From d387684a782dcd15065c701fbbcc9fd9d2770eaf Mon Sep 17 00:00:00 2001
From: Caozhenhui <823914102@qq.com>
Date: Mon, 13 Dec 2021 20:15:41 +0800
Subject: [PATCH 1/5] lock user
---
admin/app/api.js | 2 +-
.../controllers/users/user/user.controller.js | 35 +++++++
admin/app/services/users/user/user.service.js | 8 ++
admin/app/translations.js | 5 +
admin/views/users/user/user.html | 1 +
myems-api/app.py | 2 +
myems-api/core/user.py | 93 ++++++++++++++++++-
7 files changed, 141 insertions(+), 5 deletions(-)
diff --git a/admin/app/api.js b/admin/app/api.js
index 89aa9e28..ae9f7569 100644
--- a/admin/app/api.js
+++ b/admin/app/api.js
@@ -1,6 +1,6 @@
//Switch Classes Function
function getAPI(){
- //return "http://127.0.0.1:8000/";
+ // return "http://127.0.0.1:8000/";
// to avoid CORS issue, use Nginx to proxy myems-api to path /api with the same ip and port as myems-web
return window.location.protocol+"//"+window.location.hostname+":"+window.location.port+"/api/";
}
diff --git a/admin/app/controllers/users/user/user.controller.js b/admin/app/controllers/users/user/user.controller.js
index 71063a83..a062907d 100644
--- a/admin/app/controllers/users/user/user.controller.js
+++ b/admin/app/controllers/users/user/user.controller.js
@@ -186,6 +186,41 @@ app.controller('UserController', function ($scope,
});
};
+ $scope.unlockUser = function (user){
+ SweetAlert.swal({
+ title: $translate.instant("SWEET.UNLOCK_TITLE"),
+ type: "warning",
+ showCancelButton: true,
+ confirmButtonColor: "#DD6B55",
+ confirmButtonText: $translate.instant("SWEET.UNLOCK_CONFIRM_BUTTON_TEXT"),
+ cancelButtonText: $translate.instant("SWEET.CANCEL_BUTTON_TEXT"),
+ closeOnConfirm: true,
+ closeOnCancel: true
+ },function (isConfirm) {
+ if (isConfirm) {
+ let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token };
+ UserService.unlockUser(user, headers, function (response) {
+ if (angular.isDefined(response.status) && response.status === 200) {
+ toaster.pop({
+ type: "success",
+ title: $translate.instant("TOASTER.SUCCESS_TITLE"),
+ body: $translate.instant("TOASTER.SUCCESS_UNLOCK_BODY", { template: $translate.instant("SETTING.USER") }),
+ showCloseButton: true,
+ });
+ $scope.getAllUsers();
+ } else {
+ toaster.pop({
+ type: "error",
+ title: $translate.instant("TOASTER.ERROR_UNLOCK_BODY", { template: $translate.instant("SETTING.USER") }),
+ body: $translate.instant(response.data.description),
+ showCloseButton: true,
+ });
+ }
+ });
+ }
+ });
+ };
+
$scope.getAllUsers();
$scope.getAllPrivileges();
diff --git a/admin/app/services/users/user/user.service.js b/admin/app/services/users/user/user.service.js
index 29d39962..be8b2c02 100644
--- a/admin/app/services/users/user/user.service.js
+++ b/admin/app/services/users/user/user.service.js
@@ -64,6 +64,14 @@ app.factory('UserService', function($http) {
}, function (response) {
callback(response);
});
+ },
+ unlockUser: function(user, headers, callback){
+ $http.put(getAPI()+'users/unlock/'+ user.id, {user}, {headers})
+ .then(function (response) {
+ callback(response);
+ }, function (response) {
+ callback(response);
+ });
}
};
});
\ No newline at end of file
diff --git a/admin/app/translations.js b/admin/app/translations.js
index 5251e020..61e516c9 100644
--- a/admin/app/translations.js
+++ b/admin/app/translations.js
@@ -1107,6 +1107,7 @@ function config($translateProvider) {
BIND_PROPERTY: '绑定属性',
EDIT: '修改',
DELETE: '删除',
+ UNLOCK: '解锁',
SELECT: '选择',
RESET: '重置',
SAVE: '保存',
@@ -1544,9 +1545,11 @@ function config($translateProvider) {
