o Ci@sddlmZddlmZddlmZddlmZddl m Z ddl m Z ddl mZddlmZdd lmZdd lmZdd lmZmZdd lmZdd lmZmZddlmZmZddlm Z m!Z!m"Z"m#Z#ddl$m%Z%ddl&Z&ddl'Z'ddl(m)Z)ddl*m+Z+ddl,m-Z-ddl.Z.ddl/m0Z0ddl1m2Z2ddl3m4Z4ddl5m6Z6m7Z7ddl8m9Z9ddl:m;Z;e'j'e'j'<e'j?ddZ@e+ddZAGdd d eZBGd!d"d"eZCGd#d$d$eZDGd%d&d&eZEGd'd(d(eZFGd)d*d*eZGGd+d,d,eZHGd-d.d.eZIGd/d0d0eZJGd1d2d2eZKGd3d4d4eZLGd5d6d6eZMGd7d8d8eZNddlOZOddlPZPddlQZQdd9lmRZRGd:d;d;eZSddl'm?Z?dd?lTmUZUmWZWmXZXeUd@geWgeXgdAdBZYGdCdDdDeZZGdEdFdFeZ[dS)G)APIView) transaction) csrf_exempt)models)get_random_string)render_to_string)settings)Responsestatus) send_mail) authenticatelogin) serializers) AccessToken RefreshToken) make_passwordcheck_password)get_access_tokentoken_functionapp_login_check app_create)utcN)swagger_auto_schema)protected_resource) JsonResponseceil)CustomPaginator)timezone)require_permissionCustomIsAuthenticated)method_decorator)OAuth2Authentication)dayscCs:|j}t|j|j|j|jt|dr|jjdSddS)Nrole standard_user)usernameemail first_name last_namer&) resource_ownerrr(r)r*r+hasattrr&name)requestuserr1+/var/www/Datamplify/authentication/views.pyuser_info_view&sr3c@s:eZdZgZgZejZeejde e ddZ dS)SignUp request_bodyc Cs@|j|jd}|jddr|jd}|jd}|jd}zLtdd}ttj}d }t d d } | ||||d } t d | } d} d} tj }| g}t | | ||| dtjjj|||dd}tjjj||| |dWnty}zt|tdditjdWYd}~Sd}~wwd| |d}t|tjdStdditjdS)NdataTraise_exceptionr(r)password@lengthz authentication/email-activation/i'i)Gotpapi unique_id current_siter(zregistration.htmlzHello, welcome to our website!z*Welcome to Datamplify: Verify your account) html_messageF)r(r;r) is_active)r0keyotpr)messagez SMTP Errorr zAccount Activation Email Sent)rGr)emailActivationTokenSerializer Value Error)serializer_classr8is_validvalidated_datarstrrLink_urlrandomrandintrEMAIL_HOST_USERlowerr auth_models UserProfileobjects create_userAccount_Activationcreate Exceptionprintr r HTTP_400_BAD_REQUESTHTTP_201_CREATED)selfr/ serializerur)pwdrArBr@r?contextrCrGsubject from_emailto_emailadtber8r1r1r2post5s<         z SignUp.postN) __name__ __module__ __qualname__authentication_classespermission_classesrRegisterSerializerrJrratomicrrgr1r1r1r2r41s r4c@s8eZdZgZgZejZeejde e j ddZ dS)AccountActivater5c Cs@z tjjj|d}WntdditjdYS|jtj t kr|j |j d}|j ddr|jj}|j}|jd}tt|d krLtdd itjdS||krtjjj|d }tjjj|d tjjjd d}|} d| _d| _| | j|tdditjdStdditjdStdditj dStdditjdS)NrErGzInvalid Token in URLr r7Tr9rFzOTP field cannot be emptyidr0Adminr.zAccount successfully activatedzIncorrect OTP, Please try againz Enter OTPzActivation Token/ OTP Expired)!rSrWrUgetr r HTTP_404_NOT_FOUND