person: bool = False,
@@ -332,6 +376,7 @@ async def lookup_user_obj(
        user_id = user_rec_result.get('user_id', None)
        user_obj = load_user_obj(
            user_id=user_id,
+            inc_roles=inc_roles,
            inc_contact=inc_contact,
            inc_organization=inc_organization,
            inc_person=inc_person
@@ -344,6 +389,7 @@ async def lookup_user_obj(
            user_obj_li.append(
                load_user_obj(
                    user_id=user_id,
+                    inc_roles=inc_roles,
                    inc_contact=inc_contact,
                    inc_organization=inc_organization,
                    inc_person=inc_person,
@@ -362,6 +408,7 @@ async def lookup_username_obj(
        account_id: Union[int,str],
        username: str = Query(..., min_length=2, max_length=50),
        x_account_id: str = Header(...),
+        inc_roles: bool = False,
        inc_contact: bool = False,
        inc_organization: bool = False,
        inc_person: bool = False,
@@ -371,19 +418,34 @@ async def lookup_username_obj(
    log.setLevel(logging.DEBUG) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
    log.debug(locals())

-    if account_id := redis_lookup_id_random(record_id_random=account_id, table_name='account'): pass
-    else: return mk_resp(data=False, status_code=404) # Not Found
+    if account_id == '':
+        account_id = None
+    elif account_id := redis_lookup_id_random(record_id_random=account_id, table_name='account'):
+        pass
+    else:
+        return mk_resp(data=False, status_code=404) # Not Found
    log.setLevel(logging.DEBUG) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL

+
+
    data = {}
    data['account_id'] = account_id
    data['username'] = username
+    log.debug(data)

-    sql = f"""
+    if account_id:
+        sql = f"""
+            SELECT id AS 'user_id', id_random AS 'user_id_random'
+            FROM `user` AS `user`
+            WHERE `user`.account_id = :account_id AND `user`.username = :username
+            """
+    else:
+        sql = f"""
        SELECT id AS 'user_id', id_random AS 'user_id_random'
        FROM `user` AS `user`
-        WHERE `user`.account_id = :account_id AND `user`.username = :username
+        WHERE `user`.account_id IS NULL AND `user`.username = :username
        """
+    log.debug(sql)

    # This will return a list if selecting by account ID
    user_obj_result = sql_select(data=data, sql=sql)
@@ -391,6 +453,7 @@ async def lookup_username_obj(
        user_id = user_obj_result.get('user_id', None)
        user_obj = load_user_obj(
            user_id=user_id,
+            inc_roles=inc_roles,
            inc_contact=inc_contact,
            inc_organization=inc_organization,
            inc_person=inc_person
@@ -403,6 +466,7 @@ async def lookup_username_obj(
            user_obj_li.append(
                load_user_obj(
                    user_id=user_id,
+                    inc_roles=inc_roles,
                    inc_contact=inc_contact,
                    inc_organization=inc_organization,
                    inc_person=inc_person,