Skip to content

aa.gusti / opensipkd-base

Go to a project
Commit 278b71c4 by taufikyu
Options

Merge branch 'latest' of https://git.opensipkd.com/aa.gusti/opensipkd-base into latest

2 parents bfe5ab1f 32befca7
Inline Side-by-side
Showing 10 changed files with 168 additions and 97 deletions
opensipkd/base/__init__.py
......@@ -250,7 +250,7 @@ def is_devel(request):
def google_signin_client_ids(request):
ids = get_params('google-signin-client-id', '')
if ids:
return ids.split(',')
return ids.split('\n')
else:
return []
......
opensipkd/base/views/base_google.py
import logging
from google.auth.transport import requests
from google.oauth2 import id_token
from opensipkd.base import get_params
......@@ -7,6 +9,8 @@ from opensipkd.models import User
from opensipkd.tools import get_settings
import json
_logging = logging.getLogger(__name__)
def validate_user(request, idinfo):
"""
......@@ -49,7 +53,7 @@ def google_oauth2(request):
@view_config(route_name='googlesignin', renderer='json')
def googlesignin(request):
def googlesignin(request, data=None):
# (Receive token by HTTPS POST)
# ...
CLIENT_IDS = request.google_signin_client_ids
......@@ -59,15 +63,30 @@ def googlesignin(request):
# idinfo = id_token.verify_oauth2_token(token, requests.Request(), CLIENT_ID)
# Or, if multiple clients access the backend server:
gtoken = json.loads(request.params['id_token'])
id_token = "id_token" in request.params and request.params[
'id_token'] or ""
gtoken = None
if id_token:
gtoken = json.loads(id_token)
else:
if data and "id_token" in data:
gtoken = data["id_token"]
_logging.debug(gtoken)
if not gtoken:
raise Exception("Gtoken not found")
# idinfo = id_token.verify_oauth2_token(gtoken, requests.Request())
# test
import jwt
idinfo = jwt.decode(gtoken["credential"], options={"verify_signature": False}) # KEY, algorithms=["RS256"]) #
idinfo = jwt.decode(gtoken["credential"], options={
"verify_signature": False}) # KEY, algorithms=["RS256"]) #
_logging.debug(CLIENT_IDS)
_logging.debug(idinfo)
if idinfo['aud'] not in CLIENT_IDS or idinfo['azp'] not in CLIENT_IDS:
raise ValueError('Could not verify audience.')
if idinfo['iss'] not in ['accounts.google.com', 'https://accounts.google.com']:
if idinfo['iss'] not in ['accounts.google.com',
'https://accounts.google.com']:
raise ValueError('Wrong issuer.')
return idinfo
opensipkd/base/views/base_views.py
......@@ -383,12 +383,26 @@ class BaseView(object):
if self.req.POST:
if 'save' in self.req.POST:
controls = self.req.POST.items()
log.debug(self.req.POST.items())
log.debug(dict(self.req.POST.items()))
try:
c = form.validate(controls)
except ValidationFailure as e:
# value = self.validation_failure(e.cstruct)
# value.update(self.before_add())
# form.render(appstruct=value)
# log.debug(e.cstruct)
# log.debug(e.field)
# efield = e.field
for f in e.field.children:
if isinstance(f.typ, colander.Date):
e.cstruct[f.name] = date_from_str(e.cstruct[f.name])
# for k, v in e.cstruct.items():
# log.debug(hasattr(e.field, k))
# if isinstance(f, colander.Date):
# e.cstruct[f] = date_from_str(e.cstruct[f])
return dict(form=form.render(e.cstruct),
table=table and table.render() or None,
scripts=self.form_scripts, css=resources["css"],
......@@ -409,6 +423,9 @@ class BaseView(object):
js=resources["js"])
def save(self, values, user, row=None):
log.debug("Save")
log.debug(values)
values.pop("id", None)
self.ses["old_email"] = user and user.email or None
if not row:
row = self.table()
......@@ -470,7 +487,13 @@ class BaseView(object):
resources = form.get_widget_resources()
if request.POST:
if 'save' in request.POST:
log.debug("Save Edit")
log.debug(dict(request.POST.items()))
log.debug(request.POST)
controls = request.POST.items()
log.debug(controls)
# log.debug(dict(controls))
# log.debug(list(controls))
try:
controls = form.validate(controls)
except ValidationFailure as e:
......