SUCCESS_ADD_BODY: '添加 {{template}} 成功',
SUCCESS_UPDATE_BODY: '更新 {{template}} 成功',
SUCCESS_DELETE_BODY: '删除 {{template}} 成功',
+ SUCCESS_UNLOCK_BODY: '解锁 {{template}} 成功',
ERROR_ADD_BODY: '添加 {{template}} 失败',
ERROR_UPDATE_BODY: '更新 {{template}} 失败',
ERROR_DELETE_BODY: '删除 {{template}} 失败',
+ ERROR_UNLOCK_BODY: '解锁 {{template}} 失败',
USER_PASSWORD: '用户密码',
BIND_METER_SUCCESS: '绑定计量表成功',
@@ -1573,6 +1576,8 @@ function config($translateProvider) {
TEXT: '删除该条也会删除所有与其相关数据!',
CONFIRM_BUTTON_TEXT: '确认删除',
CANCEL_BUTTON_TEXT: '取消',
+ UNLOCK_TITLE: '请确认是否解锁该用户登录权限',
+ UNLOCK_CONFIRM_BUTTON_TEXT: '确认解锁'
},
API: {
ADMINISTRATOR_SESSION_NOT_FOUND: 'Administrator Session Not Found',
diff --git a/admin/views/users/user/user.html b/admin/views/users/user/user.html
index 9ea9b675..41c399bc 100644
--- a/admin/views/users/user/user.html
+++ b/admin/views/users/user/user.html
@@ -36,6 +36,7 @@
{{'SETTING.EDIT' | translate}}
{{'USER.RESET_PASSWORD' | translate}}
{{'SETTING.DELETE' | translate}}
+ {{'SETTING.UNLOCK' | translate}}
diff --git a/myems-api/app.py b/myems-api/app.py
index abadcf81..a6bf2b8e 100644
--- a/myems-api/app.py
+++ b/myems-api/app.py
@@ -464,6 +464,8 @@ api.add_route('/users/resetpassword',
user.ResetPassword())
api.add_route('/users/changepassword',
user.ChangePassword())
+api.add_route('/users/unlock/{id_}',
+ user.Unlock())
api.add_route('/virtualmeters',
virtualmeter.VirtualMeterCollection())
diff --git a/myems-api/core/user.py b/myems-api/core/user.py
index 8c8fd9f5..c95a409e 100644
--- a/myems-api/core/user.py
+++ b/myems-api/core/user.py
@@ -444,7 +444,7 @@ class UserLogin:
description='API.INVALID_USER_NAME')
query = (" SELECT id, name, uuid, display_name, email, salt, password, is_admin, "
- " account_expiration_datetime_utc, password_expiration_datetime_utc "
+ " account_expiration_datetime_utc, password_expiration_datetime_utc, login_counter "
" FROM tbl_users "
" WHERE name = %s ")
cursor.execute(query, (str.strip(new_values['data']['name']).lower(),))
@@ -463,7 +463,8 @@ class UserLogin:
"password": row[6],
"is_admin": True if row[7] else False,
"account_expiration_datetime_utc": row[8],
- "password_expiration_datetime_utc": row[9]}
+ "password_expiration_datetime_utc": row[9],
+ "login_counter": row[10]}
elif 'email' in new_values['data']:
if not isinstance(new_values['data']['email'], str) or \
@@ -472,7 +473,7 @@ class UserLogin:
description='API.INVALID_EMAIL')
query = (" SELECT id, name, uuid, display_name, email, salt, password, is_admin, "
- " account_expiration_datetime_utc, password_expiration_datetime_utc "
+ " account_expiration_datetime_utc, password_expiration_datetime_utc,login_counter "
" FROM tbl_users "
" WHERE email = %s ")
cursor.execute(query, (str.strip(new_values['data']['email']).lower(),))
@@ -491,18 +492,33 @@ class UserLogin:
"password": row[6],
"is_admin": True if row[7] else False,
"account_expiration_datetime_utc": row[8],
- "password_expiration_datetime_utc": row[9]}
+ "password_expiration_datetime_utc": row[9],
+ "login_counter": row[10]}
+
else:
cursor.close()
cnx.disconnect()
raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
description='API.INVALID_USER_NAME_OR_EMAIL')
+ login_counter = result['login_counter']
+
+ if login_counter >= 3:
+ cursor.close()
+ cnx.disconnect()
+ raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.USER_ACCOUNT_HAS_BEEN_LOCKED')
+
salt = result['salt']
password = str.strip(new_values['data']['password'])
hashed_password = hashlib.sha512(salt.encode() + password.encode()).hexdigest()
if hashed_password != result['password']:
