seg_yinzy
/
myems
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'PR' into develop

pull/99/head
13621160019@163.com 2021-12-16 21:57:33 +08:00
parent d56f839e21 82a9735a77
commit 9af6a90a86
7 changed files with 204 additions and 116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
admin/app/controllers/users/user/user.controller.js
View File

@ -186,6 +186,41 @@ app.controller('UserController', function ($scope,
}); });
}; };
$scope.unlockUser = function (user){
SweetAlert.swal({
title: $translate.instant("SWEET.UNLOCK_TITLE"),
type: "warning",
showCancelButton: true,
confirmButtonColor: "#DD6B55",
confirmButtonText: $translate.instant("SWEET.UNLOCK_CONFIRM_BUTTON_TEXT"),
cancelButtonText: $translate.instant("SWEET.CANCEL_BUTTON_TEXT"),
closeOnConfirm: true,
closeOnCancel: true
},function (isConfirm) {
if (isConfirm) {
let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token };
UserService.unlockUser(user, headers, function (response) {
if (angular.isDefined(response.status) && response.status === 200) {
toaster.pop({
type: "success",
title: $translate.instant("TOASTER.SUCCESS_TITLE"),
body: $translate.instant("TOASTER.SUCCESS_UNLOCK_BODY", { template: $translate.instant("SETTING.USER") }),
showCloseButton: true,
});
$scope.getAllUsers();
} else {
toaster.pop({
type: "error",
title: $translate.instant("TOASTER.ERROR_UNLOCK_BODY", { template: $translate.instant("SETTING.USER") }),
body: $translate.instant(response.data.description),
showCloseButton: true,
});
}
});
}
});
};
$scope.getAllUsers(); $scope.getAllUsers();
$scope.getAllPrivileges(); $scope.getAllPrivileges();

8
admin/app/services/users/user/user.service.js
View File

@ -64,6 +64,14 @@ app.factory('UserService', function($http) {
}, function (response) { }, function (response) {
callback(response); callback(response);
}); });
},
unlockUser: function(user, headers, callback){
$http.put(getAPI()+'users/unlock/'+ user.id, {user}, {headers})
.then(function (response) {
callback(response);
}, function (response) {
callback(response);
});
} }
}; };
}); });

5
admin/app/translations.js
View File

@ -1107,6 +1107,7 @@ function config($translateProvider) {
BIND_PROPERTY: '绑定属性', BIND_PROPERTY: '绑定属性',
EDIT: '修改', EDIT: '修改',
DELETE: '删除', DELETE: '删除',
UNLOCK: '解锁',
SELECT: '选择', SELECT: '选择',
RESET: '重置', RESET: '重置',
SAVE: '保存', SAVE: '保存',
@ -1544,9 +1545,11 @@ function config($translateProvider) {
SUCCESS_ADD_BODY: '添加 {{template}} 成功', SUCCESS_ADD_BODY: '添加 {{template}} 成功',
SUCCESS_UPDATE_BODY: '更新 {{template}} 成功', SUCCESS_UPDATE_BODY: '更新 {{template}} 成功',
SUCCESS_DELETE_BODY: '删除 {{template}} 成功', SUCCESS_DELETE_BODY: '删除 {{template}} 成功',
SUCCESS_UNLOCK_BODY: '解锁 {{template}} 成功',
ERROR_ADD_BODY: '添加 {{template}} 失败', ERROR_ADD_BODY: '添加 {{template}} 失败',
ERROR_UPDATE_BODY: '更新 {{template}} 失败', ERROR_UPDATE_BODY: '更新 {{template}} 失败',
ERROR_DELETE_BODY: '删除 {{template}} 失败', ERROR_DELETE_BODY: '删除 {{template}} 失败',
ERROR_UNLOCK_BODY: '解锁 {{template}} 失败',
USER_PASSWORD: '用户密码', USER_PASSWORD: '用户密码',
BIND_METER_SUCCESS: '绑定计量表成功', BIND_METER_SUCCESS: '绑定计量表成功',
@ -1573,6 +1576,8 @@ function config($translateProvider) {
TEXT: '删除该条也会删除所有与其相关数据!', TEXT: '删除该条也会删除所有与其相关数据!',
CONFIRM_BUTTON_TEXT: '确认删除', CONFIRM_BUTTON_TEXT: '确认删除',
CANCEL_BUTTON_TEXT: '取消', CANCEL_BUTTON_TEXT: '取消',
UNLOCK_TITLE: '请确认是否解锁该用户登录权限',
UNLOCK_CONFIRM_BUTTON_TEXT: '确认解锁'
}, },
API: { API: {
ADMINISTRATOR_SESSION_NOT_FOUND: 'Administrator Session Not Found', ADMINISTRATOR_SESSION_NOT_FOUND: 'Administrator Session Not Found',

