Compare commits
No commits in common. "4322a5803fb4700eb7fc033e62776384e8cf3a04" and "c03332884ff9e5fb2d09de2953eddc69d3f1c815" have entirely different histories.
4322a5803f
...
c03332884f
@ -1,9 +1,6 @@
|
|||||||
from mako.template import Template
|
from mako.template import Template
|
||||||
from config import globalvar
|
from config import globalvar
|
||||||
from bottle import redirect, abort
|
from bottle import request
|
||||||
from scripts import loggorilla
|
|
||||||
|
|
||||||
import procedure.validation as procedure_validation
|
|
||||||
|
|
||||||
class forgot:
|
class forgot:
|
||||||
|
|
||||||
@ -11,22 +8,19 @@ class forgot:
|
|||||||
pass
|
pass
|
||||||
|
|
||||||
def html(self, params):
|
def html(self, params):
|
||||||
APIADDR = "/forgot"
|
|
||||||
|
|
||||||
loggorilla.prcss(APIADDR, "Define page parameters")
|
|
||||||
active_page = "Forgot"
|
active_page = "Forgot"
|
||||||
allowed_roles = [0]
|
user_roles = [0]
|
||||||
|
beaker_session = request.environ.get('beaker.session')
|
||||||
loggorilla.prcss(APIADDR, "Account validation")
|
jwt = beaker_session["token"] if "token" in beaker_session else None
|
||||||
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles)
|
if jwt is not None:
|
||||||
user = user_validation['data']
|
return redirect('/')
|
||||||
|
else:
|
||||||
return Template(params["mako"]["website"]['index']).render(
|
return Template(params["mako"]["website"]['index']).render(
|
||||||
title = globalvar.title,
|
title = globalvar.title,
|
||||||
header = globalvar.header,
|
header = globalvar.header,
|
||||||
navbar = Template(params["mako"]["website"]['navbar']).render(
|
navbar = Template(params["mako"]["website"]['navbar']).render(
|
||||||
menu = globalvar.menu['public']['navbar'],
|
menu = globalvar.menu['public']['navbar'],
|
||||||
user_roles = user['profile']['roles'],
|
user_roles = user_roles,
|
||||||
active_page = active_page
|
active_page = active_page
|
||||||
),
|
),
|
||||||
footer = Template(params["mako"]["website"]['footer']).render(
|
footer = Template(params["mako"]["website"]['footer']).render(
|
||||||
|
@ -1,26 +1,36 @@
|
|||||||
|
import mysql.connector as mariadb
|
||||||
from mako.template import Template
|
from mako.template import Template
|
||||||
from config import globalvar
|
from config import globalvar, database
|
||||||
from bottle import redirect, abort
|
from bottle import request
|
||||||
from scripts import loggorilla
|
|
||||||
|
|
||||||
import procedure.validation as procedure_validation
|
import procedure.session as procedure_session
|
||||||
|
|
||||||
class home:
|
class home:
|
||||||
|
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
pass
|
self.db_main = mariadb.connect(**database.db_main)
|
||||||
|
self.cursor = self.db_main.cursor(dictionary=True)
|
||||||
|
self.user = {
|
||||||
|
"data":{
|
||||||
|
"profile":{
|
||||||
|
"username":None,
|
||||||
|
"email":None,
|
||||||
|
"phone":None,
|
||||||
|
"roles":[0]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
def html(self, params):
|
def html(self, params):
|
||||||
APIADDR = "/"
|
|
||||||
|
|
||||||
loggorilla.prcss(APIADDR, "Define page parameters")
|
|
||||||
active_page = "Home"
|
active_page = "Home"
|
||||||
allowed_roles = [0,1,2,3]
|
allowed_roles = [0,1,2,3]
|
||||||
|
beaker_session = request.environ.get('beaker.session')
|
||||||
loggorilla.prcss(APIADDR, "Account validation")
|