+ update_login_counter = (" UPDATE tbl_users "
+ " SET login_counter = %s "
+ " WHERE uuid = %s ")
+ user_uuid = result['uuid']
+ cursor.execute(update_login_counter, (login_counter + 1, user_uuid))
+ cnx.commit()
cursor.close()
cnx.disconnect()
raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.INVALID_PASSWORD')
@@ -828,3 +844,72 @@ class ResetPassword:
resp.status = falcon.HTTP_200
write_log(user_uuid=admin_user_uuid, request_method='PUT', resource_type='ResetPassword',
resource_id=user_id, request_body=None)
+
+
+class Unlock:
+ @staticmethod
+ def __init__():
+ """Initializes Class"""
+ pass
+
+ @staticmethod
+ def on_options(req, resp):
+ resp.status = falcon.HTTP_200
+
+ @staticmethod
+ def on_put(req, resp, id_):
+ """Handles PUT requests"""
+ if 'USER-UUID' not in req.headers or \
+ not isinstance(req.headers['USER-UUID'], str) or \
+ len(str.strip(req.headers['USER-UUID'])) == 0:
+ raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
+ description='API.INVALID_USER_UUID')
+ admin_user_uuid = str.strip(req.headers['USER-UUID'])
+
+ if not id_.isdigit() or int(id_) <= 0:
+ raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
+ description='API.INVALID_USER_ID')
+
+ Id = id_
+
+ cnx = mysql.connector.connect(**config.myems_user_db)
+ cursor = cnx.cursor()
+
+ query = (" SELECT login_counter "
+ " FROM tbl_users "
+ " WHERE id = %s ")
+ cursor.execute(query, (Id,))
+ row = cursor.fetchone()
+ if row is None:
+ cursor.close()
+ cnx.disconnect()
+ raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.INVALID_Id')
+
+ login_counter = row[0]
+ if login_counter < 3:
+ cursor.close()
+ cnx.disconnect()
+ raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.USER_ACCOUNT_IS_NOT_LOCKED')
+
+ update_user = (" UPDATE tbl_users "
+ " SET login_counter = 0"
+ " WHERE id = %s ")
+ cursor.execute(update_user, (Id, ))
+ cnx.commit()
+
+ query = (" SELECT login_counter "
+ " FROM tbl_users "
+ " WHERE id = %s ")
+ cursor.execute(query, (Id,))
+ row = cursor.fetchone()
+ if row is None or row[0] != 0:
+ cursor.close()
+ cnx.disconnect()
+ raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.ACCOUNT_UNLOCK_FAILED')
+
+ cursor.close()
+ cnx.disconnect()
+ resp.text = json.dumps("OK")
+ resp.status = falcon.HTTP_200
+ write_log(user_uuid=admin_user_uuid, request_method='PUT', resource_type='UnlockUser',
+ resource_id=Id, request_body=None)
From 3810b0cf3078dca31d4d6516af88a890a5aa0bae Mon Sep 17 00:00:00 2001
From: Caozhenhui <823914102@qq.com>
Date: Wed, 15 Dec 2021 11:48:06 +0800
Subject: [PATCH 2/5] modified login_counter to failed_login_count
---
myems-api/core/user.py | 28 ++++++++++++++--------------
1 file changed, 14 insertions(+), 14 deletions(-)
diff --git a/myems-api/core/user.py b/myems-api/core/user.py
index c95a409e..69df28de 100644
--- a/myems-api/core/user.py
+++ b/myems-api/core/user.py
@@ -444,7 +444,7 @@ class UserLogin:
description='API.INVALID_USER_NAME')
query = (" SELECT id, name, uuid, display_name, email, salt, password, is_admin, "
- " account_expiration_datetime_utc, password_expiration_datetime_utc, login_counter "
+ " account_expiration_datetime_utc, password_expiration_datetime_utc, failed_login_count "
" FROM tbl_users "
" WHERE name = %s ")
cursor.execute(query, (str.strip(new_values['data']['name']).lower(),))
@@ -464,7 +464,7 @@ class UserLogin:
"is_admin": True if row[7] else False,
"account_expiration_datetime_utc": row[8],
"password_expiration_datetime_utc": row[9],
- "login_counter": row[10]}
+ "failed_login_count": row[10]}