1
admin/views/users/user/user.html
View File

@ -36,6 +36,7 @@
<a class="btn btn-primary btn-rounded btn-xs" ng-click="editUser(user)" >{{'SETTING.EDIT' | translate}}</a> <a class="btn btn-primary btn-rounded btn-xs" ng-click="editUser(user)" >{{'SETTING.EDIT' | translate}}</a>
<a ng-hide="user.name=='administrator'" class="btn btn-info btn-rounded btn-xs" ng-click="resetPassword(user)" >{{'USER.RESET_PASSWORD' | translate}}</a> <a ng-hide="user.name=='administrator'" class="btn btn-info btn-rounded btn-xs" ng-click="resetPassword(user)" >{{'USER.RESET_PASSWORD' | translate}}</a>
<a ng-hide="user.name=='administrator'" ng-click="deleteUser(user)" class="btn btn-danger btn-rounded btn-xs" >{{'SETTING.DELETE' | translate}}</a> <a ng-hide="user.name=='administrator'" ng-click="deleteUser(user)" class="btn btn-danger btn-rounded btn-xs" >{{'SETTING.DELETE' | translate}}</a>
<a ng-hide="user.failed_login_count < 3" ng-click="unlockUser(user)" class="btn btn-danger btn-rounded btn-xs" >{{'SETTING.UNLOCK' | translate}}</a>
</td> </td>
</tr> </tr>
</tbody> </tbody>

2
myems-api/app.py
View File

@ -464,6 +464,8 @@ api.add_route('/users/resetpassword',
user.ResetPassword()) user.ResetPassword())
api.add_route('/users/changepassword', api.add_route('/users/changepassword',
user.ChangePassword()) user.ChangePassword())
api.add_route('/users/unlock/{id_}',
user.Unlock())
api.add_route('/virtualmeters', api.add_route('/virtualmeters',
virtualmeter.VirtualMeterCollection()) virtualmeter.VirtualMeterCollection())

