office password

app/api/services/office_auth.py

@@ -4,7 +4,9 @@ from werkzeug.security import generate_password_hash, check_password_hash
 import datetime
 import jwt
 from app.config import Config
-
+from app.models import OfficeUsers
+from app.utils.logger import logger
+from app.extensions import db
 
 class OfficeAuthService:
     @staticmethod
@@ -19,37 +21,101 @@ class OfficeAuthService:
             "test": "test123"
         }
 
-        # Check if the provided credentials are valid
+        logger.info('ENTER API:: login')
-        if username in valid_credentials and password == valid_credentials[username]:
+        try:
-            # Generate JWT token with 15 minutes expiration
+            with db.session.begin():
-            payload = {
+                member = OfficeUsers.get_office_user_by_username(username)
-                'sub': username,  # Subject (typically user ID)
+                password_hash = generate_password_hash(password)
-                'iat': datetime.datetime.utcnow(),  # Issued at
+                logger.info("Password generated = >  {}".format(password_hash))
-                'exp': datetime.datetime.utcnow() + datetime.timedelta(minutes=15),  # Expiration (15 minutes)
-                'role': 'admin' if username == 'admin' else 'user'  # Role based on username
-            }
 
-            # Get the secret key from config
+                if not member:
-            secret_key = Config.JWT_SECRET_KEY
+                    invalid_data = {
+                        "error_message": "invalid username or password",
+                        "message_key": "invalid_username_or_password",
+                    }
+                    return invalid_data, 401
+                user_id = member.id
+                member_password = member.password
+                logger.info("Current Password = >  {}".format(member_password))
+                if str(member_password).strip() == 'password':
+                    updateResult = OfficeUsers.set_office_user_password(user_id, username, password_hash)
+                    logger.info(f"Password Update Result = >  {updateResult} ")
+                    member_password= password_hash
+                    member = OfficeUsers.get_office_user_by_username(username) # reload office
 
-            # Generate the token
+                pass_check = check_password_hash(member.password, password)
-            token = jwt.encode(payload, secret_key, algorithm='HS256')
+                logger.info("Password check: {}".format(pass_check))
+                if not member or not pass_check:
+                    invalid_data = {
+                        "error_message": "invalid username or password",
+                        "message_key": "invalid_username_or_password",
+                    }
+                    return invalid_data , 401
+                else:
+                    payload = {
+                        'sub': username,  # Subject (typically user ID)
+                        'iat': datetime.datetime.utcnow(),  # Issued at
+                        'exp': datetime.datetime.utcnow() + datetime.timedelta(minutes=15),  # Expiration (15 minutes)
+                        'role': 'admin' if username == 'admin' else 'user'  # Role based on username
+                    }
+
+                    # Get the secret key from config
+                    secret_key = Config.JWT_SECRET_KEY
+
+                    # Generate the token
+                    token = jwt.encode(payload, secret_key, algorithm='HS256')
+
+                    # Return the token and user info
+                    return {
+                        'jwt_token': token,
+                        'user': {
+                            'firstname': member.firstname,
+                            'lastname': member.lastname,
+                            'email':'support@mermsemr.com',
+                            'username': username,
+                            'role': 'admin' if username == 'admin' else 'user'
+                        },
+                        'expires_in': 900  # 15 minutes in seconds
+                    }
+
+
+
+                # # Check if the provided credentials are valid
+                # if username in valid_credentials and password == valid_credentials[username]:
+                #     # Generate JWT token with 15 minutes expiration
+                #     payload = {
+                #         'sub': username,  # Subject (typically user ID)
+                #         'iat': datetime.datetime.utcnow(),  # Issued at
+                #         'exp': datetime.datetime.utcnow() + datetime.timedelta(minutes=15),  # Expiration (15 minutes)
+                #         'role': 'admin' if username == 'admin' else 'user'  # Role based on username
+                #     }
+                #
+                #     # Get the secret key from config
+                #     secret_key = Config.JWT_SECRET_KEY
+                #
+                #     # Generate the token
+                #     token = jwt.encode(payload, secret_key, algorithm='HS256')
+                #
+                #     # Return the token and user info
+                #     return {
+                #         'jwt_token': token,
+                #         'user': {
+                #             'username': username,
+                #             'role': 'admin' if username == 'admin' else 'user'
+                #         },
+                #         'expires_in': 900  # 15 minutes in seconds
+                #     }
+                # else:
+                #     # Return error for invalid credentials
+                #     return {
+                #         'error': 'Invalid credentials',
+                #         'message': 'The username or password is incorrect'
+                #     }, 401
+
+        except Exception as e:
+            logger.error(f"An error occurred while get_office_country_list data: {str(e)}", exc_info=True)
+            return jsonify({"message": "Internal Server Error"}), 500
 
-            # Return the token and user info
-            return {
-                'jwt_token': token,
-                'user': {
-                    'username': username,
-                    'role': 'admin' if username == 'admin' else 'user'
-                },
-                'expires_in': 900  # 15 minutes in seconds
-            }
-        else:
-            # Return error for invalid credentials
-            return {
-                'error': 'Invalid credentials',
-                'message': 'The username or password is incorrect'
-            }, 401
 
     @staticmethod
     def verify_token(token):

app/models/office_users.py

@@ -26,7 +26,7 @@ class OfficeUsers(db.Model):
 
     uid = db.Column(db.String(150), nullable=True)
     username = db.Column(db.String(25), nullable=False)
-    password = db.Column(db.String(100), nullable=False)
+    password = db.Column(db.String(250), nullable=False)
     firstname = db.Column(db.String(25), nullable=False)
     lastname = db.Column(db.String(25), nullable=False)
     acc_level = db.Column(db.Integer, nullable=True, default=10)
@@ -56,10 +56,19 @@ class OfficeUsers(db.Model):
         users_list = cls.query.filter_by(username=username).first()
         logger.info(f"users_list looking for {username} after.")
         if not users_list:
-            logger.error(f"users_list with ID {user_id} does not exist.")
+            logger.error(f"users_list with ID {username} does not exist.")
             return None
         return users_list
 
+    @classmethod
+    def set_office_user_password(cls, user_id, username,password_hash):
+        selected_user = cls.query.filter_by(id=int(user_id), username=str(username)).first()
+        if not selected_user:
+            logger.error(f"users_list with ID {user_id} does not exist.")
+            return None
+        logger.info(f"Password Settings Action = >  {user_id}, {username}, {password_hash} ")
+        selected_user.password = password_hash
+        return selected_user
 
     def to_dict(self):
         return {