jwt = beaker_session["token"] if "token" in beaker_session else None
|
||||||
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles)
|
self.user = procedure_session.session().user(jwt, allowed_roles) if jwt is not None else self.user
|
||||||
user = user_validation['data']
|
user = self.user['data']
|
||||||
|
if 'valid' in user and user['valid']['status'] == 0:
|
||||||
|
return redirect('/logout')
|
||||||
|
else:
|
||||||
return Template(params["mako"]["website"]['index']).render(
|
return Template(params["mako"]["website"]['index']).render(
|
||||||
title = globalvar.title,
|
title = globalvar.title,
|
||||||
header = globalvar.header,
|
header = globalvar.header,
|
||||||
|
@ -1,9 +1,6 @@
|
|||||||
from mako.template import Template
|
from mako.template import Template
|
||||||
from config import globalvar
|
from config import globalvar
|
||||||
from bottle import redirect, abort
|
from bottle import request
|
||||||
from scripts import loggorilla
|
|
||||||
|
|
||||||
import procedure.validation as procedure_validation
|
|
||||||
|
|
||||||
class login:
|
class login:
|
||||||
|
|
||||||
@ -11,22 +8,19 @@ class login:
|
|||||||
pass
|
pass
|
||||||
|
|
||||||
def html(self, params):
|
def html(self, params):
|
||||||
APIADDR = "/login"
|
|
||||||
|
|
||||||
loggorilla.prcss(APIADDR, "Define page parameters")
|
|
||||||
active_page = "Login"
|
active_page = "Login"
|
||||||
allowed_roles = [0]
|
user_roles = [0]
|
||||||
|
beaker_session = request.environ.get('beaker.session')
|
||||||
loggorilla.prcss(APIADDR, "Account validation")
|
jwt = beaker_session["token"] if "token" in beaker_session else None
|
||||||
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles)
|
if jwt is not None:
|
||||||
user = user_validation['data']
|
return redirect('/')
|
||||||
|
else:
|
||||||
return Template(params["mako"]["website"]['index']).render(
|
return Template(params["mako"]["website"]['index']).render(
|
||||||
title = globalvar.title,
|
title = globalvar.title,
|
||||||
header = globalvar.header,
|
header = globalvar.header,
|
||||||
navbar = Template(params["mako"]["website"]['navbar']).render(
|
navbar = Template(params["mako"]["website"]['navbar']).render(
|
||||||
menu = globalvar.menu['public']['navbar'],
|
menu = globalvar.menu['public']['navbar'],
|
||||||
user_roles = user['profile']['roles'],
|
user_roles = user_roles,
|
||||||
active_page = active_page
|
active_page = active_page
|
||||||
),
|
),
|
||||||
footer = Template(params["mako"]["website"]['footer']).render(
|
footer = Template(params["mako"]["website"]['footer']).render(
|
||||||
|
@ -1,26 +1,33 @@
|
|||||||
from mako.template import Template
|
from mako.template import Template
|
||||||
from config import globalvar
|
from config import globalvar
|
||||||
from bottle import redirect, abort
|
from bottle import request
|
||||||
from scripts import loggorilla
|
|
||||||
|
|
||||||
import procedure.validation as procedure_validation
|
import procedure.session as procedure_session
|
||||||
|
|
||||||
class notme:
|
class notme:
|
||||||
|
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
pass
|
self.user = {
|
||||||
|
"data":{
|
||||||
|
"profile":{
|
||||||
|
"username":None,
|
||||||
|
"email":None,
|
||||||
|
"phone":None,
|
||||||
|
"roles":[0]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
def html(self, params):
|
def html(self, params):
|
||||||
APIADDR = "/notme"
|
active_page = None
|
||||||
|
|
||||||