163
myems-api/config.py
View File

@ -1,154 +1,97 @@
from decouple import config from decouple import config
MYEMS_SYSTEM_DB_HOST = config('MYEMS_SYSTEM_DB_HOST', default='127.0.0.1')
MYEMS_SYSTEM_DB_PORT = config('MYEMS_SYSTEM_DB_PORT', default=3306, cast=int)
MYEMS_SYSTEM_DB_DATABASE = config('MYEMS_SYSTEM_DB_DATABASE', default='myems_system_db')
MYEMS_SYSTEM_DB_USER = config('MYEMS_SYSTEM_DB_USER', default='root')
MYEMS_SYSTEM_DB_PASSWORD = config('MYEMS_SYSTEM_DB_PASSWORD', default='!MyEMS1')
MYEMS_ENERGY_DB_HOST = config('MYEMS_ENERGY_DB_HOST', default='127.0.0.1')
MYEMS_ENERGY_DB_PORT = config('MYEMS_ENERGY_DB_PORT', default=3306, cast=int)
MYEMS_ENERGY_DB_DATABASE = config('MYEMS_ENERGY_DB_DATABASE', default='myems_energy_db')
MYEMS_ENERGY_DB_USER = config('MYEMS_ENERGY_DB_USER', default='root')
MYEMS_ENERGY_DB_PASSWORD = config('MYEMS_ENERGY_DB_PASSWORD', default='!MyEMS1')
MYEMS_ENERGY_BASELINE_DB_HOST = config('MYEMS_ENERGY_BASELINE_DB_HOST', default='127.0.0.1')
MYEMS_ENERGY_BASELINE_DB_PORT = config('MYEMS_ENERGY_BASELINE_DB_PORT', default=3306, cast=int)
MYEMS_ENERGY_BASELINE_DB_DATABASE = config('MYEMS_ENERGY_BASELINE_DB_DATABASE', default='myems_energy_baseline_db')
MYEMS_ENERGY_BASELINE_DB_USER = config('MYEMS_ENERGY_BASELINE_DB_USER', default='root')
MYEMS_ENERGY_BASELINE_DB_PASSWORD = config('MYEMS_ENERGY_BASELINE_DB_PASSWORD', default='!MyEMS1')
MYEMS_BILLING_DB_HOST = config('MYEMS_BILLING_DB_HOST', default='127.0.0.1')
MYEMS_BILLING_DB_PORT = config('MYEMS_BILLING_DB_PORT', default=3306, cast=int)
MYEMS_BILLING_DB_DATABASE = config('MYEMS_BILLING_DB_DATABASE', default='myems_billing_db')
MYEMS_BILLING_DB_USER = config('MYEMS_BILLING_DB_USER', default='root')
MYEMS_BILLING_DB_PASSWORD = config('MYEMS_BILLING_DB_PASSWORD', default='!MyEMS1')
MYEMS_BILLING_BASELINE_DB_HOST = config('MYEMS_BILLING_BASELINE_DB_HOST', default='127.0.0.1')
MYEMS_BILLING_BASELINE_DB_PORT = config('MYEMS_BILLING_BASELINE_DB_PORT', default=3306, cast=int)
MYEMS_BILLING_BASELINE_DB_DATABASE = config('MYEMS_BILLING_BASELINE_DB_DATABASE', default='myems_billing_baseline_db')
MYEMS_BILLING_BASELINE_DB_USER = config('MYEMS_BILLING_BASELINE_DB_USER', default='root')
MYEMS_BILLING_BASELINE_DB_PASSWORD = config('MYEMS_BILLING_BASELINE_DB_PASSWORD', default='!MyEMS1')
MYEMS_HISTORICAL_DB_HOST = config('MYEMS_HISTORICAL_DB_HOST', default='127.0.0.1')
MYEMS_HISTORICAL_DB_PORT = config('MYEMS_HISTORICAL_DB_PORT', default=3306, cast=int)
MYEMS_HISTORICAL_DB_DATABASE = config('MYEMS_HISTORICAL_DB_DATABASE', default='myems_historical_db')
MYEMS_HISTORICAL_DB_USER = config('MYEMS_HISTORICAL_DB_USER', default='root')
MYEMS_HISTORICAL_DB_PASSWORD = config('MYEMS_HISTORICAL_DB_PASSWORD', default='!MyEMS1')
MYEMS_USER_DB_HOST = config('MYEMS_USER_DB_HOST', default='127.0.0.1')
MYEMS_USER_DB_PORT = config('MYEMS_USER_DB_PORT', default=3306, cast=int)
MYEMS_USER_DB_DATABASE = config('MYEMS_USER_DB_DATABASE', default='myems_user_db')
MYEMS_USER_DB_USER = config('MYEMS_USER_DB_USER', default='root')
MYEMS_USER_DB_PASSWORD = config('MYEMS_USER_DB_PASSWORD', default='!MyEMS1')
MYEMS_FDD_DB_HOST = config('MYEMS_FDD_DB_HOST', default='127.0.0.1')
MYEMS_FDD_DB_PORT = config('MYEMS_FDD_DB_PORT', default=3306, cast=int)
MYEMS_FDD_DB_DATABASE = config('MYEMS_FDD_DB_DATABASE', default='myems_fdd_db')
MYEMS_FDD_DB_USER = config('MYEMS_FDD_DB_USER', default='root')
MYEMS_FDD_DB_PASSWORD = config('MYEMS_FDD_DB_PASSWORD', default='!MyEMS1')
MYEMS_REPORTING_DB_HOST = config('MYEMS_REPORTING_DB_HOST', default='127.0.0.1')
MYEMS_REPORTING_DB_PORT = config('MYEMS_REPORTING_DB_PORT', default=3306, cast=int)