expiry_datedatetimenowrrJr8rKr0rsrFrLlenrMHTTP_406_NOT_ACCEPTABLErTfilterdeleteRolerD is_superusersaverolesadd HTTP_200_OKHTTP_401_UNAUTHORIZEDr[) r]r/tokenr^u_id otp_validrF token_obj admin_roler0r1r1r2rg^s2   zAccountActivate.postN) rhrirjrkrlrActivationSerializerrJrrrrnrgr1r1r1r2roZs roc@s2eZdZgZgZejZeejde ddZ dS)Loginr5c Csddl}|}|j|jd}|jddr|jd}|jd}zddl}tjjj|d}Wnt yH}zt dd it j d WYd}~Sd}~ww|j d urWt dd it jd Szt||d } Wnt yz}zt ddit j d WYd}~Sd}~ww| durt|} ttjjj| jdjddd} | ddkr| d|j|j|j|j|j |j|j|jr|jjndt| d }t |t jd St | | dd St ddit j d St ddit jd S)Nrr7Tr9r)r; email__iexactrGz9You do not have an account, Please SIGNUP with Datamplifyr Fz5Account is in In-Active, please Activate your account)r)r;zIncorrect Password roles__usersrsflatr access_token) accessTokenr(r)r*r+rD created_atz is Super user created_by permissionszIncorrect passwordzEnter Email and Password) timerJr8rKrLrSrTrUrwrYr r rrDr}r rlist Permissionr~rsdistinct values_listr(r)r*r+rrrrr[) r]r/rstartr^r)r;r8rfr0rrr1r1r2rgs\       ,z Login.postN) rhrirjrkrlrLoginSerializerrJrrrgr1r1r1r2rs rc@"eZdZgZgZejZddZdS)ForgotPasswordViewc CsP|j|jd}|jddr|jd}tjjj|drn t ddit j dStjjj |d}|j }tjjj|d zDtd d }ttj}tjjj||td d }d} |j| ||d} td| } t|d|j|| |tj|g| dd|d} t | t jdWSty} zt| t ddit jdWYd} ~ Sd} ~ wwt ddit jdS)Nr7Tr9r)rrGz8You do not have an account, Please SIGNUP with Analytifyr rt r=)r0rErz$Datamplify Reset Password Assistancezauthentication/reset-password/)r(r@ reset_tokenrBzreset_password.htmlzHi {}, There was a request to change your password! If you did not make this request then please ignore this email. Your password reset link {}{}{}rbrGrcrecipient_listrCzPassword reset email sent)rGPasswordresettoken SMTP errorrI) rJr8rKrLrSrTrUr~existsr r rxrwrsReset_PasswordrrrMrrNrXrr(rr formatrQrrYrZrr[)r]r/r^r)r.rrArBrbr@rarCr8rfr1r1r2rg sD     zForgotPasswordView.postN) rhrirjrkrlrForgetPasswordSerializerrJrgr1r1r1r2r  rc@r)ConfirmPasswordViewcCsz tjjj|d}WntdditjdYS|j|jd}|j ddr|j }tj jj|d}|j }|j d }|j d }d } t| |} | sSdd i} t| tjdS||kr`tdd itjdS zntj} tjt| d} | d}tj}t|dd}|j||dd}td|}d}t|d|j||tj |g|dtj jj!|dj"t#|tjdtjjj!|j$d%tdditj&dWStdditjdYStdditj'dS)NrprGzToken Doesn't Existsr r7Tr9rrr;confirmPasswordzF^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@#$!%*?&])[A-Za-z\d@#$!%*?