2024-08-13 17:59:57 +07:00
import mysql . connector as mariadb
import datetime
2024-08-14 11:24:16 +07:00
from bottle import request , abort , redirect
2024-08-13 17:59:57 +07:00
from config import database , globalvar
from scripts import loggorilla , tokenguard
class validation ( ) :
def __init__ ( self ) :
pass
2024-08-26 19:19:33 +07:00
def account ( self , APIADDR , allowed_roles , jwt = None ) :
2024-08-13 17:59:57 +07:00
response = { }
2024-08-26 19:19:33 +07:00
loggorilla . prcss ( APIADDR , " Get jwt " )
if jwt is None :
loggorilla . fyinf ( APIADDR , " jwt params is empty: Use beaker session " )
for_api = False
beaker_session = request . environ . get ( ' beaker.session ' )
jwt = beaker_session [ " token " ] if " token " in beaker_session else None
else :
loggorilla . fyinf ( APIADDR , " jwt params is available: Use jwt from params " )
for_api = True
2024-08-14 11:25:54 +07:00
loggorilla . prcss ( APIADDR , " Define parameters " )
if jwt is None :
loggorilla . fyinf ( APIADDR , " Guest " )
r_session = { }
r_profile = {
" username " : None ,
" email " : None ,
" phone " : None ,
" roles " : [ 0 ]
}
2024-08-26 19:19:33 +07:00
session_not_found = False
2024-08-14 11:25:54 +07:00
else :
loggorilla . fyinf ( APIADDR , " With JWT " )
2024-08-13 17:59:57 +07:00
2024-08-14 11:25:54 +07:00
loggorilla . prcss ( APIADDR , " Get JWT payload data " )
payload = tokenguard . decode ( jwt , globalvar . ssh [ ' key ' ] [ ' public ' ] )
2024-08-13 17:59:57 +07:00
2024-08-26 19:19:33 +07:00
loggorilla . prcss ( APIADDR , " Connect DB " )
2024-08-14 11:25:54 +07:00
db_main = mariadb . connect ( * * database . db_main )
cursor = db_main . cursor ( dictionary = True )
2024-08-13 17:59:57 +07:00
2024-08-26 19:19:33 +07:00
loggorilla . prcss ( APIADDR , " Get dependency data " )
2024-08-14 11:25:54 +07:00
cursor . execute ( f " SELECT * FROM auth_session WHERE id = %s ; " , ( payload [ " session " ] [ " id " ] , ) )
r_session = cursor . fetchone ( )
2024-08-13 17:59:57 +07:00
2024-08-26 19:19:33 +07:00
if r_session is None :
session_not_found = True
r_session = { }
r_profile = {
" username " : None ,
" email " : None ,
" phone " : None ,
" roles " : [ 0 ]
}
else :
session_not_found = False
cursor . execute ( f " SELECT COUNT(*) AS `count`, auth_profile.* FROM auth_profile_verification LEFT JOIN auth_profile ON auth_profile.id = auth_profile_verification.auth_profile WHERE auth_profile.token = %s AND auth_profile_verification.type = ' email ' AND auth_profile_verification.verified = 1 ; " , ( r_session [ ' token ' ] , ) )
r_profile = cursor . fetchone ( )
cursor . execute ( f " SELECT auth_roles FROM auth_profile_roles WHERE auth_profile = %s ; " , ( r_profile [ ' id ' ] , ) )
r_roles = cursor . fetchall ( )
r_profile [ ' roles ' ] = [ item [ ' auth_roles ' ] for item in r_roles ]
2024-08-13 17:59:57 +07:00
2024-08-26 19:19:33 +07:00
loggorilla . prcss ( APIADDR , " Close DB " )
2024-08-14 11:25:54 +07:00
cursor . close ( )
db_main . close ( )
2024-08-13 17:59:57 +07:00
2024-08-22 23:33:14 +07:00
loggorilla . accss ( APIADDR , f " Session ID : { r_session [ ' id ' ] if ' id ' in r_session else None } " )
loggorilla . accss ( APIADDR , f " Session Start : { r_session [ ' start ' ] . strftime ( ' % Y- % m- %d % H: % M: % S ' ) if ' start ' in r_session else None } " )
loggorilla . accss ( APIADDR , f " Session End : { r_session [ ' end ' ] . strftime ( ' % Y- % m- %d % H: % M: % S ' ) if ' end ' in r_session else None } " )
loggorilla . accss ( APIADDR , f " Profile ID : { r_profile [ ' id ' ] if ' id ' in r_profile else None } " )
loggorilla . accss ( APIADDR , f " Profile Username : { r_profile [ ' username ' ] if ' username ' in r_profile else None } " )
