Kine-backend/ConfBack/account/views.py

# -*- encoding: utf-8 -*-

# @author : vincent.benoit@benserv.fr
# @brief : Account routes

#########################################################
# Importation de modules externes                       #

import sys, re, os
import logging as log
from datetime import datetime, timezone

from flask import Flask, Blueprint, request, abort, jsonify, current_app
from flask_api import status
from flask_jwt_extended import create_access_token
from flask_jwt_extended import get_jwt
from flask_jwt_extended import set_access_cookies
from flask_jwt_extended import unset_jwt_cookies
from flask_jwt_extended import get_jwt_identity
from flask_jwt_extended import jwt_required, decode_token

import json
import shutil
import hashlib
from werkzeug.exceptions import HTTPException

#########################################################
# Class et Methods                                      #

account = Blueprint('account', __name__, url_prefix='/api/configurateur')

@account.errorhandler(HTTPException)
def handle_exception(e):
    ''' return JSON instead of HTML for HTTP errors '''
    response = e.get_response()
    # replace the body with JSON
    response.data = json.dumps({
        'code': e.code,
        'name': e.name,
        'description': e.description,
        })
    response.content_type = "application/json"
    return response

@account.after_request
def refresh_expiring_tokens(response):
    ''' Using an 'after_request' callback, we refresh any token that is within
        30 minutes of expiring.'''
    try:
        exp_timestamp = get_jwt()['exp']
        now = datetime.now(timezone.utc)
        target_timestamp = datetime.timestamp(now + current_app.config['DELTA'])
        if target_timestamp > exp_timestamp:
            current_app.logger.warning("On doit recréer un token JWT ....")
            access_token = create_access_token(identity=get_jwt_identity())
            # refresh token in storage place
            if os.path.exists(os.path.join("/tmp", current_app.config['PROJECT'])):
                with open(os.path.join("/tmp", current_app.config['PROJECT'], get_jwt_identity()['id']), 'w') as f:
                    f.write(access_token)
            # Modifiy a Flask Response to set a cookie containing the access JWT.
            set_access_cookies(response, access_token)
        return response
    except (RuntimeError, KeyError):
        return response

@account.route('/update_passwd', methods=['POST'])
@jwt_required()
def update_password():
    ''' Mise à jour du mot de passe utilisateur
    '''
    current_app.logger.info("Mise à jour du mot de passe de l'utilisateur")
    current_user = get_jwt_identity()
    # recuperation des attributs JSON de la requete
    data_req = request.get_json()
    current_app.logger.debug("request: {}".format(data_req))
    # load data from JSON database
    with open(current_app.config['DB_PATH'], 'r') as f:
        data = json.load(f)
    if 'old' in data_req:
        if data_req['old'] != data['utilisateur']['password']:
            abort(status.HTTP_406_NOT_ACCEPTABLE, description="Mauvais ancien mot de passe")
    else:
        abort(status.HTTP_406_NOT_ACCEPTABLE, description="Ancien mot de passe invalide")
    if 'new' in data_req:
        data['utilisateur']['password'] = data_req['new']
        with open(current_app.config['DB_PATH'], 'w') as f:
            json.dump(data, f)
    else:
        abort(status.HTTP_406_NOT_ACCEPTABLE, description="Nouveau mot de passe invalide")

    content = {'message':'maj password successful!'}
    return content, status.HTTP_200_OK