loggorilla.prcss(APIADDR, "Define page parameters")
|
|
||||||
active_page = "Not Me"
|
|
||||||
allowed_roles = [0,1,2,3]
|
allowed_roles = [0,1,2,3]
|
||||||
|
beaker_session = request.environ.get('beaker.session')
|
||||||
loggorilla.prcss(APIADDR, "Account validation")
|
jwt = beaker_session["token"] if "token" in beaker_session else None
|
||||||
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles)
|
self.user = procedure_session.session().user(jwt, allowed_roles) if jwt is not None else self.user
|
||||||
user = user_validation['data']
|
user = self.user['data']
|
||||||
|
if 'valid' in user and user['valid']['status'] == 0:
|
||||||
|
return redirect('/logout')
|
||||||
|
else:
|
||||||
return Template(params["mako"]["website"]['index']).render(
|
return Template(params["mako"]["website"]['index']).render(
|
||||||
title = globalvar.title,
|
title = globalvar.title,
|
||||||
header = globalvar.header,
|
header = globalvar.header,
|
||||||
|
@ -1,9 +1,6 @@
|
|||||||
from mako.template import Template
|
from mako.template import Template
|
||||||
from config import globalvar
|
from config import globalvar
|
||||||
from bottle import redirect, abort
|
from bottle import request
|
||||||
from scripts import loggorilla
|
|
||||||
|
|
||||||
import procedure.validation as procedure_validation
|
|
||||||
|
|
||||||
class register:
|
class register:
|
||||||
|
|
||||||
@ -11,23 +8,20 @@ class register:
|
|||||||
pass
|
pass
|
||||||
|
|
||||||
def html(self, params):
|
def html(self, params):
|
||||||
APIADDR = "/register"
|
|
||||||
|
|
||||||
loggorilla.prcss(APIADDR, "Define page parameters")
|
|
||||||
active_page = "Register"
|
|
||||||
allowed_roles = [0]
|
|
||||||
roles = params["roles"]
|
roles = params["roles"]
|
||||||
|
active_page = "Register"
|
||||||
loggorilla.prcss(APIADDR, "Account validation")
|
user_roles = [0]
|
||||||
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles)
|
beaker_session = request.environ.get('beaker.session')
|
||||||
user = user_validation['data']
|
jwt = beaker_session["token"] if "token" in beaker_session else None
|
||||||
|
if jwt is not None:
|
||||||
|
return redirect('/')
|
||||||
|
else:
|
||||||
return Template(params["mako"]["website"]['index']).render(
|
return Template(params["mako"]["website"]['index']).render(
|
||||||
title = globalvar.title,
|
title = globalvar.title,
|
||||||
header = globalvar.header,
|
header = globalvar.header,
|
||||||
navbar = Template(params["mako"]["website"]['navbar']).render(
|
navbar = Template(params["mako"]["website"]['navbar']).render(
|
||||||
menu = globalvar.menu['public']['navbar'],
|
menu = globalvar.menu['public']['navbar'],
|
||||||
user_roles = user['profile']['roles'],
|
user_roles = user_roles,
|
||||||
active_page = active_page
|
active_page = active_page
|
||||||
),
|
),
|
||||||
footer = Template(params["mako"]["website"]['footer']).render(
|
footer = Template(params["mako"]["website"]['footer']).render(
|
||||||
|
@ -1,9 +1,6 @@
|
|||||||
from mako.template import Template
|
from mako.template import Template
|
||||||
from config import globalvar
|
from config import globalvar
|
||||||
from bottle import redirect, abort
|
from bottle import request
|
||||||
from scripts import loggorilla
|
|
||||||
|
|
||||||
import procedure.validation as procedure_validation
|
|
||||||
|
|
||||||
class reset:
|
class reset:
|
||||||
|
|
||||||
@ -11,22 +8,19 @@ class reset:
|
|||||||
pass
|
pass
