Eamco/eamco_office_api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Updated claude big changes

Browse Source
This commit is contained in:
Edwin Eames
2026-01-29 08:43:56 -05:00
parent 2dbd3ea53f
commit eb4740c553
24 changed files with 388 additions and 429 deletions
Download Patch File Download Diff File Expand all files Collapse all files

75
app/auth/views.py
View File

@@ -1,10 +1,12 @@
import logging
from flask import request, jsonify
from flask import request
from flask_login import current_user, logout_user, login_required
from app.auth import auth
from app import db, bcrypt
from app.common.responses import error_response, success_response
from datetime import datetime
from uuid import uuid4
import secrets
from app.classes.auth import Auth_User
from app.classes.employee import Employee_Employee
from app.schemas import LoginSchema, RegisterSchema, ChangePasswordSchema, validate_request
@@ -19,7 +21,7 @@ def check_session():
"""
auth_header = request.headers.get('Authorization')
if not auth_header:
return jsonify({"ok": False, "error": "Authorization header missing"}), 401
return error_response("Authorization header missing", 401)
# --- THIS IS THE FIX ---
# Use a case-insensitive regular expression to remove "bearer "
@@ -30,11 +32,10 @@ def check_session():
if not user:
logger.warning("Authentication failed: no user found with provided API key")
return jsonify({"ok": False, "error": "Invalid token"}), 401
return error_response("Invalid token", 401)
# Now, build the complete response with both user and employee data.
return jsonify({
"ok": True,
return success_response({
'user': {
'user_name': user.username,
'user_id': user.id,
@@ -43,7 +44,7 @@ def check_session():
'token': user.api_key,
'confirmed': user.confirmed
},
}), 200
})
@auth.route("/amiconfirmed", methods=["GET"])
@@ -61,7 +62,7 @@ def check_confirmed():
else:
confirmed = True
return jsonify({"status": confirmed}), 200
return success_response({"status": confirmed})
@auth.route("/logout", methods=["POST"])
@@ -71,9 +72,9 @@ def logout():
"""
try:
logout_user()
return jsonify({'status': 'logged out'}), 200
return success_response({'status': 'logged out'})
except Exception as e:
return jsonify({"error", 'error'}), 400
return error_response("Logout failed", 400)
@auth.route("/login", methods=["POST"])
@@ -87,18 +88,17 @@ def login():
# Important checks!
if not user:
return jsonify({"error": "User not found"}), 401 # Use a more descriptive error and status code
return error_response("User not found", 401)
if not bcrypt.check_password_hash(user.password_hash, password):
return jsonify({"error": "Invalid password"}), 401 # Use a more descriptive error and status code
return error_response("Invalid password", 401)
# Check if user is active
if user.active != 1:
return jsonify({"error": "Please contact a manager. Login rejected"}), 401
return error_response("Please contact a manager. Login rejected", 401)
# If login is successful, return the correct structure
return jsonify({
"ok": True,
return success_response({
'user': {
'user_name': user.username,
'user_id': user.id,
@@ -106,7 +106,7 @@ def login():
'admin_role': user.admin_role,
},
'token': user.api_key
}), 200
})
@auth.route("/register", methods=["POST"])
@validate_request(RegisterSchema)
@@ -121,10 +121,8 @@ def register_user():
email = data["email"]
password = data["password"]
part_one_code = uuid4().hex
part_two_code = uuid4().hex
part_three_code = uuid4().hex
key = part_one_code + part_two_code + part_three_code
# Generate a cryptographically secure 64-byte (128 hex chars) API key
key = secrets.token_hex(64)
# check if email exists
user_exists_email = db.session\
@@ -132,15 +130,15 @@ def register_user():
.filter_by(email=email)\
.first() is not None
if user_exists_email:
return jsonify({"error": "Email already exists"}), 200
return error_response("Email already exists")
# check if username exists
user_exists_username = db.session\
.query(Auth_User)\
.filter_by(username=username)\
.first() is not None
if user_exists_username:
return jsonify({"error": "User already exists"}), 200
return error_response("User already exists")
# hash password for database
hashed_password = bcrypt.generate_password_hash(password).decode('utf-8')
@@ -167,8 +165,7 @@ def register_user():
# current_user.is_authenticated()
# current_user.is_active()
return jsonify({
"ok": True,
return success_response({
'user': {
'user_email': new_user.email,
'admin_role': new_user.admin_role,
@@ -176,7 +173,7 @@ def register_user():
'confirmed': new_user.confirmed,
},
'token': new_user.api_key
}), 200
})
@auth.route('/change-password', methods=['POST'])
@@ -184,67 +181,67 @@ def register_user():
def change_password():
auth_header = request.headers.get('Authorization')
if not auth_header:
return jsonify({"error": "Authorization header missing"}), 401
return error_response("Authorization header missing", 401)
api_key = re.sub(r'^bearer\s+', '', auth_header, flags=re.IGNORECASE).strip('"')
user = db.session.query(Auth_User).filter(Auth_User.api_key == api_key).first()
if not user:
return jsonify({"error": "Invalid token"}), 401
return error_response("Invalid token", 401)
data = request.validated_data
new_password = data["new_password"]
new_password_confirm = data["password_confirm"]
if str(new_password) != str(new_password_confirm):
return jsonify({"error": "Error: Incorrect Passwords"}), 200
return error_response("Error: Incorrect Passwords")
hashed_password = bcrypt.generate_password_hash(
new_password).decode('utf8')
user.password_hash = hashed_password
user.passwordpinallowed = 0
db.session.add(user)
db.session.commit()
return jsonify({"ok": True}), 200
return success_response()
@auth.route('/admin-change-password', methods=['POST'])
def admin_change_password():
auth_header = request.headers.get('Authorization')
if not auth_header:
return jsonify({"error": "Authorization header missing"}), 401
return error_response("Authorization header missing", 401)
api_key = re.sub(r'^bearer\s+', '', auth_header, flags=re.IGNORECASE).strip('"')
user = db.session.query(Auth_User).filter(Auth_User.api_key == api_key).first()
if not user:
return jsonify({"error": "Invalid token"}), 401
return error_response("Invalid token", 401)
if user.admin_role == 0:
return jsonify({"error": "Admin access required"}), 403
return error_response("Admin access required", 403)
employee_id = request.json.get("employee_id")
new_password = request.json.get("new_password")
new_password_confirm = request.json.get("password_confirm")
if not employee_id or not new_password or not new_password_confirm:
return jsonify({"error": "Missing required fields"}), 400
return error_response("Missing required fields", 400)
if str(new_password) != str(new_password_confirm):
return jsonify({"error": "Passwords do not match"}), 400
return error_response("Passwords do not match", 400)
from app.classes.employee import Employee_Employee
employee = db.session.query(Employee_Employee).filter(Employee_Employee.id == employee_id).first()
if not employee:
return jsonify({"error": "Employee not found"}), 404
return error_response("Employee not found", 404)
target_user = db.session.query(Auth_User).filter(Auth_User.id == employee.user_id).first()
if not target_user:
return jsonify({"error": "User not found"}), 404
return error_response("User not found", 404)
hashed_password = bcrypt.generate_password_hash(new_password).decode('utf-8')
@@ -253,4 +250,4 @@ def admin_change_password():
db.session.add(target_user)
db.session.commit()
return jsonify({"ok": True}), 200
return success_response()