Scott.Idem/OSIT-AE-API-FastAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug fixes or some issues around user auth, verification, and password change

Browse Source
This commit is contained in:
Scott Idem
2022-01-20 18:07:27 -05:00
parent c0fdc4d2dc
commit afe44bac89
2 changed files with 18 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
app/models/user_models.py
View File

@@ -257,6 +257,7 @@ class User_Base(BaseModel):
email: Optional[str] email: Optional[str]
email_verified: Optional[bool] email_verified: Optional[bool]
password: Optional[str] password: Optional[str]
current_password: Optional[str]
new_password: Optional[str] new_password: Optional[str]
allow_auth_key: Optional[int] allow_auth_key: Optional[int]

25
app/routers/user.py
View File

@@ -82,7 +82,8 @@ async def post_user_obj_new(
@router.patch('/user/{user_id}/change_password', response_model=Resp_Body_Base) @router.patch('/user/{user_id}/change_password', response_model=Resp_Body_Base)
async def user_obj_change_password( async def user_obj_change_password(
user_id: Union[int,str], user_id: Union[int,str],
user_obj: User_Base, # user_obj: User_Base,
user_dict: dict, # User_Base,
return_obj: bool = False, return_obj: bool = False,
inc_user_role_list: bool = False, inc_user_role_list: bool = False,
# inc_contact: bool = False, # inc_contact: bool = False,
@@ -93,7 +94,10 @@ async def user_obj_change_password(
log.setLevel(logging.INFO) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL log.setLevel(logging.INFO) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
log.debug(locals()) log.debug(locals())
if password := user_obj.password: pass # if password := user_obj.password: pass
# else: return mk_resp(data=False, status_code=400, status_message='The new password is required.', response=commons.response) # Bad Request
if password := user_dict.get('password'): pass
else: return mk_resp(data=False, status_code=400, status_message='The new password is required.', response=commons.response) # Bad Request else: return mk_resp(data=False, status_code=400, status_message='The new password is required.', response=commons.response) # Bad Request
generated_password = None generated_password = None
@@ -227,7 +231,7 @@ async def user_authenticate(
inc_person: bool = False, inc_person: bool = False,
commons: Common_Route_Params = Depends(common_route_params), commons: Common_Route_Params = Depends(common_route_params),
): ):
log.setLevel(logging.DEBUG) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL log.setLevel(logging.WARNING) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
log.debug(locals()) log.debug(locals())
account_id = commons.x_account_id account_id = commons.x_account_id
@@ -391,13 +395,18 @@ async def user_verify_password(
return_obj: bool = False, return_obj: bool = False,
commons: Common_Route_Params = Depends(common_route_params), commons: Common_Route_Params = Depends(common_route_params),
): ):
log.setLevel(logging.DEBUG) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL log.setLevel(logging.WARNING) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
log.debug(locals()) log.debug(locals())
account_id = commons.x_account_id account_id = commons.x_account_id
if password := user_obj.password: pass log.debug(user_obj)
else: return mk_resp(data=False, status_code=400, status_message='The password to verify is required.', response=commons.response) # Bad Request log.debug(user_obj.id_random)
log.debug(user_obj.current_password)
log.debug(user_obj.username)
if current_password := user_obj.current_password: pass
else: return mk_resp(data=False, status_code=400, status_message='The current password to verify is required.', response=commons.response) # Bad Request
if user_id_random := user_obj.id_random: # Use id_random instead of user_id_random when getting from User model. if user_id_random := user_obj.id_random: # Use id_random instead of user_id_random when getting from User model.
log.info(f'Using the user ID to look up the user. User ID: {user_id_random}') log.info(f'Using the user ID to look up the user. User ID: {user_id_random}')
@@ -417,7 +426,7 @@ async def user_verify_password(
if password_hash := user_rec_result.get('password', None): if password_hash := user_rec_result.get('password', None):
username = user_rec_result.get('username', None) username = user_rec_result.get('username', None)
if verify_secure_hash_string(string=password, string_hash=password_hash): if verify_secure_hash_string(string=current_password, string_hash=password_hash):
log.info(f'The username was found, and the password matched. Log in allowed if the account is enabled. Account ID: {account_id}, Username: {username}') log.info(f'The username was found, and the password matched. Log in allowed if the account is enabled. Account ID: {account_id}, Username: {username}')
return mk_resp(data=True, response=commons.response) return mk_resp(data=True, response=commons.response)
@@ -450,7 +459,7 @@ async def user_verify_password(
user_id = user_rec_result.get('user_id', None) user_id = user_rec_result.get('user_id', None)
if password_hash := user_rec_result.get('password', None): if password_hash := user_rec_result.get('password', None):
if verify_secure_hash_string(string=password, string_hash=password_hash): if verify_secure_hash_string(string=current_password, string_hash=password_hash):
log.info(f'The username was found, and the password matched. Log in allowed if the account is enabled. Account ID: {account_id}, Username: {username}') log.info(f'The username was found, and the password matched. Log in allowed if the account is enabled. Account ID: {account_id}, Username: {username}')
return mk_resp(data=True, response=commons.response) return mk_resp(data=True, response=commons.response)