|
||||||
|
|
||||||
def html(self, params):
|
def html(self, params):
|
||||||
APIADDR = "/reset"
|
|
||||||
|
|
||||||
loggorilla.prcss(APIADDR, "Define page parameters")
|
|
||||||
active_page = "Reset"
|
active_page = "Reset"
|
||||||
allowed_roles = [0]
|
user_roles = [0]
|
||||||
|
beaker_session = request.environ.get('beaker.session')
|
||||||
loggorilla.prcss(APIADDR, "Account validation")
|
jwt = beaker_session["token"] if "token" in beaker_session else None
|
||||||
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles)
|
if jwt is not None:
|
||||||
user = user_validation['data']
|
return redirect('/')
|
||||||
|
else:
|
||||||
return Template(params["mako"]["website"]['index']).render(
|
return Template(params["mako"]["website"]['index']).render(
|
||||||
title = globalvar.title,
|
title = globalvar.title,
|
||||||
header = globalvar.header,
|
header = globalvar.header,
|
||||||
navbar = Template(params["mako"]["website"]['navbar']).render(
|
navbar = Template(params["mako"]["website"]['navbar']).render(
|
||||||
menu = globalvar.menu['public']['navbar'],
|
menu = globalvar.menu['public']['navbar'],
|
||||||
user_roles = user['profile']['roles'],
|
user_roles = user_roles,
|
||||||
active_page = active_page
|
active_page = active_page
|
||||||
),
|
),
|
||||||
footer = Template(params["mako"]["website"]['footer']).render(
|
footer = Template(params["mako"]["website"]['footer']).render(
|
||||||
|
@ -1,26 +1,33 @@
|
|||||||
from mako.template import Template
|
from mako.template import Template
|
||||||
from config import globalvar
|
from config import globalvar
|
||||||
from bottle import redirect, abort
|
from bottle import request
|
||||||
from scripts import loggorilla
|
|
||||||
|
|
||||||
import procedure.validation as procedure_validation
|
import procedure.session as procedure_session
|
||||||
|
|
||||||
class verify:
|
class verify:
|
||||||
|
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
pass
|
self.user = {
|
||||||
|
"data":{
|
||||||
|
"profile":{
|
||||||
|
"username":None,
|
||||||
|
"email":None,
|
||||||
|
"phone":None,
|
||||||
|
"roles":[0]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
def html(self, params):
|
def html(self, params):
|
||||||
APIADDR = "/verify"
|
active_page = None
|
||||||
|
allowed_roles = [0,1,2,3]
|
||||||
loggorilla.prcss(APIADDR, "Define page parameters")
|
beaker_session = request.environ.get('beaker.session')
|
||||||
active_page = "Verify"
|
jwt = beaker_session["token"] if "token" in beaker_session else None
|
||||||
allowed_roles = [0]
|
self.user = procedure_session.session().user(jwt, allowed_roles) if jwt is not None else self.user
|
||||||
|
user = self.user['data']
|
||||||
loggorilla.prcss(APIADDR, "Account validation")
|
if 'valid' in user and user['valid']['status'] == 0:
|
||||||
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles)
|
return redirect('/logout')
|
||||||
user = user_validation['data']
|
else:
|
||||||
|
|
||||||
return Template(params["mako"]["website"]['index']).render(
|
return Template(params["mako"]["website"]['index']).render(
|
||||||
title = globalvar.title,
|
title = globalvar.title,
|
||||||
header = globalvar.header,
|
header = globalvar.header,
|
||||||
|
100
app/procedure/session.py
Normal file
100
app/procedure/session.py
Normal file
@ -0,0 +1,100 @@
|
|||||||
|
import mysql.connector as mariadb
|
||||||
|
|
||||||
|
import datetime
|
||||||
|
|
||||||
|