elif 'email' in new_values['data']:
if not isinstance(new_values['data']['email'], str) or \
@@ -473,7 +473,7 @@ class UserLogin:
description='API.INVALID_EMAIL')
query = (" SELECT id, name, uuid, display_name, email, salt, password, is_admin, "
- " account_expiration_datetime_utc, password_expiration_datetime_utc,login_counter "
+ " account_expiration_datetime_utc, password_expiration_datetime_utc,failed_login_count "
" FROM tbl_users "
" WHERE email = %s ")
cursor.execute(query, (str.strip(new_values['data']['email']).lower(),))
@@ -493,7 +493,7 @@ class UserLogin:
"is_admin": True if row[7] else False,
"account_expiration_datetime_utc": row[8],
"password_expiration_datetime_utc": row[9],
- "login_counter": row[10]}
+ "failed_login_count": row[10]}
else:
cursor.close()
@@ -501,9 +501,9 @@ class UserLogin:
raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
description='API.INVALID_USER_NAME_OR_EMAIL')
- login_counter = result['login_counter']
+ failed_login_count = result['failed_login_count']
- if login_counter >= 3:
+ if failed_login_count >= 3:
cursor.close()
cnx.disconnect()
raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.USER_ACCOUNT_HAS_BEEN_LOCKED')
@@ -513,11 +513,11 @@ class UserLogin:
hashed_password = hashlib.sha512(salt.encode() + password.encode()).hexdigest()
if hashed_password != result['password']:
- update_login_counter = (" UPDATE tbl_users "
- " SET login_counter = %s "
+ update_failed_login_count = (" UPDATE tbl_users "
+ " SET failed_login_count = %s "
" WHERE uuid = %s ")
user_uuid = result['uuid']
- cursor.execute(update_login_counter, (login_counter + 1, user_uuid))
+ cursor.execute(update_failed_login_count, (failed_login_count + 1, user_uuid))
cnx.commit()
cursor.close()
cnx.disconnect()
@@ -875,7 +875,7 @@ class Unlock:
cnx = mysql.connector.connect(**config.myems_user_db)
cursor = cnx.cursor()
- query = (" SELECT login_counter "
+ query = (" SELECT failed_login_count "
" FROM tbl_users "
" WHERE id = %s ")
cursor.execute(query, (Id,))
@@ -885,19 +885,19 @@ class Unlock:
cnx.disconnect()
raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.INVALID_Id')
- login_counter = row[0]
- if login_counter < 3:
+ failed_login_count = row[0]
+ if failed_login_count < 3:
cursor.close()
cnx.disconnect()
raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.USER_ACCOUNT_IS_NOT_LOCKED')
update_user = (" UPDATE tbl_users "
- " SET login_counter = 0"
+ " SET failed_login_count = 0"
" WHERE id = %s ")
cursor.execute(update_user, (Id, ))
cnx.commit()
- query = (" SELECT login_counter "
+ query = (" SELECT failed_login_count "
" FROM tbl_users "
" WHERE id = %s ")
cursor.execute(query, (Id,))
From 747daab4cbd94a1d20fb86d7def7377d5ede233a Mon Sep 17 00:00:00 2001
From: Caozhenhui <823914102@qq.com>
Date: Wed, 15 Dec 2021 11:49:46 +0800
Subject: [PATCH 3/5] 2021/12/15 11:49
---
admin/app/api.js | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/admin/app/api.js b/admin/app/api.js
index ae9f7569..89aa9e28 100644
--- a/admin/app/api.js
+++ b/admin/app/api.js
@@ -1,6 +1,6 @@
//Switch Classes Function
function getAPI(){
- // return "http://127.0.0.1:8000/";
+ //return "http://127.0.0.1:8000/";
// to avoid CORS issue, use Nginx to proxy myems-api to path /api with the same ip and port as myems-web
return window.location.protocol+"//"+window.location.hostname+":"+window.location.port+"/api/";
}
From 83758854681c7be2c102dabc1de7df2a19d1f8d5 Mon Sep 17 00:00:00 2001
From: Caozhenhui <823914102@qq.com>
Date: Wed, 15 Dec 2021 14:40:13 +0800