opensipkd/base/views/dati2.py
......@@ -119,8 +119,7 @@ class ViewDati2(BaseView):
def list_join(self, query):
return query.join(ResProvinsi, ResProvinsi.id == ResDati2.provinsi_id)
@view_config(route_name='dati2-act', renderer='json',
permission='view')
@view_config(route_name='dati2-act', renderer='json')
def view_act(self):
return super().view_act()
......
opensipkd/base/views/menus.py
......@@ -163,11 +163,16 @@ class ViewMenus(BaseView):
self.update_children(child.children)
def save_request(self, values, row=None): # save(self, row, values):
for k, v in values.items():
if not v:
setattr(row, k, None)
row = super().save_request(values, row)
return row
# for k, v in values.items():
# if not v:
# setattr(row, k, None)
# row = super().save_request(values, row)
for k, v in self.req.GET.items():
if k not in values:
if v:
values[k] = v
values["status"] = "status" in values and values["status"] or 0
return self.save(values, self.req.user, row)
@view_config(route_name='menu',
renderer='templates/table.pt',
......
opensipkd/base/views/register.py
......@@ -26,6 +26,8 @@ Link dalam module registrasi:
4. Form edit registrasi http://server/register/{uid}/edit
5. Form Upload template
"""
import base64
import logging
from datetime import datetime
import colander
......@@ -48,6 +50,8 @@ from ..views import BaseView
_ = TranslationStringFactory('user')
_logging = logging.getLogger(__name__)
class AddSchema(colander.Schema):
nama = colander.SchemaNode(
......@@ -173,6 +177,7 @@ class Registrasi(BaseView):
3. Cek kode pada Partner jika ada dan Partner.id beda reject
4. Cek mobile pada Partner jika ada dan Users.id beda reject
"""
_logging.debug(value)
form_exc = colander.Invalid(form, '')
request = form.request
session = request.session
......@@ -218,7 +223,7 @@ class Registrasi(BaseView):
err_captcha()
user = request.user
if not "email" in value and "id_info" in session:
if "email" not in value and "id_info" in session:
value["email"] = session["id_info"]["email"]
if not user and (
......@@ -274,6 +279,16 @@ class Registrasi(BaseView):
if not user or not UserService.check_password(
user, value['password']):
err_login()
if "idcard" in value and value["idcard"]:
idcard = value["idcard"]
path = get_id_card_folder()
if "fp" in idcard and idcard["fp"] and idcard["fp"] != b'':
_logging.debug(idcard["fp"])
upload = Upload(path)
value["idcard"] = upload.save_fp(idcard)
else:
value.pop("idcard")
def before_add(self):
result = {}
......@@ -328,7 +343,8 @@ class Registrasi(BaseView):
if d["idcard"]:
filename = d["idcard"]
preview_url = "/".join(
[self.req.static_url(get_id_card_folder('/')), filename])
[self.req.static_url(get_id_card_folder('/')),
filename])
d["idcard"] = {"uid": filename.split(".")[0],
"filename": filename,
"preview_url": preview_url
......@@ -360,13 +376,6 @@ class Registrasi(BaseView):
if not "email" in values or not values["email"]:
values["email"] = self.req.user and self.req.user.email or ""
if "idcard" in values and values["idcard"]:
if self.req.POST['upload'] != b'':
path = get_id_card_folder()
upload = Upload(path)
values["idcard"] = upload.save(self.req, 'upload')
else:
values.pop("idcard")
if not row:
values["is_vendor"] = 0
values["is_customer"] = 1
......