import config.database as database
|
||||||
|
import config.globalvar as globalvar
|
||||||
|
|
||||||
|
import scripts.loggorilla as loggorilla
|
||||||
|
import scripts.tokenguard as tokenguard
|
||||||
|
|
||||||
|
class session():
|
||||||
|
|
||||||
|
def __init__(self):
|
||||||
|
self.db_main = mariadb.connect(**database.db_main)
|
||||||
|
self.cursor = self.db_main.cursor(dictionary=True)
|
||||||
|
|
||||||
|
def user(self, jwt, allowed_roles):
|
||||||
|
APIADDR = "procedure.validation"
|
||||||
|
response = {}
|
||||||
|
try:
|
||||||
|
loggorilla.prcss(APIADDR, "Define parameters")
|
||||||
|
payload = tokenguard.decode(jwt, globalvar.ssh['key']['public'])
|
||||||
|
|
||||||
|
loggorilla.prcss(APIADDR, "Get dependency data")
|
||||||
|
self.cursor.execute(f"SELECT * FROM auth_session WHERE id = %s ; ", (payload["session"]["id"],) )
|
||||||
|
r_session = self.cursor.fetchone()
|
||||||
|
self.cursor.execute(f"SELECT COUNT(*) AS `count`, auth_profile.* FROM auth_profile_verification LEFT JOIN auth_profile ON auth_profile.id = auth_profile_verification.auth_profile WHERE auth_profile.token = %s AND auth_profile_verification.type = 'email' AND auth_profile_verification.verified = 1 ; ", (r_session['token'],) )
|
||||||
|
r_profile = self.cursor.fetchone()
|
||||||
|
self.cursor.execute(f"SELECT auth_roles FROM auth_profile_roles WHERE auth_profile = %s ; ", (r_profile['id'],) )
|
||||||
|
r_roles = self.cursor.fetchall()
|
||||||
|
|
||||||
|
r_profile['roles'] = [0]
|
||||||
|
for row in r_roles:
|
||||||
|
r_profile['roles'].remove(0)
|
||||||
|
r_profile['roles'].append(row['auth_roles'])
|
||||||
|
|
||||||
|
loggorilla.prcss(APIADDR, "Validation")
|
||||||
|
if datetime.datetime.now() > r_session['end']:
|
||||||
|
loggorilla.prcss(APIADDR, "Deleting")
|
||||||
|
self.cursor.execute("DELETE FROM auth_session WHERE id = %s ; ", (r_session['id'],) )
|
||||||
|
loggorilla.prcss(APIADDR, "Giving response")
|
||||||
|
loggorilla.accss(APIADDR, "Expired. Your session removed." )
|
||||||
|
response["status" ] = "failed"
|
||||||
|
response["desc" ] = "Expired. Your session removed."
|
||||||
|
response["data" ] = {
|
||||||
|
"valid" :{
|
||||||
|
"status" : 0,
|
||||||
|
"desc" : "expired"
|
||||||
|
},
|
||||||
|
"session" : r_session,
|
||||||
|
"profile" : r_profile
|
||||||
|
}
|
||||||
|
elif r_profile["count"] == 0:
|
||||||
|
loggorilla.prcss(APIADDR, "Giving response")
|
||||||
|
loggorilla.accss(APIADDR, "No active account for this" )
|
||||||
|
response["status" ] = "failed"
|
||||||
|
response["desc" ] = "No active account for this"
|
||||||
|
response["data" ] = {
|
||||||
|
"message" : "Please contact us if you still had a problem",
|
||||||
|
"valid" :{
|
||||||
|
"status" : 0,
|
||||||
|
"desc" : "forbidden"
|
||||||
|
},
|
||||||
|
"session" : r_session,
|
||||||
|
"profile" : r_profile
|
||||||
|
}
|
||||||
|
elif any(role in allowed_roles for role in r_profile['roles']):
|
||||||
|
loggorilla.prcss(APIADDR, "Giving response")
|
||||||
|
response["status" ] = "success"
|
||||||
|
response["desc" ] = "User roles authorized"
|
||||||
|
response["data" ] = {
|
||||||
|
"valid" :{
|
||||||
|
"status" : 1,
|
||||||
|
"desc" : "authorized"
|
||||||
|
},
|
||||||
|
"session" : r_session,
|
||||||
|
"profile" : r_profile
|
||||||
|
}
|
||||||
|
else:
|
||||||
|
loggorilla.prcss(APIADDR, "Giving response")
|
||||||
|
loggorilla.accss(APIADDR, "User roles unauthorized" )