Subject: [PATCH 4/5] If the login is successful, failed login count is cleared
---
admin/views/users/user/user.html | 2 +-
myems-api/core/user.py | 13 +++++++++++--
2 files changed, 12 insertions(+), 3 deletions(-)
diff --git a/admin/views/users/user/user.html b/admin/views/users/user/user.html
index 41c399bc..eae9dd2d 100644
--- a/admin/views/users/user/user.html
+++ b/admin/views/users/user/user.html
@@ -36,7 +36,7 @@
{{'SETTING.EDIT' | translate}}
{{'USER.RESET_PASSWORD' | translate}}
{{'SETTING.DELETE' | translate}}
- {{'SETTING.UNLOCK' | translate}}
+ {{'SETTING.UNLOCK' | translate}}
diff --git a/myems-api/core/user.py b/myems-api/core/user.py
index 69df28de..fae74f6a 100644
--- a/myems-api/core/user.py
+++ b/myems-api/core/user.py
@@ -27,7 +27,7 @@ class UserCollection:
cursor = cnx.cursor()
query = (" SELECT u.id, u.name, u.display_name, u.uuid, "
" u.email, u.is_admin, p.id, p.name, "
- " u.account_expiration_datetime_utc, u.password_expiration_datetime_utc "
+ " u.account_expiration_datetime_utc, u.password_expiration_datetime_utc, u.failed_login_count "
" FROM tbl_users u "
" LEFT JOIN tbl_privileges p ON u.privilege_id = p.id "
" ORDER BY u.name ")
@@ -59,7 +59,8 @@ class UserCollection:
"account_expiration_datetime":
account_expiration_datetime_local.strftime('%Y-%m-%dT%H:%M:%S'),
"password_expiration_datetime":
- password_expiration_datetime_local.strftime('%Y-%m-%dT%H:%M:%S')}
+ password_expiration_datetime_local.strftime('%Y-%m-%dT%H:%M:%S'),
+ "failed_login_count": row[10]}
result.append(meta_result)
resp.text = json.dumps(result)
@@ -523,6 +524,14 @@ class UserLogin:
cnx.disconnect()
raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.INVALID_PASSWORD')
+ if failed_login_count != 0:
+ update_failed_login_count = (" UPDATE tbl_users "
+ " SET failed_login_count = 0 "
+ " WHERE uuid = %s ")
+ user_uuid = result['uuid']
+ cursor.execute(update_failed_login_count, (user_uuid, ))
+ cnx.commit()
+
if result['account_expiration_datetime_utc'] <= datetime.utcnow():
cursor.close()
cnx.disconnect()
From 82a9735a776b9ac4d9353041ec3d306b4c6dd89c Mon Sep 17 00:00:00 2001
From: "13621160019@163.com" <13621160019@163.com>
Date: Thu, 16 Dec 2021 21:57:16 +0800
Subject: [PATCH 5/5] added maximum_failed_login_count to config in api
---
myems-api/config.py | 163 ++++++++++++++---------------------------
myems-api/core/user.py | 8 +-
2 files changed, 57 insertions(+), 114 deletions(-)
diff --git a/myems-api/config.py b/myems-api/config.py
index 29b019ae..3a9bb99b 100644
--- a/myems-api/config.py
+++ b/myems-api/config.py
@@ -1,154 +1,97 @@
from decouple import config
-MYEMS_SYSTEM_DB_HOST = config('MYEMS_SYSTEM_DB_HOST', default='127.0.0.1')
-MYEMS_SYSTEM_DB_PORT = config('MYEMS_SYSTEM_DB_PORT', default=3306, cast=int)
-MYEMS_SYSTEM_DB_DATABASE = config('MYEMS_SYSTEM_DB_DATABASE', default='myems_system_db')
-MYEMS_SYSTEM_DB_USER = config('MYEMS_SYSTEM_DB_USER', default='root')
-MYEMS_SYSTEM_DB_PASSWORD = config('MYEMS_SYSTEM_DB_PASSWORD', default='!MyEMS1')
-
-MYEMS_ENERGY_DB_HOST = config('MYEMS_ENERGY_DB_HOST', default='127.0.0.1')
-MYEMS_ENERGY_DB_PORT = config('MYEMS_ENERGY_DB_PORT', default=3306, cast=int)
-MYEMS_ENERGY_DB_DATABASE = config('MYEMS_ENERGY_DB_DATABASE', default='myems_energy_db')
-MYEMS_ENERGY_DB_USER = config('MYEMS_ENERGY_DB_USER', default='root')
-MYEMS_ENERGY_DB_PASSWORD = config('MYEMS_ENERGY_DB_PASSWORD', default='!MyEMS1')
-
-MYEMS_ENERGY_BASELINE_DB_HOST = config('MYEMS_ENERGY_BASELINE_DB_HOST', default='127.0.0.1')
