office password

2025-10-12 08:07:34 -04:00
parent a87f482240
commit bf553f3f61
2 changed files with 106 additions and 31 deletions
@@ -4,7 +4,9 @@ from werkzeug.security import generate_password_hash, check_password_hash
 import datetime
 import jwt
 from app.config import Config
-
+from app.models import OfficeUsers
+from app.utils.logger import logger
+from app.extensions import db

 class OfficeAuthService:
    @staticmethod
@@ -19,37 +21,101 @@ class OfficeAuthService:
            "test": "test123"
        }

-        # Check if the provided credentials are valid
-        if username in valid_credentials and password == valid_credentials[username]:
-            # Generate JWT token with 15 minutes expiration
-            payload = {
-                'sub': username,  # Subject (typically user ID)
-                'iat': datetime.datetime.utcnow(),  # Issued at
-                'exp': datetime.datetime.utcnow() + datetime.timedelta(minutes=15),  # Expiration (15 minutes)
-                'role': 'admin' if username == 'admin' else 'user'  # Role based on username
-            }
+        logger.info('ENTER API:: login')
+        try:
+            with db.session.begin():
+                member = OfficeUsers.get_office_user_by_username(username)
+                password_hash = generate_password_hash(password)
+                logger.info("Password generated = >  {}".format(password_hash))

-            # Get the secret key from config
-            secret_key = Config.JWT_SECRET_KEY
+                if not member:
+                    invalid_data = {
+                        "error_message": "invalid username or password",
+                        "message_key": "invalid_username_or_password",
+                    }
+                    return invalid_data, 401
+                user_id = member.id
+                member_password = member.password
+                logger.info("Current Password = >  {}".format(member_password))
+                if str(member_password).strip() == 'password':
+                    updateResult = OfficeUsers.set_office_user_password(user_id, username, password_hash)
+                    logger.info(f"Password Update Result = >  {updateResult} ")
+                    member_password= password_hash
+                    member = OfficeUsers.get_office_user_by_username(username) # reload office

-            # Generate the token
-            token = jwt.encode(payload, secret_key, algorithm='HS256')
+                pass_check = check_password_hash(member.password, password)
+                logger.info("Password check: {}".format(pass_check))
+                if not member or not pass_check:
+                    invalid_data = {
+                        "error_message": "invalid username or password",
+                        "message_key": "invalid_username_or_password",
+                    }
+                    return invalid_data , 401
+                else:
+                    payload = {
+                        'sub': username,  # Subject (typically user ID)
+                        'iat': datetime.datetime.utcnow(),  # Issued at
+                        'exp': datetime.datetime.utcnow() + datetime.timedelta(minutes=15),  # Expiration (15 minutes)
+                        'role': 'admin' if username == 'admin' else 'user'  # Role based on username
+                    }
+
+                    # Get the secret key from config
+                    secret_key = Config.JWT_SECRET_KEY
+
+                    # Generate the token
+                    token = jwt.encode(payload, secret_key, algorithm='HS256')
+
+                    # Return the token and user info
+                    return {
+                        'jwt_token': token,
+                        'user': {
+                            'firstname': member.firstname,
+                            'lastname': member.lastname,
+                            'email':'support@mermsemr.com',
+                            'username': username,
+                            'role': 'admin' if username == 'admin' else 'user'
+                        },
+                        'expires_in': 900  # 15 minutes in seconds
+                    }
+
+
+
+                # # Check if the provided credentials are valid
+                # if username in valid_credentials and password == valid_credentials[username]:
+                #     # Generate JWT token with 15 minutes expiration
+                #     payload = {
+                #         'sub': username,  # Subject (typically user ID)
+                #         'iat': datetime.datetime.utcnow(),  # Issued at
+                #         'exp': datetime.datetime.utcnow() + datetime.timedelta(minutes=15),  # Expiration (15 minutes)
+                #         'role': 'admin' if username == 'admin' else 'user'  # Role based on username
+                #     }
+                #
+                #     # Get the secret key from config
+                #     secret_key = Config.JWT_SECRET_KEY
+                #
+                #     # Generate the token
+                #     token = jwt.encode(payload, secret_key, algorithm='HS256')
+                #
+                #     # Return the token and user info
+                #     return {
+                #         'jwt_token': token,
+                #         'user': {
+                #             'username': username,
+                #             'role': 'admin' if username == 'admin' else 'user'
+                #         },
+                #         'expires_in': 900  # 15 minutes in seconds
+                #     }
+                # else:
+                #     # Return error for invalid credentials
+                #     return {
+                #         'error': 'Invalid credentials',
+                #         'message': 'The username or password is incorrect'
+                #     }, 401
+
+        except Exception as e:
+            logger.error(f"An error occurred while get_office_country_list data: {str(e)}", exc_info=True)
+            return jsonify({"message": "Internal Server Error"}), 500

-            # Return the token and user info
-            return {
-                'jwt_token': token,
-                'user': {
-                    'username': username,
-                    'role': 'admin' if username == 'admin' else 'user'
-                },
-                'expires_in': 900  # 15 minutes in seconds
-            }
-        else:
-            # Return error for invalid credentials
-            return {
-                'error': 'Invalid credentials',
-                'message': 'The username or password is incorrect'
-            }, 401

    @staticmethod
    def verify_token(token):
@@ -26,7 +26,7 @@ class OfficeUsers(db.Model):

    uid = db.Column(db.String(150), nullable=True)
    username = db.Column(db.String(25), nullable=False)
-    password = db.Column(db.String(100), nullable=False)
+    password = db.Column(db.String(250), nullable=False)
    firstname = db.Column(db.String(25), nullable=False)
    lastname = db.Column(db.String(25), nullable=False)
    acc_level = db.Column(db.Integer, nullable=True, default=10)
@@ -56,10 +56,19 @@ class OfficeUsers(db.Model):
        users_list = cls.query.filter_by(username=username).first()
        logger.info(f"users_list looking for {username} after.")
        if not users_list:
-            logger.error(f"users_list with ID {user_id} does not exist.")
+            logger.error(f"users_list with ID {username} does not exist.")
            return None
        return users_list

+    @classmethod
+    def set_office_user_password(cls, user_id, username,password_hash):
+        selected_user = cls.query.filter_by(id=int(user_id), username=str(username)).first()
+        if not selected_user:
+            logger.error(f"users_list with ID {user_id} does not exist.")
+            return None
+        logger.info(f"Password Settings Action = >  {user_id}, {username}, {password_hash} ")
+        selected_user.password = password_hash
+        return selected_user

    def to_dict(self):
        return {