MYEMS_REPORTING_DB_DATABASE = config('MYEMS_REPORTING_DB_DATABASE', default='myems_reporting_db')
MYEMS_REPORTING_DB_USER = config('MYEMS_REPORTING_DB_USER', default='root')
MYEMS_REPORTING_DB_PASSWORD = config('MYEMS_REPORTING_DB_PASSWORD', default='!MyEMS1')
MINUTES_TO_COUNT = config('MINUTES_TO_COUNT', default=60, cast=int)
UTC_OFFSET = config('UTC_OFFSET', default='+08:00')
WORKING_DAY_START_TIME_LOCAL = config('WORKING_DAY_START_TIME_LOCAL', default='00:00:00')
UPLOAD_PATH = config('UPLOAD_PATH', default='/var/www/html/admin/upload/')
CURRENCY_UNIT = config('CURRENCY_UNIT', default='CNY')
myems_system_db = { myems_system_db = {
'host': MYEMS_SYSTEM_DB_HOST, 'host': config('MYEMS_SYSTEM_DB_HOST', default='127.0.0.1'),
'port': MYEMS_SYSTEM_DB_PORT, 'port': config('MYEMS_SYSTEM_DB_PORT', default=3306, cast=int),
'database': MYEMS_SYSTEM_DB_DATABASE, 'database': config('MYEMS_SYSTEM_DB_DATABASE', default='myems_system_db'),
'user': MYEMS_SYSTEM_DB_USER, 'user': config('MYEMS_SYSTEM_DB_USER', default='root'),
'password': MYEMS_SYSTEM_DB_PASSWORD, 'password': config('MYEMS_SYSTEM_DB_PASSWORD', default='!MyEMS1'),
} }
myems_energy_db = { myems_energy_db = {
'host': MYEMS_ENERGY_DB_HOST, 'host': config('MYEMS_ENERGY_DB_HOST', default='127.0.0.1'),
'port': MYEMS_ENERGY_DB_PORT, 'port': config('MYEMS_ENERGY_DB_PORT', default=3306, cast=int),
'database': MYEMS_ENERGY_DB_DATABASE, 'database': config('MYEMS_ENERGY_DB_DATABASE', default='myems_energy_db'),
'user': MYEMS_ENERGY_DB_USER, 'user': config('MYEMS_ENERGY_DB_USER', default='root'),
'password': MYEMS_ENERGY_DB_PASSWORD, 'password': config('MYEMS_ENERGY_DB_PASSWORD', default='!MyEMS1'),
} }
myems_energy_baseline_db = { myems_energy_baseline_db = {
'host': MYEMS_ENERGY_BASELINE_DB_HOST, 'host': config('MYEMS_ENERGY_BASELINE_DB_HOST', default='127.0.0.1'),
'port': MYEMS_ENERGY_BASELINE_DB_PORT, 'port': config('MYEMS_ENERGY_BASELINE_DB_PORT', default=3306, cast=int),
'database': MYEMS_ENERGY_BASELINE_DB_DATABASE, 'database': config('MYEMS_ENERGY_BASELINE_DB_DATABASE', default='myems_energy_baseline_db'),
'user': MYEMS_ENERGY_BASELINE_DB_USER, 'user': config('MYEMS_ENERGY_BASELINE_DB_USER', default='root'),
'password': MYEMS_ENERGY_BASELINE_DB_PASSWORD, 'password': config('MYEMS_ENERGY_BASELINE_DB_PASSWORD', default='!MyEMS1'),
} }
myems_billing_db = { myems_billing_db = {
'host': MYEMS_BILLING_DB_HOST, 'host': config('MYEMS_BILLING_DB_HOST', default='127.0.0.1'),
'port': MYEMS_BILLING_DB_PORT, 'port': config('MYEMS_BILLING_DB_PORT', default=3306, cast=int),
'database': MYEMS_BILLING_DB_DATABASE, 'database': config('MYEMS_BILLING_DB_DATABASE', default='myems_billing_db'),
'user': MYEMS_BILLING_DB_USER, 'user': config('MYEMS_BILLING_DB_USER', default='root'),
'password': MYEMS_BILLING_DB_PASSWORD, 'password': config('MYEMS_BILLING_DB_PASSWORD', default='!MyEMS1'),
} }
myems_billing_baseline_db = { myems_billing_baseline_db = {
'host': MYEMS_BILLING_BASELINE_DB_HOST, 'host': config('MYEMS_BILLING_BASELINE_DB_HOST', default='127.0.0.1'),
'port': MYEMS_BILLING_BASELINE_DB_PORT, 'port': config('MYEMS_BILLING_BASELINE_DB_PORT', default=3306, cast=int),
'database': MYEMS_BILLING_BASELINE_DB_DATABASE, 'database': config('MYEMS_BILLING_BASELINE_DB_DATABASE', default='myems_billing_baseline_db'),
'user': MYEMS_BILLING_BASELINE_DB_USER, 'user': config('MYEMS_BILLING_BASELINE_DB_USER', default='root'),
'password': MYEMS_BILLING_BASELINE_DB_PASSWORD, 'password': config('MYEMS_BILLING_BASELINE_DB_PASSWORD', default='!MyEMS1'),
} }
myems_historical_db = { myems_historical_db = {
'host': MYEMS_HISTORICAL_DB_HOST, 'host': config('MYEMS_HISTORICAL_DB_HOST', default='127.0.0.1'),
