API module for accept invitation

bruno/Authsquare/Logout.bru

@@ -1,7 +1,7 @@
 meta {
   name: Logout
   type: http
-  seq: 9
+  seq: 10
 }
 
 post {

bruno/Authsquare/accept.bru

@@ -0,0 +1,22 @@
+meta {
+  name: accept
+  type: http
+  seq: 9
+}
+
+post {
+  url: http://localhost:11000/api/auth/accept
+  body: json
+  auth: none
+}
+
+headers {
+  Authorization: Bearer xx.xx.xx
+}
+
+body:json {
+  {
+    "username":null,
+    "password":"mypassword"
+  }
+}

handler.py

@@ -254,6 +254,22 @@ def index():
         print(str(e),flush=True)
         return json.dumps({}, indent = 2).encode()
 
+@app.route('/api/auth/accept', method=['OPTIONS', 'POST'])
+def index():
+    try:
+        if request.method == 'OPTIONS':
+            return None
+        else:
+            response.content_type = 'application/json'
+            params = request.json
+            params["mako"   ] = {
+                "email" : template_email.main(directory.page["email"], "message")
+            }
+            return json.dumps(api_auth.auth().accept(params), indent = 2).encode()
+    except Exception as e:
+        print(str(e),flush=True)
+        return json.dumps({}, indent = 2).encode()
+    
 @app.route('/api/auth/login', method=['OPTIONS', 'POST'])
 def index():
     try:

modules/api/auth.py

@@ -248,7 +248,7 @@ class auth:
             loggorilla.prcss(APIADDR, "Define parameters")
             roles 		= params["roles"	]
             email 		= params["email"	]
-            username 		= params["username"	]
+            username 		= params["username"	] # Optional
             password 		= params["password"	] # Admin should insert their password for send invitation confirmation
             loggorilla.prcss(APIADDR, "Extract the Authorization token from Header")
             auth_header 	= request.get_header('Authorization')
@@ -281,16 +281,16 @@ class auth:
                 loggorilla.prcss(APIADDR, "Giving response")
                 response["status"	] = "failed"
                 response["desc"		] = "Email already taken"
-            elif username != None and result_username["count"] >= 1:
+            elif username and result_username["count"] >= 1:
                 response["status"	] = "failed"
                 response["desc"		] = "username already taken"
-            elif username != None and not re.match(r'^\w+$', username):
+            elif username and not re.match(r'^\w+$', username):
                 response["status"	] = "failed"
                 response["desc"		] = "username can only use letters, numbers, and the underscore symbol"
-            elif username != None and len(username) > 35:
+            elif username and len(username) > 35:
                 response["status"	] = "failed"
                 response["desc"		] = "username can not longer than 35 character"
-            elif username != None and len(username) < 3:
+            elif username and len(username) < 3:
                 response["status"	] = "failed"
                 response["desc"		] = "username too short"
             else:
@@ -328,8 +328,85 @@ class auth:
             self.db_main.close()
         return response
         
-    def confirm(self, params):
-        pass
+    def accept(self, params):
+        APIADDR		= "/api/auth/accept"
+        response	= {}
+        allowed_roles	= [0,1,2,3]
+        allowed_grant 	= globalvar.allowed_grant
+        self.cursor.execute("BEGIN;")
+        try:
+            loggorilla.prcss(APIADDR, "Extract the parameters from Header")
+            auth_header 	= request.get_header('Authorization')
+            jwt 		= auth_header.split(' ')[1]
+            payload 		= tokenguard.decode(jwt, globalvar.ssh['key']['public'])
+            loggorilla.prcss(APIADDR, "Define header parameters")
+            expired 		= datetime.datetime.fromisoformat(payload['expired'])
+            roles 		= payload["roles"	]
+            email 		= payload["email"	]
+            loggorilla.prcss(APIADDR, "Define username with payload as priority")
+            username		= payload["username"	] or params["username"	]
+            loggorilla.prcss(APIADDR, "Define params parameters")
+            password 		= params["password"	]
+            loggorilla.prcss(APIADDR, "Get dependency data")
+            self.cursor.execute(f"SELECT COUNT(*) AS `count`, auth_profile.token, auth_profile.email FROM auth_profile_verification INNER JOIN auth_profile ON auth_profile.id = auth_profile_verification.profile WHERE auth_profile.email = %s AND auth_profile_verification.type = 'email' ; ", (email,) )
+            result_email = self.cursor.fetchone()
+            self.cursor.execute("SELECT COUNT(*) AS `count` FROM auth_profile WHERE username = %s ; ", (username,) )
+            result_username = self.cursor.fetchone()
+            loggorilla.prcss(APIADDR, "Validating")
+            if datetime.datetime.now() > expired:
+                loggorilla.prcss(APIADDR, "Giving response")
+                response["status"	] = "failed"
+                response["desc"		] = "Your invitation link is expired"
+            elif result_email["count"] > 0:
+                loggorilla.prcss(APIADDR, "Giving response")
+                response["status"	] = "failed"
+                response["desc"		] = "Email already taken"
+            elif result_username["count"] >= 1:
+                response["status"	] = "failed"
+                response["desc"		] = "username already taken"
+            elif not re.match(r'^\w+$', username):
+                response["status"	] = "failed"
+                response["desc"		] = "username can only use letters, numbers, and the underscore symbol"
+            elif len(username) > 35:
+                response["status"	] = "failed"
+                response["desc"		] = "username can not longer than 35 character"
+            elif len(username) < 3:
+                response["status"	] = "failed"
+                response["desc"		] = "username too short"
+            else:
+                loggorilla.prcss(APIADDR, "Process parameters")
+                hashed	= bcrypt.hashpw(password.encode(), bcrypt.gensalt()).decode()
+                token	= saltedkey.token(username, hashed)
+                loggorilla.prcss(APIADDR, "Inserting")
+                self.cursor.execute("INSERT INTO `auth` VALUES (%s, %s);", (token, hashed) )
+                self.cursor.execute("INSERT INTO `auth_profile` VALUES (DEFAULT, %s, %s, %s, NULL);", (token, username, email) )
+                auth_profile_lastrowid = self.cursor.lastrowid
+                self.cursor.execute("INSERT INTO `auth_profile_verification` VALUES (DEFAULT, %s, 'email', 1);", (auth_profile_lastrowid,) )
+                self.cursor.execute("INSERT INTO `auth_profile_roles` VALUES (DEFAULT, %s, %s);", (auth_profile_lastrowid, roles) )
+                loggorilla.prcss(APIADDR, "Sending email")
+                webmail_data 	= {
+                    "username"	: username,
+                    "email"	: email
+                }
+                result_webmail	= procedure_webmail.webmail().welcome(APIADDR, params, webmail_data)
+                self.smtpconfig['to'        ] = email
+                self.smtpconfig['subject'   ] = result_webmail['subject']
+                self.smtpconfig['text'      ] = result_webmail['text'	]
+                self.smtpconfig['html'      ] = result_webmail['html'	]
+                sendwave.smtp(self.smtpconfig)
+                loggorilla.prcss(APIADDR, "Giving response")
+                response["status"	] = "success"
+                response["desc"		] = "Congratulation. Your account is verified."
+        except Exception as e:
+            self.cursor.execute("ROLLBACK;")
+            loggorilla.error(APIADDR, str(e) )
+            response["status"	] = "failed"
+            response["desc"	] = "Internal Server Error. Please contact us if you still have an error."
+        finally:
+            self.cursor.execute("COMMIT;")
+            self.cursor.close()
+            self.db_main.close()
+        return response
 
     def grant(self, params):
         pass