forgot send to forgot and forgot change to reset

2024-09-30 18:00:55 +07:00 · 2024-09-30 18:00:55 +07:00 · 8293dfa761
commit 8293dfa761
parent 989a229e3a
4 changed files with 117 additions and 104 deletions
--- a/app/handler.py
+++ b/app/handler.py
@ -230,27 +230,32 @@ def index():
        print(str(e))
        return json.dumps({}, indent = 2).encode()
-@app.route('/api/auth/password/forgot/<type>', method='POST')
+@app.route('/api/auth/password/forgot', method='POST')
-def index(type):
+def index():
    try:
        params = request.json
-        params["type"] = type
+        params["mako"] = {
-        if type == "send":
+            "email" : template_email.main(directory.page["email"], "reset")
-            params["mako"] = {
+        }
                "email" : template_email.main(directory.page["email"], "reset")
            }
        elif type == "change":
            params["mako"] = {
                "email" : template_email.main(directory.page["email"], "message")
            }
        else:
            pass
        response.content_type = 'application/json'
        return json.dumps(api_auth.auth().forgot(params), indent = 2).encode()
    except Exception as e:
        print(str(e))
        return json.dumps({}, indent = 2).encode()
@app.route('/api/auth/password/reset', method='POST')
 def index():
    try:
        params = request.json
        params["mako"] = {
            "email" : template_email.main(directory.page["email"], "message")
        }
        response.content_type = 'application/json'
        return json.dumps(api_auth.auth().reset(params), indent = 2).encode()
    except Exception as e:
        print(str(e))
        return json.dumps({}, indent = 2).encode()
@app.route('/api/dashboard/roles/list', method='POST')
 def index():
    try:
--- a/app/modules/api/auth.py
+++ b/app/modules/api/auth.py
@ -465,101 +465,109 @@ class auth:
        return response
    def forgot(self, params):
-        APIADDR     = "/api/auth/password/forgot/:type"
+        APIADDR     = "/api/auth/password/forgot"
        loggorilla.prcss(APIADDR, "Define parameters")
        response    = {}
        type        = params["type"     ] # POST: send / change
        self.cursor.execute("BEGIN;")
        try:
-            loggorilla.fyinf(APIADDR, f"type: {type}")
+            loggorilla.prcss(APIADDR, "Define parameters")
-            if type == "send":
+            email = params["email"].lower()
-                loggorilla.prcss(APIADDR, "Define parameters inside decision")
+            loggorilla.prcss(APIADDR, "Get dependency data")
-                email = params["email"].lower()
+            self.cursor.execute(f"SELECT COUNT(*) AS `count`, auth_profile.token, auth_profile.email FROM auth_profile_verification INNER JOIN auth_profile ON auth_profile.id = auth_profile_verification.auth_profile WHERE auth_profile.email = %s AND auth_profile_verification.type = 'email' AND auth_profile_verification.verified = 1 ; ", (email,) )
-                loggorilla.prcss(APIADDR, "Get dependency data")
+            result_verified = self.cursor.fetchone()
-                self.cursor.execute(f"SELECT COUNT(*) AS `count`, auth_profile.token, auth_profile.email FROM auth_profile_verification INNER JOIN auth_profile ON auth_profile.id = auth_profile_verification.auth_profile WHERE auth_profile.email = %s AND auth_profile_verification.type = 'email' AND auth_profile_verification.verified = 1 ; ", (email,) )
+            if result_verified["count"] >= 1:
-                result_verified = self.cursor.fetchone()
+                loggorilla.prcss(APIADDR, "Get token")
-                if result_verified["count"] >= 1:
+                token = result_verified["token"].decode()
-                    loggorilla.prcss(APIADDR, "Get token")
+                loggorilla.prcss(APIADDR, "Generate URL")
-                    token = result_verified["token"].decode()
+                # TODO: set expired time
-                    loggorilla.prcss(APIADDR, "Generate URL")
+                expired = datetime.datetime.now() + datetime.timedelta(minutes=30) # Can be hours or minutes
-                    # TODO: set expired time
+                expired_isoformat = expired.isoformat()
-                    expired = datetime.datetime.now() + datetime.timedelta(minutes=30) # Can be hours or minutes
+                payload = {
-                    expired_isoformat = expired.isoformat()
+                    "token" : token,
-                    payload = {
+                    "expired": expired_isoformat
-                        "token" : token,
+                }
-                        "expired": expired_isoformat
+                # TODO: Config SSH key for tokenguard and set forgot URL
-                    }
+                token_encrypt       = tokenguard.encode(payload, globalvar.ssh['key']['private'], globalvar.ssh['passphrase'])
-                    # TODO: Config SSH key for tokenguard and set forgot URL
+                change_forgot_url   = globalvar.change_forgot_url(token_encrypt)
-                    token_encrypt       = tokenguard.encode(payload, globalvar.ssh['key']['private'], globalvar.ssh['passphrase'])
+                loggorilla.prcss(APIADDR, "Sending email")
-                    change_forgot_url   = globalvar.change_forgot_url(token_encrypt)
+                self.smtpconfig['subject'   ] = f"{globalvar.title} forgot password"
-                    loggorilla.prcss(APIADDR, "Sending email")
+                self.smtpconfig['to'        ] = email
-                    self.smtpconfig['subject'   ] = f"{globalvar.title} forgot password"
+                self.smtpconfig['text'      ] = f"Please visit this link to reset password: {change_forgot_url}. Avoid the link if you are not request this."