&]{8,}$zPassword is invalid.Min 8 character. Password must contain at least :one small alphabet one capital alphabet one special character numeric digit.zPasssword did not matchedz%Y-%m-%dz%d %b %Y.rz*http://202.65.155.119/authentication/login)r(dater login_urlzreset_password_success.htmlz%Password change alert AcknowledgementzHi {}, You have successfully changed your Analytify Login password on {} at {} . Do not share with anyone.. Do not disclose any confidential information such as Username, Password, OTP etc. to anyone. Best regards, The Analytify Teamr)r; updated_atrtz+Password changed Successfully, Please LoginrzPassword Fields didn't Match)(rSrrUrwr r rxrJr8rKr0rTr)rLrefindallr}rrzr{rstrptimerMstrftimeupperrsplitr(rr rrrQr~updaterrsrrr[)r]r/rr^r.user)r`cnfpwdpatternrr8 date_stringdate_objr time_stringrrarCrbr1r1r2putPsT     $zConfirmPasswordView.putN) rhrirjrkrlrConfirmPasswordSerializerrJrr1r1r1r2rKrrc@sHeZdZegZegZejZ e e de ejde ejddZdS) InviteUserz user.creater5cCst|}|ddkrtd|ditjdStjjj|dd}|js4|j j dd s4tdd itj dS|j |jd }|jd d r|jd }|jd}|jdd}|jd}|jdd} tjjj |d rqtdditjdStjjj |dtd} | rtdditjdStdd} tjd| } tjjj||||| |dd} td| |j|j|d}| st| dtj|g|dtd| d tj dSt|j!tjdS)!Nr rrGr user_idrrrurvzOnly Admins can invite usersr7Tr9r)r&r( generate_linkFr)zUser already exists)r)is_usedexpires_at__gtz.An active invite already exists for this emailr<r=z/authentication/set-password/)r)r(r& invited_byrrGz#You have been invited to Datamplifyzinvite_user.html) invite_linkrr&rGrzInvite sent successfully)rGr)"rr r rrSrTrUrwrrr~rHTTP_403_FORBIDDENrJr8rKrLHTTP_409_CONFLICT UserInviterr{firstr[rrrNrXrr(r.r rQr\errors)r]r/tokr0r^r)r&rGr(rexisting_inviterrrbrCr1r1r2rgsZ       zInviteUser.postN)rhrirjr#rkr!rlrUserInviteSerializerrJr"r rrrrnrgr1r1r1r2rs  rc@s(eZdZgZgZeejdddZdS) SetPasswordr5cCs$tjjj|d}|stdditjdS|jr!tdditjdS| r.tdditjdStj jj|j d rBtdditj dStj|jd }|r|jd }|jd }||krdtdd itjdStj jj|j |j|d |jd}|j|jd |_|tdditjdSt|jtjdS)N)rrGzInvalid invitation linkr z&This invite link has already been usedzThis invite link has expiredrz&Account with this email already existsr7r;rz*Password and Confirm Password Should matchT)r)r(r;rDrzAccount activated successfully)rSrrUr~rr r r[r is_expiredrTr)rrrrr8rKrLrVr(rrrr&rr\r)r]r/rinviter^r;rr0r1r1r2rgs6  zSetPassword.postN) rhrirjrkrlrrrrgr1r1r1r2rs  rc@s<eZdZdZegZegZee de e ddZ dS) UsersListzY List all users invited by the logged-in Admin with pagination and status filter z user.viewcCs|jj}ddlm}t}t|j|jd}t|j|j |j }t ||j }|jdd}t jjj|d}t jjj||d} | } || |} | d|d|||} t jjj| jd d d d d d d} dd| D}tj| d d|id}t|j| | ||dtjdS)Nrrsearchrrr)rusername__icontainsz -created_atr)Tr) email__inrsr(cSsi|]}|j|qSr1r).0r_r1r1r2 sz!UsersList.get..user_map)manyra)r8 total_pages total_records page_number page_sizer )r0rsmathrrint query_paramsrwpage_query_parampage_size_query_paramrmin max_page_sizerSrTrUrr~countorder_byronlyrInvitedUserStatusSerializerr r8r r)r]r/rr paginatorrrr admin_user invites_qsrrinvites user_profilesrr^r1r1r2rws8     z UsersList.getN)rhrirj__doc__r#rkr!rlr"r rrrnrwr1r1r1r2rs rc@sJeZdZegZegZejZ e e de ejde eddZdS)EditUserz user.editr5c Cs|jj}tjjj|d}|js!