|
||||||
|
response["status" ] = "failed"
|
||||||
|
response["desc" ] = "User roles unauthorized"
|
||||||
|
response["data" ] = {
|
||||||
|
"valid" :{
|
||||||
|
"status" : 0,
|
||||||
|
"desc" : "unauthorized"
|
||||||
|
},
|
||||||
|
"session" : r_session,
|
||||||
|
"profile" : r_profile
|
||||||
|
}
|
||||||
|
except Exception as e:
|
||||||
|
loggorilla.error(APIADDR, str(e) )
|
||||||
|
response["status" ] = "failed"
|
||||||
|
response["desc" ] = "Internal Server Error. Please contact us if you still have an error. for detail"
|
||||||
|
finally:
|
||||||
|
self.cursor.close()
|
||||||
|
self.db_main.close()
|
||||||
|
|
||||||
|
return response
|
@ -1,120 +0,0 @@
|
|||||||
import mysql.connector as mariadb
|
|
||||||
import datetime
|
|
||||||
from bottle import request
|
|
||||||
from config import database, globalvar
|
|
||||||
from scripts import loggorilla, tokenguard
|
|
||||||
|
|
||||||
class validation():
|
|
||||||
|
|
||||||
def __init__(self):
|
|
||||||
pass
|
|
||||||
|
|
||||||
def account(self, APIADDR, allowed_roles):
|
|
||||||
response = {}
|
|
||||||
try:
|
|
||||||
loggorilla.prcss(APIADDR, "Define parameters")
|
|
||||||
beaker_session = request.environ.get('beaker.session')
|
|
||||||
jwt = beaker_session["token"] if "token" in beaker_session else None
|
|
||||||
if jwt is None:
|
|
||||||
loggorilla.fyinf(APIADDR, "Guest")
|
|
||||||
r_session = {}
|
|
||||||
r_profile = {
|
|
||||||
"username" :None,
|
|
||||||
"email" :None,
|
|
||||||
"phone" :None,
|
|
||||||
"roles" :[0]
|
|
||||||
}
|
|
||||||
else:
|
|
||||||
loggorilla.fyinf(APIADDR, "With JWT")
|
|
||||||
|
|
||||||
loggorilla.prcss(APIADDR, "Get JWT payload data")
|
|
||||||
payload = tokenguard.decode(jwt, globalvar.ssh['key']['public'])
|
|
||||||
|
|
||||||
loggorilla.prcss(APIADDR, "Get dependency data")
|
|
||||||
db_main = mariadb.connect(**database.db_main)
|
|
||||||
cursor = db_main.cursor(dictionary=True)
|
|
||||||
|
|
||||||
cursor.execute(f"SELECT * FROM auth_session WHERE id = %s ; ", (payload["session"]["id"],) )
|
|
||||||
r_session = cursor.fetchone()
|
|
||||||
|
|
||||||
cursor.execute(f"SELECT COUNT(*) AS `count`, auth_profile.* FROM auth_profile_verification LEFT JOIN auth_profile ON auth_profile.id = auth_profile_verification.auth_profile WHERE auth_profile.token = %s AND auth_profile_verification.type = 'email' AND auth_profile_verification.verified = 1 ; ", (r_session['token'],) )
|
|
||||||
r_profile = cursor.fetchone()
|
|
||||||
|
|
||||||
cursor.execute(f"SELECT auth_roles FROM auth_profile_roles WHERE auth_profile = %s ; ", (r_profile['id'],) )
|
|
||||||
r_roles = cursor.fetchall()
|
|
||||||
r_profile['roles'] = r_roles['auth_roles']
|
|
||||||
|
|
||||||
cursor.close()
|
|
||||||
db_main.close()
|
|
||||||
|
|
||||||
loggorilla.prcss(APIADDR, "Validation")
|
|
||||||
if 0 not in r_profile['roles'] and datetime.datetime.now() > r_session['end']:
|
|
||||||
loggorilla.prcss(APIADDR, "Deleting")
|
|
||||||
self.cursor.execute("DELETE FROM auth_session WHERE id = %s ; ", (r_session['id'],) )
|
|
||||||
loggorilla.prcss(APIADDR, "Giving response")
|
|
||||||
loggorilla.accss(APIADDR, "Expired. Your session removed." )
|
|
||||||
loggorilla.accss(APIADDR, f"Session: {r_session}" )
|
|
||||||
loggorilla.accss(APIADDR, f"Profile: {r_profile}" )
|
|
||||||
response["status" ] = "failed"
|
|
||||||
response["desc" ] = "Expired. Your session removed."
