FitTrackee/fittrackee/users/utils/controls.py

88 lines
2.4 KiB
Python
Raw Normal View History

2022-02-16 18:07:05 +01:00
import re
from typing import Optional, Tuple
from flask import Request
from fittrackee.responses import (
ForbiddenErrorResponse,
HttpResponse,
UnauthorizedErrorResponse,
)
from ..models import User
def is_valid_email(email: str) -> bool:
"""
Return if email format is valid
"""
if not email:
return False
2022-02-16 18:07:05 +01:00
mail_pattern = r"(^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$)"
return re.match(mail_pattern, email) is not None
def check_password(password: str) -> str:
2022-02-16 18:07:05 +01:00
"""
Verify if password have more than 8 characters
If not, it returns error message
2022-02-16 18:07:05 +01:00
"""
if len(password) < 8:
return 'password: 8 characters required\n'
return ''
2022-02-16 18:07:05 +01:00
def check_username(username: str) -> str:
"""
Return if username is valid
If not, it returns error messages
2022-02-16 18:07:05 +01:00
"""
ret = ''
if not (2 < len(username) < 31):
ret += 'username: 3 to 30 characters required\n'
2022-02-16 18:07:05 +01:00
if not re.match(r'^[a-zA-Z0-9_]+$', username):
ret += (
'username: only alphanumeric characters and the '
'underscore character "_" allowed\n'
)
return ret
def register_controls(username: str, email: str, password: str) -> str:
2022-02-16 18:07:05 +01:00
"""
Verify if username, email and passwords are valid
If not, it returns error messages
2022-02-16 18:07:05 +01:00
"""
ret = check_username(username)
if not is_valid_email(email):
ret += 'email: valid email must be provided\n'
ret += check_password(password)
2022-02-16 18:07:05 +01:00
return ret
def verify_user(
current_request: Request, verify_admin: bool
) -> Tuple[Optional[HttpResponse], Optional[User]]:
"""
2022-03-19 22:02:06 +01:00
Return authenticated user if
- the provided token is valid
- the user account is active
- the user has admin rights if 'verify_admin' is True
If not, it returns Error Response
2022-02-16 18:07:05 +01:00
"""
default_message = 'provide a valid auth token'
auth_header = current_request.headers.get('Authorization')
if not auth_header:
return UnauthorizedErrorResponse(default_message), None
auth_token = auth_header.split(' ')[1]
resp = User.decode_auth_token(auth_token)
if isinstance(resp, str):
return UnauthorizedErrorResponse(resp), None
user = User.query.filter_by(id=resp).first()
2022-03-19 22:02:06 +01:00
if not user or not user.is_active:
2022-02-16 18:07:05 +01:00
return UnauthorizedErrorResponse(default_message), None
if verify_admin and not user.admin:
return ForbiddenErrorResponse(), None
return None, user