askomics / flaskomics / 6590008757

import traceback

import sys

from functools import wraps

from askomics.libaskomics.LocalAuth import LocalAuth

from flask import (Blueprint, current_app, jsonify, request, session, render_template)

auth_bp = Blueprint('auth', __name__, url_prefix='/')

def login_required(f):

    @wraps(f)

    def decorated_function(*args, **kwargs):

        if 'user' in session and not session['user'].get('fake', False):

            if not session['user']['blocked']:

                return f(*args, **kwargs)

            return jsonify({"error": True, "errorMessage": "Blocked account"}), 401

        return jsonify({"error": True, "errorMessage": "Login required"}), 401

    return decorated_function

def login_required_query(f):

    @wraps(f)

    def decorated_function(*args, **kwargs):

        if 'user' in session:

            if session['user'].get('fake', False) and not current_app.iniconfig.getboolean('askomics', 'anonymous_query', fallback=False):

            if not session['user']['blocked']:

                return f(*args, **kwargs)

        elif current_app.iniconfig.getboolean('askomics', 'anonymous_query', fallback=False):

            local_auth = LocalAuth(current_app, session)

            session['user'] = local_auth.get_anonymous_user()

            return f(*args, **kwargs)

        return jsonify({"error": True, "errorMessage": "Login required"}), 401

    return decorated_function

def api_auth(f):

    @wraps(f)

    def decorated_function(*args, **kwargs):

        if request.headers.get("X-API-KEY"):

            key = request.headers.get("X-API-KEY")

            local_auth = LocalAuth(current_app, session)

            authentication = local_auth.authenticate_user_with_apikey(key)

            if not authentication["error"]:

                session["user"] = authentication["user"]

        return f(*args, **kwargs)

    return decorated_function

def admin_required(f):

    @wraps(f)

    def decorated_function(*args, **kwargs):

        if 'user' in session:

            if session['user']['admin']:

                return f(*args, **kwargs)

            return jsonify({"error": True, "errorMessage": "Admin required"}), 401

        return jsonify({"error": True, "errorMessage": "Login required"}), 401

    return decorated_function

def local_required(f):

    @wraps(f)

    def decorated_function(*args, **kwargs):

        if "user" in session:

            current_app.logger.debug(session["user"])

            if not session["user"]["ldap"]:

                return f(*args, **kwargs)

            return jsonify({"error": True, "errorMessage": "Local user required"}), 401

        return jsonify({"error": True, "errorMessage": "Login required"}), 401

    return decorated_function

@auth_bp.route('/api/auth/signup', methods=['POST'])

def signup():

    if current_app.iniconfig.getboolean("askomics", "disable_account_creation"):

        return jsonify({

    user = {}

    data = request.get_json()

    if not data:

    local_auth = LocalAuth(current_app, session)

    local_auth.check_inputs(data)

    if not local_auth.get_error():

        user = local_auth.persist_user(data)

        local_auth.create_user_directories(user['id'], user['username'])

        session['user'] = user

    return jsonify({

@auth_bp.route('/api/auth/login', methods=['POST'])

def login():

    data = request.get_json()

    if not (data and data.get("login") and data.get("password")):

    local_auth = LocalAuth(current_app, session)

    authentication = local_auth.authenticate_user(data["login"], data["password"])

    user = {}

    if not authentication['error']:

        session['user'] = authentication['user']

        user = authentication['user']

    return jsonify({

@auth_bp.route('/loginapikey/<path:key>', methods=["GET"])

def login_api_key(key):

    local_auth = LocalAuth(current_app, session)

    authentication = local_auth.authenticate_user_with_apikey(key)

    if not authentication["error"]:

        session["user"] = authentication["user"]

        proxy_path = "/"

        try:

            proxy_path = current_app.iniconfig.get('askomics', 'reverse_proxy_path')

        except Exception:

            pass

        title = "AskOmics"

        try:

            subtitle = current_app.iniconfig.get('askomics', 'subtitle')

        except Exception:

            pass

        return render_template('index.html', title=title, proxy_path=proxy_path, redirect="/")

        return jsonify({

@auth_bp.route('/api/auth/profile', methods=['POST'])

@local_required

def update_profile():

    data = request.get_json()

    if not (data and any([key in data for key in ["newFname", "newLname", "newEmail"]])):

    local_auth = LocalAuth(current_app, session)

    updated_user = local_auth.update_profile(data, session['user'])

    session['user'] = updated_user['user']

    return jsonify({

@auth_bp.route('/api/auth/password', methods=['POST'])

@local_required

def update_password():

    data = request.get_json()

    if not (data and all([key in data for key in ["oldPassword", "newPassword", "confPassword"]])):

    local_auth = LocalAuth(current_app, session)

    updated_user = local_auth.update_password(data, session['user'])

    return jsonify({

@auth_bp.route('/api/auth/apikey', methods=['GET'])

@login_required

def update_apikey():

    local_auth = LocalAuth(current_app, session)

    updated_user = local_auth.update_apikey(session['user'])

    session['user'] = updated_user['user']

    return jsonify({

@auth_bp.route('/api/auth/galaxy', methods=['POST'])

def update_galaxy():

    data = request.get_json()

    if not (data and data.get("gurl") and data.get("gkey")):

    local_auth = LocalAuth(current_app, session)

    if session["user"]["galaxy"]:

        updated_user = local_auth.update_galaxy_account(session["user"], data["gurl"], data["gkey"])

        updated_user = local_auth.add_galaxy_account(session["user"], data["gurl"], data["gkey"])

    session["user"] = updated_user["user"]

    current_app.logger.debug(updated_user["user"])

    return jsonify({

@auth_bp.route('/api/auth/logout', methods=['GET'])

def logout():

    session.pop('user', None)

    current_app.logger.debug(session)

    return jsonify({'user': {}, 'logged': False})

@auth_bp.route("/api/auth/reset_password", methods=["POST"])

def reset_password():

    data = request.get_json()

    if not data:

    if "login" in data:

        try:

            local_auth = LocalAuth(current_app, session)

            local_auth.send_reset_link(data["login"])

        return jsonify({

    elif "token" in data and "password" not in data:

        try:

            local_auth = LocalAuth(current_app, session)

            result = local_auth.check_token(data["token"])

        return jsonify({

    elif all([key in data for key in ["token", "password", "passwordConf"]]):

        try:

            local_auth = LocalAuth(current_app, session)

            result = local_auth.reset_password_with_token(data["token"], data["password"], data["passwordConf"])

        return jsonify({

@auth_bp.route("/api/auth/delete_account", methods=["GET"])

@login_required

def delete_account():

    try:

        local_auth = LocalAuth(current_app, session)

        local_auth.delete_user_database(session["user"]["username"])

        session_dict = {'user': session['user']}

        current_app.celery.send_task('delete_users_data', (session_dict, [session["user"], ], True))

        session.pop('user', None)

    return jsonify({

@auth_bp.route("/api/auth/reset_account", methods=["GET"])

@login_required

def reset_account():

    try:

        local_auth = LocalAuth(current_app, session)

        local_auth.delete_user_database(session["user"]["username"], delete_user=False)

        session_dict = {'user': session['user']}

        current_app.celery.send_task('delete_users_data', (session_dict, [session["user"], ], False))

    return jsonify({