-MYEMS_ENERGY_BASELINE_DB_PORT = config('MYEMS_ENERGY_BASELINE_DB_PORT', default=3306, cast=int)
-MYEMS_ENERGY_BASELINE_DB_DATABASE = config('MYEMS_ENERGY_BASELINE_DB_DATABASE', default='myems_energy_baseline_db')
-MYEMS_ENERGY_BASELINE_DB_USER = config('MYEMS_ENERGY_BASELINE_DB_USER', default='root')
-MYEMS_ENERGY_BASELINE_DB_PASSWORD = config('MYEMS_ENERGY_BASELINE_DB_PASSWORD', default='!MyEMS1')
-
-MYEMS_BILLING_DB_HOST = config('MYEMS_BILLING_DB_HOST', default='127.0.0.1')
-MYEMS_BILLING_DB_PORT = config('MYEMS_BILLING_DB_PORT', default=3306, cast=int)
-MYEMS_BILLING_DB_DATABASE = config('MYEMS_BILLING_DB_DATABASE', default='myems_billing_db')
-MYEMS_BILLING_DB_USER = config('MYEMS_BILLING_DB_USER', default='root')
-MYEMS_BILLING_DB_PASSWORD = config('MYEMS_BILLING_DB_PASSWORD', default='!MyEMS1')
-
-MYEMS_BILLING_BASELINE_DB_HOST = config('MYEMS_BILLING_BASELINE_DB_HOST', default='127.0.0.1')
-MYEMS_BILLING_BASELINE_DB_PORT = config('MYEMS_BILLING_BASELINE_DB_PORT', default=3306, cast=int)
-MYEMS_BILLING_BASELINE_DB_DATABASE = config('MYEMS_BILLING_BASELINE_DB_DATABASE', default='myems_billing_baseline_db')
-MYEMS_BILLING_BASELINE_DB_USER = config('MYEMS_BILLING_BASELINE_DB_USER', default='root')
-MYEMS_BILLING_BASELINE_DB_PASSWORD = config('MYEMS_BILLING_BASELINE_DB_PASSWORD', default='!MyEMS1')
-
-MYEMS_HISTORICAL_DB_HOST = config('MYEMS_HISTORICAL_DB_HOST', default='127.0.0.1')
-MYEMS_HISTORICAL_DB_PORT = config('MYEMS_HISTORICAL_DB_PORT', default=3306, cast=int)
-MYEMS_HISTORICAL_DB_DATABASE = config('MYEMS_HISTORICAL_DB_DATABASE', default='myems_historical_db')
-MYEMS_HISTORICAL_DB_USER = config('MYEMS_HISTORICAL_DB_USER', default='root')
-MYEMS_HISTORICAL_DB_PASSWORD = config('MYEMS_HISTORICAL_DB_PASSWORD', default='!MyEMS1')
-
-MYEMS_USER_DB_HOST = config('MYEMS_USER_DB_HOST', default='127.0.0.1')
-MYEMS_USER_DB_PORT = config('MYEMS_USER_DB_PORT', default=3306, cast=int)
-MYEMS_USER_DB_DATABASE = config('MYEMS_USER_DB_DATABASE', default='myems_user_db')
-MYEMS_USER_DB_USER = config('MYEMS_USER_DB_USER', default='root')
-MYEMS_USER_DB_PASSWORD = config('MYEMS_USER_DB_PASSWORD', default='!MyEMS1')
-
-MYEMS_FDD_DB_HOST = config('MYEMS_FDD_DB_HOST', default='127.0.0.1')
-MYEMS_FDD_DB_PORT = config('MYEMS_FDD_DB_PORT', default=3306, cast=int)
-MYEMS_FDD_DB_DATABASE = config('MYEMS_FDD_DB_DATABASE', default='myems_fdd_db')
-MYEMS_FDD_DB_USER = config('MYEMS_FDD_DB_USER', default='root')
-MYEMS_FDD_DB_PASSWORD = config('MYEMS_FDD_DB_PASSWORD', default='!MyEMS1')
-
-MYEMS_REPORTING_DB_HOST = config('MYEMS_REPORTING_DB_HOST', default='127.0.0.1')
-MYEMS_REPORTING_DB_PORT = config('MYEMS_REPORTING_DB_PORT', default=3306, cast=int)
-MYEMS_REPORTING_DB_DATABASE = config('MYEMS_REPORTING_DB_DATABASE', default='myems_reporting_db')
-MYEMS_REPORTING_DB_USER = config('MYEMS_REPORTING_DB_USER', default='root')
-MYEMS_REPORTING_DB_PASSWORD = config('MYEMS_REPORTING_DB_PASSWORD', default='!MyEMS1')
-
-MINUTES_TO_COUNT = config('MINUTES_TO_COUNT', default=60, cast=int)
-UTC_OFFSET = config('UTC_OFFSET', default='+08:00')
-WORKING_DAY_START_TIME_LOCAL = config('WORKING_DAY_START_TIME_LOCAL', default='00:00:00')
-UPLOAD_PATH = config('UPLOAD_PATH', default='/var/www/html/admin/upload/')
-CURRENCY_UNIT = config('CURRENCY_UNIT', default='CNY')
-
myems_system_db = {
- 'host': MYEMS_SYSTEM_DB_HOST,
- 'port': MYEMS_SYSTEM_DB_PORT,
- 'database': MYEMS_SYSTEM_DB_DATABASE,
- 'user': MYEMS_SYSTEM_DB_USER,
- 'password': MYEMS_SYSTEM_DB_PASSWORD,
+ 'host': config('MYEMS_SYSTEM_DB_HOST', default='127.0.0.1'),