'port': MYEMS_HISTORICAL_DB_PORT, 'port': config('MYEMS_HISTORICAL_DB_PORT', default=3306, cast=int),
'database': MYEMS_HISTORICAL_DB_DATABASE, 'database': config('MYEMS_HISTORICAL_DB_DATABASE', default='myems_historical_db'),
'user': MYEMS_HISTORICAL_DB_USER, 'user': config('MYEMS_HISTORICAL_DB_USER', default='root'),
'password': MYEMS_HISTORICAL_DB_PASSWORD, 'password': config('MYEMS_HISTORICAL_DB_PASSWORD', default='!MyEMS1'),
} }
myems_user_db = { myems_user_db = {
'host': MYEMS_USER_DB_HOST, 'host': config('MYEMS_USER_DB_HOST', default='127.0.0.1'),
'port': MYEMS_USER_DB_PORT, 'port': config('MYEMS_USER_DB_PORT', default=3306, cast=int),
'database': MYEMS_USER_DB_DATABASE, 'database': config('MYEMS_USER_DB_DATABASE', default='myems_user_db'),
'user': MYEMS_USER_DB_USER, 'user': config('MYEMS_USER_DB_USER', default='root'),
'password': MYEMS_USER_DB_PASSWORD, 'password': config('MYEMS_USER_DB_PASSWORD', default='!MyEMS1'),
} }
myems_fdd_db = { myems_fdd_db = {
'host': MYEMS_FDD_DB_HOST, 'host': config('MYEMS_FDD_DB_HOST', default='127.0.0.1'),
'port': MYEMS_FDD_DB_PORT, 'port': config('MYEMS_FDD_DB_PORT', default=3306, cast=int),
'database': MYEMS_FDD_DB_DATABASE, 'database': config('MYEMS_FDD_DB_DATABASE', default='myems_fdd_db'),
'user': MYEMS_FDD_DB_USER, 'user': config('MYEMS_FDD_DB_USER', default='root'),
'password': MYEMS_FDD_DB_PASSWORD, 'password': config('MYEMS_FDD_DB_PASSWORD', default='!MyEMS1'),
} }
myems_reporting_db = { myems_reporting_db = {
'host': MYEMS_REPORTING_DB_HOST, 'host': config('MYEMS_REPORTING_DB_HOST', default='127.0.0.1'),
'port': MYEMS_REPORTING_DB_PORT, 'port': config('MYEMS_REPORTING_DB_PORT', default=3306, cast=int),
'database': MYEMS_REPORTING_DB_DATABASE, 'database': config('MYEMS_REPORTING_DB_DATABASE', default='myems_reporting_db'),
'user': MYEMS_REPORTING_DB_USER, 'user': config('MYEMS_REPORTING_DB_USER', default='root'),
'password': MYEMS_REPORTING_DB_PASSWORD, 'password': config('MYEMS_REPORTING_DB_PASSWORD', default='!MyEMS1'),
} }
# indicated in how many minutes to calculate meter energy consumption # indicated in how many minutes to calculate meter energy consumption
# 30 for half hourly period # 30 for half hourly period
# 60 for hourly period # 60 for hourly period
minutes_to_count = MINUTES_TO_COUNT minutes_to_count = config('MINUTES_TO_COUNT', default=60, cast=int)
# indicates the project's time zone offset from UTC # indicates the project's time zone offset from UTC
utc_offset = UTC_OFFSET utc_offset = config('UTC_OFFSET', default='+08:00')
# indicates from when ( in local timezone) of the day to calculate working days # indicates from when ( in local timezone) of the day to calculate working days
working_day_start_time_local = WORKING_DAY_START_TIME_LOCAL working_day_start_time_local = config('WORKING_DAY_START_TIME_LOCAL', default='00:00:00')
# indicates where user uploaded files will be saved to # indicates where user uploaded files will be saved to
# must use the root folder of myems-admin web application # must use the root folder of myems-admin web application
# for example if you serve myems-admin at /var/www/html/admin # for example if you serve myems-admin at /var/www/html/admin
# you should set the upload_path as below # you should set the upload_path as below
upload_path = UPLOAD_PATH upload_path = config('UPLOAD_PATH', default='/var/www/html/admin/upload/')
# main currency unit # main currency unit
currency_unit = CURRENCY_UNIT currency_unit = config('CURRENCY_UNIT', default='CNY')
# maximum failed login count, otherwise the user should be locked
maximum_failed_login_count = config('MAXIMUM_FAILED_LOGIN_COUNT', default=6, cast=int)