-                    self.smtpconfig['to'        ] = email
+                self.smtpconfig['html'      ] = Template(params["mako"]["email"]['index']).render(
-                    self.smtpconfig['text'      ] = f"Please visit this link to reset password: {change_forgot_url}. Avoid the link if you are not request this."
+                    title       = globalvar.title,
-                    self.smtpconfig['html'      ] = Template(params["mako"]["email"]['index']).render(
+                    header      = globalvar.title,
-                        title       = globalvar.title,
+                    copyright   = globalvar.copyright,
-                        header      = globalvar.title,
+                    container   = Template(params["mako"]["email"]['container']).render(
-                        copyright   = globalvar.copyright,
+                        reset = change_forgot_url
                        container   = Template(params["mako"]["email"]['container']).render(
                            reset = change_forgot_url
            			)
                    )
-                    sendwave.smtp(self.smtpconfig)
+                )
-                    loggorilla.prcss(APIADDR, "Giving response")
+                sendwave.smtp(self.smtpconfig)
-                    response["status"	] = "success"
+                loggorilla.prcss(APIADDR, "Giving response")
-                    response["desc"		] = "Check email for password change."
+                response["status"	] = "success"
-                else:
+                response["desc"		] = "Check email for password change."
                    response["status"	] = "failed"
                    response["desc"		] = "The parameters seems suspicious and you are not authorized for that"
            elif type == "change":
                loggorilla.prcss(APIADDR, "Define parameters inside decision")
                token_encrypt   = params["token"    ]
                password        = params["password" ]
                loggorilla.prcss(APIADDR, "Decrypt token")
                payload = tokenguard.decode(token_encrypt, globalvar.ssh['key']['public'])
                token   = payload['token']
                expired = datetime.datetime.fromisoformat(payload['expired'])
                loggorilla.prcss(APIADDR, "Process parameters")
                hashed		= bcrypt.hashpw(password.encode(), bcrypt.gensalt()).decode()
                loggorilla.prcss(APIADDR, "Get dependency data")
                self.cursor.execute(f"SELECT COUNT(*) AS `count`, auth_profile.email FROM auth_profile_verification INNER JOIN auth_profile ON auth_profile.id = auth_profile_verification.auth_profile WHERE auth_profile.token = %s AND auth_profile_verification.type = 'email' AND auth_profile_verification.verified = 1 ; ", (token,) )
                result_verified = self.cursor.fetchone()
                email = result_verified['email']
                loggorilla.prcss(APIADDR, "Validation")
                if datetime.datetime.now() > expired:
                    response["status"	] = "failed"
                    response["desc"		] = "Expired"
                elif len(password) < 6:
                    response["status"	] = "failed"
                    response["desc"		] = "password too short"
                elif result_verified["count"] == 0:
                    response["status"	] = "failed"
                    response["desc"		] = "Forbidden: No active account for this"
                    response["data"     ] = {
                        "message": "Please contact us if you still had a problem"
                    }
                else:
                    loggorilla.prcss(APIADDR, "Updating")
                    self.cursor.execute("UPDATE `auth` SET `password` = %s, `when_update` = NOW() WHERE `token` = %s", (hashed, token) )
                    loggorilla.prcss(APIADDR, "Sending email")
                    self.smtpconfig['subject'   ] = f"{globalvar.title} password change success"
                    self.smtpconfig['to'        ] = email
                    self.smtpconfig['text'      ] = f"You had change your password."
                    self.smtpconfig['html'      ] = Template(params["mako"]["email"]['index']).render(
                        title       = globalvar.title,
                        header      = globalvar.title,
                        copyright   = globalvar.copyright,
                        container   = Template(params["mako"]["email"]['container']).render(
                            message = f"You had change your password."