|jjdd s!t ddit j dS|j |jd}|jdd r|jd }|jd }ztjjj|d}t|Wntjjy[t dd it jdYSwtjjj|j|d  st|jstt ddit j dS|rz%tjjj|jd}tjjj|d}|j|j|||_|Wntjjyt ddit jdYSw|t dt|jdt jdSt |jt jdS)NrrrurvrGzOnly Admins can edit usersr r7Tr9rrole_idUser not found)r)rz(You cannot edit a user you didn't inviterInvalid Role IDUser updated successfullyrGr)r0rsrSrTrUrwrrr~rr r rrJr8rKrLrZ DoesNotExistrxrr)rclearrr&rrMrrr[) r]r/rrr^rr0 user_inviter&r1r1r2r/sB       z EditUser.putN)rhrirjr#rkr!rlrUserEditSerializerrJr"r rrrrnrr1r1r1r2r+s  rc@sDeZdZegZegZeede e j de e ddZdS)DeleteInviteUserz user.deleter5c Cs|j}|j}|g}t|dr|jr||jjz tjjj|d}Wnt y=}zt ddit j dWYd}~Sd}~ww|j rYtjjj|jd}|t ddit jdS|t ddit jdS)NrrrrGzUser Not Foundr rzUser Deleted sucessfully)r0rsr-rappendrSrrUrwrYr r rxrrTr)rr) r]r/rsr0raccessible_user_idsrrf user_datar1r1r2ris"zDeleteInviteUser.deleteN)rhrirjr#rkr!rlr"r rrrrrrnrr1r1r1r2rfs  rc@s>eZdZegZegZejZ e ejde e ddZdS)Get_previlagesr5cCs.tjj}tj|dd}td|jitj dS)NT)rr8r ) rSrrUallrprevilage_serializerr r8r r)r]r/rr^r1r1r2rws zGet_previlages.getN)rhrirjr#rkr!rlrrrJrrrrnrwr1r1r1r2rs rc@seZdZgZgZddZdS) user_deletecCs tjjj|dtddiS)NrrGzdeleted Succesfully)rSrTrUrwrr )r]r/r)r1r1r2rs zuser_delete.deleteN)rhrirjrkrlrr1r1r1r2rs rc@s(eZdZgZgZeeddZdS)ActivateolduserscCsztjjj|d}t|Wntjjy"tdditjdYSwztj jjdd}|j |j |Wntj jyLtdditjdYSwd|_ |tdt|jd tjdS) NrrrGrr r$rTrr)rSrTrUrwrZrr r rxrrrrrrrMrsr)r]r/rr0r&r1r1r2rs&   zActivateoldusers.putN) rhrirjrkrlrrrnrr1r1r1r2rs r) Applicationc@s8eZdZegZegZddZddZddZ ddZ d S) RegisterApplicationc Cs8|j}|jd}|jdg}|jdd}tjj|d}|}|dkr.tddid d S|j|d r>tdd id d S|sHtddidd S| dkrRtj }ntj }d}d} d} | |krt |||j |\} } |tj krtt| | } nd} | dkr{n| d7} | |ks_| dkrtdditjd St| | ||ddgdS)Nr. redirect_uristypeclient-credentialsr rGzlimit exceededir rvz name existsierrorz Invalid dataauthorization-coderrrzFailed to create an appreadwrite) client_id client_secretr  grant_typesscopes)r0r8rwr rUr~rr rrRGRANT_AUTHORIZATION_CODEGRANT_CLIENT_CREDENTIALSrrsrr r) r]r/r0r.r r apps apps_count MAX_RETRIESattempts app_statusrrr1r1r2rgDsH     zRegisterApplication.postcCs|j}|jdd}tjj|d}|r7|dkr!