106
myems-api/core/user.py
View File

@ -27,7 +27,7 @@ class UserCollection:
cursor = cnx.cursor() cursor = cnx.cursor()
query = (" SELECT u.id, u.name, u.display_name, u.uuid, " query = (" SELECT u.id, u.name, u.display_name, u.uuid, "
" u.email, u.is_admin, p.id, p.name, " " u.email, u.is_admin, p.id, p.name, "
" u.account_expiration_datetime_utc, u.password_expiration_datetime_utc " " u.account_expiration_datetime_utc, u.password_expiration_datetime_utc, u.failed_login_count "
" FROM tbl_users u " " FROM tbl_users u "
" LEFT JOIN tbl_privileges p ON u.privilege_id = p.id " " LEFT JOIN tbl_privileges p ON u.privilege_id = p.id "
" ORDER BY u.name ") " ORDER BY u.name ")
@ -59,7 +59,8 @@ class UserCollection:
"account_expiration_datetime": "account_expiration_datetime":
account_expiration_datetime_local.strftime('%Y-%m-%dT%H:%M:%S'), account_expiration_datetime_local.strftime('%Y-%m-%dT%H:%M:%S'),
"password_expiration_datetime": "password_expiration_datetime":
password_expiration_datetime_local.strftime('%Y-%m-%dT%H:%M:%S')} password_expiration_datetime_local.strftime('%Y-%m-%dT%H:%M:%S'),
"failed_login_count": row[10]}
result.append(meta_result) result.append(meta_result)
resp.text = json.dumps(result) resp.text = json.dumps(result)
@ -444,7 +445,7 @@ class UserLogin:
description='API.INVALID_USER_NAME') description='API.INVALID_USER_NAME')
query = (" SELECT id, name, uuid, display_name, email, salt, password, is_admin, " query = (" SELECT id, name, uuid, display_name, email, salt, password, is_admin, "
" account_expiration_datetime_utc, password_expiration_datetime_utc " " account_expiration_datetime_utc, password_expiration_datetime_utc, failed_login_count "
" FROM tbl_users " " FROM tbl_users "
" WHERE name = %s ") " WHERE name = %s ")
cursor.execute(query, (str.strip(new_values['data']['name']).lower(),)) cursor.execute(query, (str.strip(new_values['data']['name']).lower(),))
@ -463,7 +464,8 @@ class UserLogin:
"password": row[6], "password": row[6],
"is_admin": True if row[7] else False, "is_admin": True if row[7] else False,
"account_expiration_datetime_utc": row[8], "account_expiration_datetime_utc": row[8],
"password_expiration_datetime_utc": row[9]} "password_expiration_datetime_utc": row[9],
"failed_login_count": row[10]}
elif 'email' in new_values['data']: elif 'email' in new_values['data']:
if not isinstance(new_values['data']['email'], str) or \ if not isinstance(new_values['data']['email'], str) or \
@ -472,7 +474,7 @@ class UserLogin:
description='API.INVALID_EMAIL') description='API.INVALID_EMAIL')
query = (" SELECT id, name, uuid, display_name, email, salt, password, is_admin, " query = (" SELECT id, name, uuid, display_name, email, salt, password, is_admin, "
" account_expiration_datetime_utc, password_expiration_datetime_utc " " account_expiration_datetime_utc, password_expiration_datetime_utc,failed_login_count "
" FROM tbl_users " " FROM tbl_users "
" WHERE email = %s ") " WHERE email = %s ")
cursor.execute(query, (str.strip(new_values['data']['email']).lower(),)) cursor.execute(query, (str.strip(new_values['data']['email']).lower(),))
@ -491,22 +493,45 @@ class UserLogin:
"password": row[6], "password": row[6],
"is_admin": True if row[7] else False, "is_admin": True if row[7] else False,
"account_expiration_datetime_utc": row[8], "account_expiration_datetime_utc": row[8],
"password_expiration_datetime_utc": row[9]} "password_expiration_datetime_utc": row[9],
"failed_login_count": row[10]}
else: else:
cursor.close() cursor.close()
cnx.disconnect() cnx.disconnect()
raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
description='API.INVALID_USER_NAME_OR_EMAIL') description='API.INVALID_USER_NAME_OR_EMAIL')