loggorilla . accss ( APIADDR , f " Profile Email : { r_profile [ ' email ' ] if ' email ' in r_profile else None } " )
loggorilla . accss ( APIADDR , f " Profile Phone : { r_profile [ ' phone ' ] if ' phone ' in r_profile else None } " )
2024-08-26 19:19:33 +07:00
loggorilla . accss ( APIADDR , f " Profile Roles : { r_profile [ ' roles ' ] if ' roles ' in r_profile else None } " )
2024-08-22 23:33:14 +07:00
2024-08-14 11:25:54 +07:00
loggorilla . prcss ( APIADDR , " Validation " )
2024-08-26 19:19:33 +07:00
if session_not_found :
loggorilla . accss ( APIADDR , " Session not found " )
loggorilla . prcss ( APIADDR , " Giving response " )
response [ " status " ] = " failed "
response [ " desc " ] = " Your session not found. "
response [ " data " ] = {
2024-09-01 22:37:56 +07:00
" token " : jwt ,
2024-08-26 19:19:33 +07:00
" valid " : {
" status " : 0 ,
" desc " : " removed "
} ,
" session " : r_session ,
" profile " : r_profile
}
if for_api is True :
abort ( 401 , " Session not found " )
else :
redirect ( ' /logout?msg=removed ' )
elif 0 not in r_profile [ ' roles ' ] and datetime . datetime . now ( ) > r_session [ ' end ' ] :
loggorilla . accss ( APIADDR , " Session expired " )
loggorilla . prcss ( APIADDR , " Deleting session " )
2024-08-14 11:25:54 +07:00
self . cursor . execute ( " DELETE FROM auth_session WHERE id = %s ; " , ( r_session [ ' id ' ] , ) )
loggorilla . prcss ( APIADDR , " Giving response " )
2024-08-13 17:59:57 +07:00
response [ " status " ] = " failed "
2024-08-14 11:25:54 +07:00
response [ " desc " ] = " Expired. Your session removed. "
response [ " data " ] = {
2024-09-01 22:37:56 +07:00
" token " : jwt ,
2024-08-14 11:25:54 +07:00
" valid " : {
" status " : 0 ,
" desc " : " expired "
} ,
" session " : r_session ,
" profile " : r_profile
}
2024-08-26 19:19:33 +07:00
if for_api is True :
abort ( 401 , " Session expired " )
else :
redirect ( ' /logout?msg=expired ' )
2024-08-14 11:25:54 +07:00
elif 0 not in r_profile [ ' roles ' ] and r_profile [ " count " ] == 0 :
loggorilla . accss ( APIADDR , " No active account for this " )
2024-08-22 23:33:14 +07:00
loggorilla . prcss ( APIADDR , " Giving response " )
2024-08-14 11:25:54 +07:00
response [ " status " ] = " failed "
response [ " desc " ] = " No active account for this "
response [ " data " ] = {
2024-09-01 22:37:56 +07:00
" token " : jwt ,
2024-08-14 11:25:54 +07:00
" message " : " Please contact us if you still had a problem " ,
" valid " : {
" status " : 0 ,
" desc " : " fake "
} ,
" session " : r_session ,
" profile " : r_profile
}
abort ( 403 , " Please contact us if you still had a problem. " ) # 403 Forbidden
elif any ( role in allowed_roles for role in r_profile [ ' roles ' ] ) :
loggorilla . accss ( APIADDR , " User roles authorized " )
2024-08-22 23:33:14 +07:00
loggorilla . prcss ( APIADDR , " Giving response " )
2024-08-14 11:25:54 +07:00
response [ " status " ] = " success "
response [ " desc " ] = " User roles authorized "
response [ " data " ] = {
2024-09-01 22:37:56 +07:00
" token " : str ( jwt ) ,
2024-08-14 11:25:54 +07:00
" valid " : {
" status " : 1 ,
" desc " : " authorized "
} ,
" session " : r_session ,
" profile " : r_profile
}
2024-08-13 17:59:57 +07:00
return response
2024-08-14 11:25:54 +07:00
else :
loggorilla . accss ( APIADDR , " User roles unauthorized " )
2024-08-22 23:33:14 +07:00
loggorilla . prcss ( APIADDR , " Giving response " )
2024-08-14 11:25:54 +07:00
response [ " status " ] = " failed "
response [ " desc " ] = " User roles unauthorized "
response [ " data " ] = {
2024-09-01 22:37:56 +07:00
" token " : jwt ,
2024-08-14 11:25:54 +07:00
" valid " : {
" status " : 0 ,
" desc " : " unauthorized "
} ,
" session " : r_session ,
" profile " : r_profile
}
abort ( 401 , " User roles unauthorized " ) # 401 Unauthorized