            			)
                    )
                    sendwave.smtp(self.smtpconfig)
                    loggorilla.prcss(APIADDR, "Giving response")
                    response["status"	] = "success"
                    response["desc"		] = "password change success"
            else:
                response["status"	] = "failed"
-                response["desc"		] = "forbidden"
+                response["desc"		] = "The parameters seems suspicious and you are not authorized for that"
        except Exception as e:
            self.cursor.execute("ROLLBACK;")
            loggorilla.error(APIADDR, str(e) )
            response["status"	] = "failed"
            response["desc"		] = "Internal Server Error. Please contact us if you still have an error. for detail"
        finally:
            self.cursor.execute("COMMIT;")
            self.cursor.close()
            self.db_main.close()
        return response
    def reset(self, params):
        APIADDR     = "/api/auth/password/reset"
        response    = {}
        self.cursor.execute("BEGIN;")
        try:
            loggorilla.prcss(APIADDR, "Define parameters")
            token_encrypt   = params["token"    ]
            password        = params["password" ]
            loggorilla.prcss(APIADDR, "Decrypt token")
            payload = tokenguard.decode(token_encrypt, globalvar.ssh['key']['public'])
            token   = payload['token']
            expired = datetime.datetime.fromisoformat(payload['expired'])
            loggorilla.prcss(APIADDR, "Process parameters")
            hashed		= bcrypt.hashpw(password.encode(), bcrypt.gensalt()).decode()
            loggorilla.prcss(APIADDR, "Get dependency data")
            self.cursor.execute(f"SELECT COUNT(*) AS `count`, auth_profile.email FROM auth_profile_verification INNER JOIN auth_profile ON auth_profile.id = auth_profile_verification.auth_profile WHERE auth_profile.token = %s AND auth_profile_verification.type = 'email' AND auth_profile_verification.verified = 1 ; ", (token,) )
            result_verified = self.cursor.fetchone()
            email = result_verified['email']
            loggorilla.prcss(APIADDR, "Validation")
            if datetime.datetime.now() > expired:
                response["status"	] = "failed"
                response["desc"		] = "Expired"
            elif len(password) < 6:
                response["status"	] = "failed"
                response["desc"		] = "password too short"
            elif result_verified["count"] == 0:
                response["status"	] = "failed"
                response["desc"		] = "Forbidden: No active account for this"
                response["data"     ] = {
                    "message": "Please contact us if you still had a problem"
                }
            else:
                loggorilla.prcss(APIADDR, "Updating")
                self.cursor.execute("UPDATE `auth` SET `password` = %s, `when_update` = NOW() WHERE `token` = %s", (hashed, token) )
                loggorilla.prcss(APIADDR, "Sending email")
                self.smtpconfig['subject'   ] = f"{globalvar.title} password change success"
                self.smtpconfig['to'        ] = email
                self.smtpconfig['text'      ] = f"You had change your password."
                self.smtpconfig['html'      ] = Template(params["mako"]["email"]['index']).render(
                    title       = globalvar.title,
                    header      = globalvar.title,
                    copyright   = globalvar.copyright,
                    container   = Template(params["mako"]["email"]['container']).render(
                        message = f"You had change your password."
                    )
                )
                sendwave.smtp(self.smtpconfig)
                loggorilla.prcss(APIADDR, "Giving response")
                response["status"	] = "success"
                response["desc"		] = "password change success"
        except Exception as e:
            self.cursor.execute("ROLLBACK;")
            loggorilla.error(APIADDR, str(e) )
--- a/app/static/js/auth/forgot.js
+++ b/app/static/js/auth/forgot.js
@ -26,7 +26,7 @@ function responseAlert(response) {
 function onSubmit() {
  loadingResponse();
  var email     = document.getElementById("form-email"    ).value;
-  var url       = "/api/auth/password/forgot/send";
+  var url       = "/api/auth/password/forgot";
  var payload   = {
    "email"     : email
  };
--- a/app/static/js/auth/reset.js
+++ b/app/static/js/auth/reset.js
@ -32,7 +32,7 @@ function onSubmit() {
  const urlParams   = new URLSearchParams(queryString);
  const token       = urlParams.get('token')
  var password     = document.getElementById("form-password").value;
-  var url     = "/api/auth/password/forgot/change";
+  var url     = "/api/auth/password/reset";
  var payload = {
    "token" : token,
    "password" : password