+ 'port': config('MYEMS_SYSTEM_DB_PORT', default=3306, cast=int),
+ 'database': config('MYEMS_SYSTEM_DB_DATABASE', default='myems_system_db'),
+ 'user': config('MYEMS_SYSTEM_DB_USER', default='root'),
+ 'password': config('MYEMS_SYSTEM_DB_PASSWORD', default='!MyEMS1'),
}
myems_energy_db = {
- 'host': MYEMS_ENERGY_DB_HOST,
- 'port': MYEMS_ENERGY_DB_PORT,
- 'database': MYEMS_ENERGY_DB_DATABASE,
- 'user': MYEMS_ENERGY_DB_USER,
- 'password': MYEMS_ENERGY_DB_PASSWORD,
+ 'host': config('MYEMS_ENERGY_DB_HOST', default='127.0.0.1'),
+ 'port': config('MYEMS_ENERGY_DB_PORT', default=3306, cast=int),
+ 'database': config('MYEMS_ENERGY_DB_DATABASE', default='myems_energy_db'),
+ 'user': config('MYEMS_ENERGY_DB_USER', default='root'),
+ 'password': config('MYEMS_ENERGY_DB_PASSWORD', default='!MyEMS1'),
}
myems_energy_baseline_db = {
- 'host': MYEMS_ENERGY_BASELINE_DB_HOST,
- 'port': MYEMS_ENERGY_BASELINE_DB_PORT,
- 'database': MYEMS_ENERGY_BASELINE_DB_DATABASE,
- 'user': MYEMS_ENERGY_BASELINE_DB_USER,
- 'password': MYEMS_ENERGY_BASELINE_DB_PASSWORD,
+ 'host': config('MYEMS_ENERGY_BASELINE_DB_HOST', default='127.0.0.1'),
+ 'port': config('MYEMS_ENERGY_BASELINE_DB_PORT', default=3306, cast=int),
+ 'database': config('MYEMS_ENERGY_BASELINE_DB_DATABASE', default='myems_energy_baseline_db'),
+ 'user': config('MYEMS_ENERGY_BASELINE_DB_USER', default='root'),
+ 'password': config('MYEMS_ENERGY_BASELINE_DB_PASSWORD', default='!MyEMS1'),
}
myems_billing_db = {
- 'host': MYEMS_BILLING_DB_HOST,
- 'port': MYEMS_BILLING_DB_PORT,
- 'database': MYEMS_BILLING_DB_DATABASE,
- 'user': MYEMS_BILLING_DB_USER,
- 'password': MYEMS_BILLING_DB_PASSWORD,
+ 'host': config('MYEMS_BILLING_DB_HOST', default='127.0.0.1'),
+ 'port': config('MYEMS_BILLING_DB_PORT', default=3306, cast=int),
+ 'database': config('MYEMS_BILLING_DB_DATABASE', default='myems_billing_db'),
+ 'user': config('MYEMS_BILLING_DB_USER', default='root'),
+ 'password': config('MYEMS_BILLING_DB_PASSWORD', default='!MyEMS1'),
}
myems_billing_baseline_db = {
- 'host': MYEMS_BILLING_BASELINE_DB_HOST,
- 'port': MYEMS_BILLING_BASELINE_DB_PORT,
- 'database': MYEMS_BILLING_BASELINE_DB_DATABASE,
- 'user': MYEMS_BILLING_BASELINE_DB_USER,
- 'password': MYEMS_BILLING_BASELINE_DB_PASSWORD,
+ 'host': config('MYEMS_BILLING_BASELINE_DB_HOST', default='127.0.0.1'),
+ 'port': config('MYEMS_BILLING_BASELINE_DB_PORT', default=3306, cast=int),
+ 'database': config('MYEMS_BILLING_BASELINE_DB_DATABASE', default='myems_billing_baseline_db'),
+ 'user': config('MYEMS_BILLING_BASELINE_DB_USER', default='root'),
+ 'password': config('MYEMS_BILLING_BASELINE_DB_PASSWORD', default='!MyEMS1'),
}
myems_historical_db = {
- 'host': MYEMS_HISTORICAL_DB_HOST,
- 'port': MYEMS_HISTORICAL_DB_PORT,
- 'database': MYEMS_HISTORICAL_DB_DATABASE,
- 'user': MYEMS_HISTORICAL_DB_USER,
- 'password': MYEMS_HISTORICAL_DB_PASSWORD,
+ 'host': config('MYEMS_HISTORICAL_DB_HOST', default='127.0.0.1'),
+ 'port': config('MYEMS_HISTORICAL_DB_PORT', default=3306, cast=int),
+ 'database': config('MYEMS_HISTORICAL_DB_DATABASE', default='myems_historical_db'),
+ 'user': config('MYEMS_HISTORICAL_DB_USER', default='root'),
+ 'password': config('MYEMS_HISTORICAL_DB_PASSWORD', default='!MyEMS1'),
}
myems_user_db = {
- 'host': MYEMS_USER_DB_HOST,
- 'port': MYEMS_USER_DB_PORT,
- 'database': MYEMS_USER_DB_DATABASE,
- 'user': MYEMS_USER_DB_USER,
- 'password': MYEMS_USER_DB_PASSWORD,
+ 'host': config('MYEMS_USER_DB_HOST', default='127.0.0.1'),
+ 'port': config('MYEMS_USER_DB_PORT', default=3306, cast=int),
+ 'database': config('MYEMS_USER_DB_DATABASE', default='myems_user_db'),
