git_brcal/src/server/BreCal/impl/login.py

import json
import logging
import pydapper
import bcrypt

from ..schemas import model
from .. import local_db
from ..services import jwt_handler
from BreCal.database.sql_queries import SQLQuery


def GetUser(options):

    try:
        if "password" in options and "username" in options:
            hash = bcrypt.hashpw(options["password"].encode('utf-8'), bcrypt.gensalt( 12 )).decode('utf8')
            pooledConnection = local_db.getPoolConnection()
            commands = pydapper.using(pooledConnection)
            # query = SQLQuery.get_user()
            # data = commands.query(query, model=model.User, param={"username" : options["username"]})
            data = commands.query("SELECT id, participant_id, first_name, last_name, user_name, user_email, user_phone, password_hash, " +
                                  "api_key, notify_email, notify_whatsapp, notify_signal, notify_popup, notify_event, created, modified FROM user " +
                                  "WHERE user_name = ?username? OR user_email = ?username?",
                                  model=model.User, param={"username" : options["username"]})

            if len(data) == 1:
                if bcrypt.checkpw(options["password"].encode("utf-8"), bytes(data[0].password_hash, "utf-8")):
                    result = {
                        "id": data[0].id,
                        "participant_id": data[0].participant_id,
                        "first_name": data[0].first_name,
                        "last_name": data[0].last_name,
                        "user_name": data[0].user_name,
                        "user_phone": data[0].user_phone,
                        "user_email": data[0].user_email,
                        "notify_email": data[0].notify_email,
                        "notify_whatsapp": data[0].notify_whatsapp,
                        "notify_signal": data[0].notify_signal,
                        "notify_popup": data[0].notify_popup,
                        "notify_on": model.bitflag_to_list(data[0].notify_event)
                    }
                    token = jwt_handler.generate_jwt(payload=result, lifetime=120) # generate token valid 60 mins
                    result["token"] = token # add token to user data
                    return json.dumps(result), 200, {'Content-Type': 'application/json; charset=utf-8'}

            if len(data) > 1:
                result = {}
                result["error_field"] = "credential lookup mismatch"
                return json.dumps(result), 500, {'Content-Type': 'application/json; charset=utf-8'}

            result = {}
            result["error_field"] = "invalid credentials"
            return json.dumps(result), 403, {'Content-Type': 'application/json; charset=utf-8'}

    except Exception as ex:
        logging.error(ex)
        print(ex)
        result = {}
        result["error_field"] = "call failed"
        result["error_description"] = str(ex)
        return json.dumps(result), 500, {'Content-Type': 'application/json; charset=utf-8'}

    finally:
        if pooledConnection is not None:
            pooledConnection.close()

# $2b$12$uWLE0r32IrtCV30WkMbVwOdltgeibymZyYAf4ZnQb2Bip8hrkGGwG
# $2b$12$.vEapj9xU8z0RK0IpIGeYuRIl0ktdMt4XdJQBhVn.3K2hmvm7qD3y
# $2b$12$yL3PiseU70ciwEuMVM4OtuMwR6tNuIT9vvBiBG/uyMrPxa16E2Zqu