|jtjd}n|dkr/|jtjd}nt ddidd S| d d d d d}t dt |it j d S)Nr rr)authorization_grant_typer rzInvalid type parameterrr rr.r r!createdr8)r0rrwr rUr~rRrrr valuesrr r)r]r/rgrant_type_param apps_queryrr1r1r2rwns"   zRegisterApplication.getcCsZ|j}|s tddiddStjj||d}|s!tddiddS|tdd id dS) Nrzclient_id is requiredrr rrrGApplication not foundz Application deleted successfullyr)r0r r rUr~rr)r]r/rrappr1r1r2rszRegisterApplication.deletecCs|j}|jd}td}|stddiddStjj||d }|s,tdd id dS||_ |j d gd td ||dddS)Nrrrz client_id requiredrr r&rGr'r(r) update_fieldsz"Client secret updated successfully)rGrrr) r0r8rwsecrets token_urlsafer r rUr~rrr)r]r/rr new_secretr)r1r1r2rs(  zRegisterApplication.putN) rhrirjr#rkr!rlrgrwrrr1r1r1r2r @s* r )api_view)r{) timedelta)r.rkrlPOSTc Cs dtjd<|jd}|jd}|jd}|s"tdditjdSd }d|d }tj||||fd d id d}z| }Wnt yQtd|j dtj dYSw|j dkratd|dtjdStt|dd}t|d|d||d|d|ddtjdS)z7 Exchange refresh_token for a new access_token 1OAUTHLIB_INSECURE_TRANSPORT refresh_tokenrrrzrefresh_token is requiredr z5http://127.0.0.1:8000/v1/authentication/oauth2/token/) grant_typer3z Content-Typez!application/x-www-form-urlencoded)r8authheaderstimeoutzInvalid token response)rGrawrzToken refresh failed)rGdetails expires_in)secondsr token_typescope)rr3r;r=r>)osenvironr8rwr r r[requestsrgjsonrYtextHTTP_502_BAD_GATEWAY status_coder{r/r) r/r3rr token_urlr8responsetoken_response expires_atr1r1r2refresh_access_tokens\          rJc@seZdZegZgZddZdS)validate_oauth_clientcCs|jd}|jd}|jd}t|||gs"tdditjdSz tjj|||jj d}Wntj yBtdditj dYSwt ||j sRtdd itj dSt|j|jd tjdS) zn Validates client_id, client_secret and app_name Returns app_name and authorization_type if valid rrapp_namerGz2client_id, client_secret and app_name are requiredr )rr.rzInvalid client or app namezInvalid client secret)rLr )r8rwrr r r[r rUr0rsrrrrr.r!r)r]r/rrrLr)r1r1r2rgs>      zvalidate_oauth_client.postN)rhrirjr#rkrlrgr1r1r1r2rKs rKc@s eZdZegZegZddZdS) User_detailscCs<|jj}ttjjj|djddd}t d|it j dS)NrrsTr privilegesr ) r0rsrrSrrUr~rrr r r)r]r/rrr1r1r2rw3szUser_details.getN)rhrirjr#rkr!rlrwr1r1r1r2rM/s rM)\rest_framework.viewsr django.dbrdjango.views.decorators.csrfrauthenticationrrSdjango.utils.cryptordjango.template.loaderr Datamplifyrrest_framework.responser rest_frameworkr django.core.mailr django.contrib.authr rroauth2_provider.modelsrrdjango.contrib.auth.hashersrrauthentication.utilsrrrrpytzrrOrzdrf_yasg.utilsroauth2_provider.decoratorsr django.httprrrr Service.utilsr django.utilsrauthentication.permissionsr r!django.utils.decoratorsr"&oauth2_provider.contrib.rest_frameworkr#r{rrr/ expired_atr3r4rorrrrrrrrrrrr+r?rAr r rest_framework.decoratorsr.django.utils.timezonerkrlrJrKrMr1r1r1r2sv                       )-08F/3;;d -  o  F1