office password

This commit is contained in:
CHIEFSOFT\ameye
2025-10-12 08:07:34 -04:00
parent a87f482240
commit bf553f3f61
2 changed files with 106 additions and 31 deletions
+76 -10
View File
@@ -4,7 +4,9 @@ from werkzeug.security import generate_password_hash, check_password_hash
import datetime import datetime
import jwt import jwt
from app.config import Config from app.config import Config
from app.models import OfficeUsers
from app.utils.logger import logger
from app.extensions import db
class OfficeAuthService: class OfficeAuthService:
@staticmethod @staticmethod
@@ -19,9 +21,37 @@ class OfficeAuthService:
"test": "test123" "test": "test123"
} }
# Check if the provided credentials are valid logger.info('ENTER API:: login')
if username in valid_credentials and password == valid_credentials[username]: try:
# Generate JWT token with 15 minutes expiration with db.session.begin():
member = OfficeUsers.get_office_user_by_username(username)
password_hash = generate_password_hash(password)
logger.info("Password generated = > {}".format(password_hash))
if not member:
invalid_data = {
"error_message": "invalid username or password",
"message_key": "invalid_username_or_password",
}
return invalid_data, 401
user_id = member.id
member_password = member.password
logger.info("Current Password = > {}".format(member_password))
if str(member_password).strip() == 'password':
updateResult = OfficeUsers.set_office_user_password(user_id, username, password_hash)
logger.info(f"Password Update Result = > {updateResult} ")
member_password= password_hash
member = OfficeUsers.get_office_user_by_username(username) # reload office
pass_check = check_password_hash(member.password, password)
logger.info("Password check: {}".format(pass_check))
if not member or not pass_check:
invalid_data = {
"error_message": "invalid username or password",
"message_key": "invalid_username_or_password",
}
return invalid_data , 401
else:
payload = { payload = {
'sub': username, # Subject (typically user ID) 'sub': username, # Subject (typically user ID)
'iat': datetime.datetime.utcnow(), # Issued at 'iat': datetime.datetime.utcnow(), # Issued at
@@ -39,17 +69,53 @@ class OfficeAuthService:
return { return {
'jwt_token': token, 'jwt_token': token,
'user': { 'user': {
'firstname': member.firstname,
'lastname': member.lastname,
'email':'support@mermsemr.com',
'username': username, 'username': username,
'role': 'admin' if username == 'admin' else 'user' 'role': 'admin' if username == 'admin' else 'user'
}, },
'expires_in': 900 # 15 minutes in seconds 'expires_in': 900 # 15 minutes in seconds
} }
else:
# Return error for invalid credentials
return {
'error': 'Invalid credentials', # # Check if the provided credentials are valid
'message': 'The username or password is incorrect' # if username in valid_credentials and password == valid_credentials[username]:
}, 401 # # Generate JWT token with 15 minutes expiration
# payload = {
# 'sub': username, # Subject (typically user ID)
# 'iat': datetime.datetime.utcnow(), # Issued at
# 'exp': datetime.datetime.utcnow() + datetime.timedelta(minutes=15), # Expiration (15 minutes)
# 'role': 'admin' if username == 'admin' else 'user' # Role based on username
# }
#
# # Get the secret key from config
# secret_key = Config.JWT_SECRET_KEY
#
# # Generate the token
# token = jwt.encode(payload, secret_key, algorithm='HS256')
#
# # Return the token and user info
# return {
# 'jwt_token': token,
# 'user': {
# 'username': username,
# 'role': 'admin' if username == 'admin' else 'user'
# },
# 'expires_in': 900 # 15 minutes in seconds
# }
# else:
# # Return error for invalid credentials
# return {
# 'error': 'Invalid credentials',
# 'message': 'The username or password is incorrect'
# }, 401
except Exception as e:
logger.error(f"An error occurred while get_office_country_list data: {str(e)}", exc_info=True)
return jsonify({"message": "Internal Server Error"}), 500
@staticmethod @staticmethod
def verify_token(token): def verify_token(token):
+11 -2
View File
@@ -26,7 +26,7 @@ class OfficeUsers(db.Model):
uid = db.Column(db.String(150), nullable=True) uid = db.Column(db.String(150), nullable=True)
username = db.Column(db.String(25), nullable=False) username = db.Column(db.String(25), nullable=False)
password = db.Column(db.String(100), nullable=False) password = db.Column(db.String(250), nullable=False)
firstname = db.Column(db.String(25), nullable=False) firstname = db.Column(db.String(25), nullable=False)
lastname = db.Column(db.String(25), nullable=False) lastname = db.Column(db.String(25), nullable=False)
acc_level = db.Column(db.Integer, nullable=True, default=10) acc_level = db.Column(db.Integer, nullable=True, default=10)
@@ -56,10 +56,19 @@ class OfficeUsers(db.Model):
users_list = cls.query.filter_by(username=username).first() users_list = cls.query.filter_by(username=username).first()
logger.info(f"users_list looking for {username} after.") logger.info(f"users_list looking for {username} after.")
if not users_list: if not users_list:
logger.error(f"users_list with ID {user_id} does not exist.") logger.error(f"users_list with ID {username} does not exist.")
return None return None
return users_list return users_list
@classmethod
def set_office_user_password(cls, user_id, username,password_hash):
selected_user = cls.query.filter_by(id=int(user_id), username=str(username)).first()
if not selected_user:
logger.error(f"users_list with ID {user_id} does not exist.")
return None
logger.info(f"Password Settings Action = > {user_id}, {username}, {password_hash} ")
selected_user.password = password_hash
return selected_user
def to_dict(self): def to_dict(self):
return { return {