failed_login_count = result['failed_login_count']
if failed_login_count >= config.maximum_failed_login_count:
cursor.close()
cnx.disconnect()
raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.USER_ACCOUNT_HAS_BEEN_LOCKED')
salt = result['salt'] salt = result['salt']
password = str.strip(new_values['data']['password']) password = str.strip(new_values['data']['password'])
hashed_password = hashlib.sha512(salt.encode() + password.encode()).hexdigest() hashed_password = hashlib.sha512(salt.encode() + password.encode()).hexdigest()
if hashed_password != result['password']: if hashed_password != result['password']:
update_failed_login_count = (" UPDATE tbl_users "
" SET failed_login_count = %s "
" WHERE uuid = %s ")
user_uuid = result['uuid']
cursor.execute(update_failed_login_count, (failed_login_count + 1, user_uuid))
cnx.commit()
cursor.close() cursor.close()
cnx.disconnect() cnx.disconnect()
raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.INVALID_PASSWORD') raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.INVALID_PASSWORD')
if failed_login_count != 0:
update_failed_login_count = (" UPDATE tbl_users "
" SET failed_login_count = 0 "
" WHERE uuid = %s ")
user_uuid = result['uuid']
cursor.execute(update_failed_login_count, (user_uuid, ))
cnx.commit()
if result['account_expiration_datetime_utc'] <= datetime.utcnow(): if result['account_expiration_datetime_utc'] <= datetime.utcnow():
cursor.close() cursor.close()
cnx.disconnect() cnx.disconnect()
@ -828,3 +853,72 @@ class ResetPassword:
resp.status = falcon.HTTP_200 resp.status = falcon.HTTP_200
write_log(user_uuid=admin_user_uuid, request_method='PUT', resource_type='ResetPassword', write_log(user_uuid=admin_user_uuid, request_method='PUT', resource_type='ResetPassword',
resource_id=user_id, request_body=None) resource_id=user_id, request_body=None)
class Unlock:
@staticmethod
def __init__():
"""Initializes Class"""
pass
@staticmethod
def on_options(req, resp):
resp.status = falcon.HTTP_200
@staticmethod
def on_put(req, resp, id_):
"""Handles PUT requests"""
if 'USER-UUID' not in req.headers or \
not isinstance(req.headers['USER-UUID'], str) or \
len(str.strip(req.headers['USER-UUID'])) == 0:
raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
description='API.INVALID_USER_UUID')
admin_user_uuid = str.strip(req.headers['USER-UUID'])
if not id_.isdigit() or int(id_) <= 0:
raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
description='API.INVALID_USER_ID')
Id = id_
cnx = mysql.connector.connect(**config.myems_user_db)
cursor = cnx.cursor()
query = (" SELECT failed_login_count "
" FROM tbl_users "
" WHERE id = %s ")
cursor.execute(query, (Id,))
row = cursor.fetchone()
if row is None:
cursor.close()
cnx.disconnect()
raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.INVALID_Id')
failed_login_count = row[0]
if failed_login_count < config.maximum_failed_login_count:
cursor.close()
cnx.disconnect()
raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.USER_ACCOUNT_IS_NOT_LOCKED')
update_user = (" UPDATE tbl_users "
" SET failed_login_count = 0"
" WHERE id = %s ")
cursor.execute(update_user, (Id, ))
cnx.commit()
query = (" SELECT failed_login_count "
" FROM tbl_users "
" WHERE id = %s ")
cursor.execute(query, (Id,))
row = cursor.fetchone()
if row is None or row[0] != 0:
cursor.close()
cnx.disconnect()
raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.ACCOUNT_UNLOCK_FAILED')
cursor.close()
cnx.disconnect()
resp.text = json.dumps("OK")
resp.status = falcon.HTTP_200
write_log(user_uuid=admin_user_uuid, request_method='PUT', resource_type='UnlockUser',
resource_id=Id, request_body=None)