|
|
||||||
response["data" ] = {
|
|
||||||
"valid" :{
|
|
||||||
"status" : 0,
|
|
||||||
"desc" : "expired"
|
|
||||||
},
|
|
||||||
"session" : r_session,
|
|
||||||
"profile" : r_profile
|
|
||||||
}
|
|
||||||
redirect('/logout?msg=expired')
|
|
||||||
elif 0 not in r_profile['roles'] and r_profile["count"] == 0:
|
|
||||||
loggorilla.prcss(APIADDR, "Giving response")
|
|
||||||
loggorilla.accss(APIADDR, "No active account for this" )
|
|
||||||
loggorilla.accss(APIADDR, f"Session: {r_session}" )
|
|
||||||
loggorilla.accss(APIADDR, f"Profile: {r_profile}" )
|
|
||||||
response["status" ] = "failed"
|
|
||||||
response["desc" ] = "No active account for this"
|
|
||||||
response["data" ] = {
|
|
||||||
"message" : "Please contact us if you still had a problem",
|
|
||||||
"valid" :{
|
|
||||||
"status" : 0,
|
|
||||||
"desc" : "fake"
|
|
||||||
},
|
|
||||||
"session" : r_session,
|
|
||||||
"profile" : r_profile
|
|
||||||
}
|
|
||||||
abort(403, "Please contact us if you still had a problem.") # 403 Forbidden
|
|
||||||
elif any(role in allowed_roles for role in r_profile['roles']):
|
|
||||||
loggorilla.prcss(APIADDR, "Giving response")
|
|
||||||
loggorilla.accss(APIADDR, "User roles authorized" )
|
|
||||||
response["status" ] = "success"
|
|
||||||
response["desc" ] = "User roles authorized"
|
|
||||||
response["data" ] = {
|
|
||||||
"valid" :{
|
|
||||||
"status" : 1,
|
|
||||||
"desc" : "authorized"
|
|
||||||
},
|
|
||||||
"session" : r_session,
|
|
||||||
"profile" : r_profile
|
|
||||||
}
|
|
||||||
return response
|
|
||||||
else:
|
|
||||||
loggorilla.prcss(APIADDR, "Giving response")
|
|
||||||
loggorilla.accss(APIADDR, "User roles unauthorized" )
|
|
||||||
loggorilla.accss(APIADDR, f"Session: {r_session}" )
|
|
||||||
loggorilla.accss(APIADDR, f"Profile: {r_profile}" )
|
|
||||||
response["status" ] = "failed"
|
|
||||||
response["desc" ] = "User roles unauthorized"
|
|
||||||
response["data" ] = {
|
|
||||||
"valid" :{
|
|
||||||
"status" : 0,
|
|
||||||
"desc" : "unauthorized"
|
|
||||||
},
|
|
||||||
"session" : r_session,
|
|
||||||
"profile" : r_profile
|
|
||||||
}
|
|
||||||
abort(401, "User roles unauthorized") # 401 Unauthorized
|
|
||||||
except Exception as e:
|
|
||||||
loggorilla.error(APIADDR, str(e) )
|
|
||||||
response["status" ] = "failed"
|
|
||||||
response["desc" ] = "Internal Server Error. Please contact us if you still have an error."
|
|
||||||
return response
|
|
Loading…
Reference in New Issue
Block a user