+ 'user': config('MYEMS_USER_DB_USER', default='root'),
+ 'password': config('MYEMS_USER_DB_PASSWORD', default='!MyEMS1'),
}
myems_fdd_db = {
- 'host': MYEMS_FDD_DB_HOST,
- 'port': MYEMS_FDD_DB_PORT,
- 'database': MYEMS_FDD_DB_DATABASE,
- 'user': MYEMS_FDD_DB_USER,
- 'password': MYEMS_FDD_DB_PASSWORD,
+ 'host': config('MYEMS_FDD_DB_HOST', default='127.0.0.1'),
+ 'port': config('MYEMS_FDD_DB_PORT', default=3306, cast=int),
+ 'database': config('MYEMS_FDD_DB_DATABASE', default='myems_fdd_db'),
+ 'user': config('MYEMS_FDD_DB_USER', default='root'),
+ 'password': config('MYEMS_FDD_DB_PASSWORD', default='!MyEMS1'),
}
myems_reporting_db = {
- 'host': MYEMS_REPORTING_DB_HOST,
- 'port': MYEMS_REPORTING_DB_PORT,
- 'database': MYEMS_REPORTING_DB_DATABASE,
- 'user': MYEMS_REPORTING_DB_USER,
- 'password': MYEMS_REPORTING_DB_PASSWORD,
+ 'host': config('MYEMS_REPORTING_DB_HOST', default='127.0.0.1'),
+ 'port': config('MYEMS_REPORTING_DB_PORT', default=3306, cast=int),
+ 'database': config('MYEMS_REPORTING_DB_DATABASE', default='myems_reporting_db'),
+ 'user': config('MYEMS_REPORTING_DB_USER', default='root'),
+ 'password': config('MYEMS_REPORTING_DB_PASSWORD', default='!MyEMS1'),
}
# indicated in how many minutes to calculate meter energy consumption
# 30 for half hourly period
# 60 for hourly period
-minutes_to_count = MINUTES_TO_COUNT
+minutes_to_count = config('MINUTES_TO_COUNT', default=60, cast=int)
# indicates the project's time zone offset from UTC
-utc_offset = UTC_OFFSET
+utc_offset = config('UTC_OFFSET', default='+08:00')
# indicates from when ( in local timezone) of the day to calculate working days
-working_day_start_time_local = WORKING_DAY_START_TIME_LOCAL
+working_day_start_time_local = config('WORKING_DAY_START_TIME_LOCAL', default='00:00:00')
# indicates where user uploaded files will be saved to
# must use the root folder of myems-admin web application
# for example if you serve myems-admin at /var/www/html/admin
# you should set the upload_path as below
-upload_path = UPLOAD_PATH
+upload_path = config('UPLOAD_PATH', default='/var/www/html/admin/upload/')
# main currency unit
-currency_unit = CURRENCY_UNIT
+currency_unit = config('CURRENCY_UNIT', default='CNY')
+
+# maximum failed login count, otherwise the user should be locked
+maximum_failed_login_count = config('MAXIMUM_FAILED_LOGIN_COUNT', default=6, cast=int)
diff --git a/myems-api/core/user.py b/myems-api/core/user.py
index fae74f6a..aefd2e83 100644
--- a/myems-api/core/user.py
+++ b/myems-api/core/user.py
@@ -504,7 +504,7 @@ class UserLogin:
failed_login_count = result['failed_login_count']
- if failed_login_count >= 3:
+ if failed_login_count >= config.maximum_failed_login_count:
cursor.close()
cnx.disconnect()
raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.USER_ACCOUNT_HAS_BEEN_LOCKED')
@@ -515,8 +515,8 @@ class UserLogin:
if hashed_password != result['password']:
update_failed_login_count = (" UPDATE tbl_users "
- " SET failed_login_count = %s "
- " WHERE uuid = %s ")
+ " SET failed_login_count = %s "
+ " WHERE uuid = %s ")
user_uuid = result['uuid']
cursor.execute(update_failed_login_count, (failed_login_count + 1, user_uuid))
cnx.commit()
@@ -895,7 +895,7 @@ class Unlock:
raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.INVALID_Id')
failed_login_count = row[0]
- if failed_login_count < 3:
+ if failed_login_count < config.maximum_failed_login_count:
cursor.close()
cnx.disconnect()
raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.USER_ACCOUNT_IS_NOT_LOCKED')