aji/authsquare
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

forgot send to forgot and forgot change to reset

Browse Source
This commit is contained in:
Dita Aji Pratama 2024-09-30 18:00:55 +07:00
parent 989a229e3a
commit 8293dfa761
4 changed files with 117 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
app/handler.py
View File

@ -230,23 +230,28 @@ def index():
print(str(e)) print(str(e))
return json.dumps({}, indent = 2).encode() return json.dumps({}, indent = 2).encode()
@app.route('/api/auth/password/forgot/<type>', method='POST') @app.route('/api/auth/password/forgot', method='POST')
def index(type): def index():
try: try:
params = request.json params = request.json
params["type"] = type
if type == "send":
params["mako"] = { params["mako"] = {
"email" : template_email.main(directory.page["email"], "reset") "email" : template_email.main(directory.page["email"], "reset")
} }
elif type == "change": response.content_type = 'application/json'
return json.dumps(api_auth.auth().forgot(params), indent = 2).encode()
except Exception as e:
print(str(e))
return json.dumps({}, indent = 2).encode()
@app.route('/api/auth/password/reset', method='POST')
def index():
try:
params = request.json
params["mako"] = { params["mako"] = {
"email" : template_email.main(directory.page["email"], "message") "email" : template_email.main(directory.page["email"], "message")
} }
else:
pass
response.content_type = 'application/json' response.content_type = 'application/json'
return json.dumps(api_auth.auth().forgot(params), indent = 2).encode() return json.dumps(api_auth.auth().reset(params), indent = 2).encode()
except Exception as e: except Exception as e:
print(str(e)) print(str(e))
return json.dumps({}, indent = 2).encode() return json.dumps({}, indent = 2).encode()

30
app/modules/api/auth.py
View File

@ -465,15 +465,11 @@ class auth:
return response return response
def forgot(self, params): def forgot(self, params):
APIADDR = "/api/auth/password/forgot/:type" APIADDR = "/api/auth/password/forgot"
loggorilla.prcss(APIADDR, "Define parameters")
response = {} response = {}
type = params["type" ] # POST: send / change
self.cursor.execute("BEGIN;") self.cursor.execute("BEGIN;")
try: try:
loggorilla.fyinf(APIADDR, f"type: {type}") loggorilla.prcss(APIADDR, "Define parameters")
if type == "send":
loggorilla.prcss(APIADDR, "Define parameters inside decision")
email = params["email"].lower() email = params["email"].lower()
loggorilla.prcss(APIADDR, "Get dependency data") loggorilla.prcss(APIADDR, "Get dependency data")
self.cursor.execute(f"SELECT COUNT(*) AS `count`, auth_profile.token, auth_profile.email FROM auth_profile_verification INNER JOIN auth_profile ON auth_profile.id = auth_profile_verification.auth_profile WHERE auth_profile.email = %s AND auth_profile_verification.type = 'email' AND auth_profile_verification.verified = 1 ; ", (email,) ) self.cursor.execute(f"SELECT COUNT(*) AS `count`, auth_profile.token, auth_profile.email FROM auth_profile_verification INNER JOIN auth_profile ON auth_profile.id = auth_profile_verification.auth_profile WHERE auth_profile.email = %s AND auth_profile_verification.type = 'email' AND auth_profile_verification.verified = 1 ; ", (email,) )
@ -511,8 +507,23 @@ class auth:
else: else:
response["status" ] = "failed" response["status" ] = "failed"
response["desc" ] = "The parameters seems suspicious and you are not authorized for that" response["desc" ] = "The parameters seems suspicious and you are not authorized for that"
elif type == "change": except Exception as e:
loggorilla.prcss(APIADDR, "Define parameters inside decision") self.cursor.execute("ROLLBACK;")
loggorilla.error(APIADDR, str(e) )
response["status" ] = "failed"
response["desc" ] = "Internal Server Error. Please contact us if you still have an error. for detail"
finally:
self.cursor.execute("COMMIT;")
self.cursor.close()
self.db_main.close()
return response
def reset(self, params):
APIADDR = "/api/auth/password/reset"
response = {}
self.cursor.execute("BEGIN;")
try:
loggorilla.prcss(APIADDR, "Define parameters")
token_encrypt = params["token" ] token_encrypt = params["token" ]
password = params["password" ] password = params["password" ]
loggorilla.prcss(APIADDR, "Decrypt token") loggorilla.prcss(APIADDR, "Decrypt token")
@ -557,9 +568,6 @@ class auth:
loggorilla.prcss(APIADDR, "Giving response") loggorilla.prcss(APIADDR, "Giving response")
response["status" ] = "success" response["status" ] = "success"
response["desc" ] = "password change success" response["desc" ] = "password change success"
else:
response["status" ] = "failed"
response["desc" ] = "forbidden"
except Exception as e: except Exception as e:
self.cursor.execute("ROLLBACK;") self.cursor.execute("ROLLBACK;")
loggorilla.error(APIADDR, str(e) ) loggorilla.error(APIADDR, str(e) )

2
app/static/js/auth/forgot.js
View File

@ -26,7 +26,7 @@ function responseAlert(response) {
function onSubmit() { function onSubmit() {
loadingResponse(); loadingResponse();
var email = document.getElementById("form-email" ).value; var email = document.getElementById("form-email" ).value;
var url = "/api/auth/password/forgot/send"; var url = "/api/auth/password/forgot";
var payload = { var payload = {
"email" : email "email" : email
}; };

2
app/static/js/auth/reset.js
View File

@ -32,7 +32,7 @@ function onSubmit() {
const urlParams = new URLSearchParams(queryString); const urlParams = new URLSearchParams(queryString);
const token = urlParams.get('token') const token = urlParams.get('token')
var password = document.getElementById("form-password").value; var password = document.getElementById("form-password").value;
var url = "/api/auth/password/forgot/change"; var url = "/api/auth/password/reset";
var payload = { var payload = {
"token" : token, "token" : token,
"password" : password "password" : password