opensipkd/base/views/user_login.py
......@@ -20,6 +20,7 @@ Perubahan Mendasar dari fungsi login adalah:
result object dari fungsi tersebut harus berupa class User()
"""
import os
import re
from datetime import timedelta, datetime
from importlib import import_module
......@@ -87,14 +88,78 @@ class LoginUser(object):
self.message = "Login Gagal"
set_user_log(self.message, self.request, log, values["username"])
return
# generate security_code dan simpan dalam session
regenerate_security_code(self.user, 0.03) # berlaku selama 1.8 menit
regenerate_security_code(self.user, 0.03) # berlaku selama 1.8 menit
# dicek pada module security get_user
self.request.session["token"]=self.user.security_code
self.request.session["token"] = self.user.security_code
return True
class Oauth2ParseExc(Exception):
"""Error parsing"""
class Oauth2UserExc(Exception):
"""Error User Found"""
def oauth2_login(request, params=None):
provider_name = params and params["provider_name"] \
or request.params["provider_name"]
if provider_name == "google":
from .base_google import googlesignin
try:
id_info = googlesignin(request, params)
except Exception as e:
raise Oauth2ParseExc(str(e))
request.session["id_info"] = id_info
else:
id_info = None
iss = id_info and re.sub(r'https?://', '', id_info['iss']) or None
user = id_info and ExternalIdentityService. \
user_by_external_id_and_provider(id_info['sub'], iss)
log.debug("Users : %s", user)
log.debug("IdInfo : %s", id_info)
if id_info and not user:
values = {'email': id_info['email'],
"user_name": id_info["email"],
"status": 1,
"registered_date": datetime.now()}
user = User.get_by_identity(values.get("email"))
partner = Partner.query_email(values.get("email")).first()
log.debug("User : %s", user)
log.debug("Partner : %s", partner)
if user or partner:
raise Oauth2UserExc("Email sudah terdaftar silahkan login standard")
user = User()
user.from_dict(values)
DBSession.add(user)
DBSession.flush()
DBSession.refresh(user)
values = {'external_id': id_info['sub'],
'external_user_name': id_info["name"],
'external_email': id_info["email"],
'provider_name': iss,
"local_user_id": user.id,
"status": 1}
external = ExternalIdentity()
external.from_dict(values)
DBSession.add(external)
DBSession.flush()
if user and user.status != 1:
raise Oauth2UserExc(
"User anda masih menunggu verifikasi atau lagi di blokir")
# # todo: what is this????
# # values['access_token']
# # values['alt_token']
# # values['token_secret']
return user
class ViewLogin(BaseView):
@view_config(route_name='login', renderer='templates/form.pt')
def view_login(self):
......@@ -162,74 +227,24 @@ class ViewLogin(BaseView):
elif "provider_name" in request.params and \
request.params["provider_name"]:
provider_name = request.params["provider_name"]
if provider_name == "google":
from .base_google import googlesignin
try:
id_info = googlesignin(request)
except Exception as e:
login = ""
request.session.flash(str(e), "error")
return render_to_response(
login_tpl, dict(
form=form.render(),
message=message,
url=request.route_url('login'),
next_url=next_url,
login=login, ),
request=request)
request.session["id_info"] = id_info
else:
id_info = None
user = id_info and ExternalIdentityService. \
user_by_external_id_and_provider(id_info['sub'], id_info['iss'])
log.debug("Users : %s", user)
log.debug("IdInfo : %s", id_info)
if id_info and not user:
# Proses Register user
# Cek Data di user dan partner
# Jika sudah ada user login klasik pake user password
# Simpan ke table user dan external identity
values = {'email': id_info['email'],
"user_name": id_info["email"],
"status": 1,
"registered_date": datetime.now()}
user = User.get_by_identity(values.get("email"))
partner = Partner.query_email(values.get("email")).first()
log.debug("User : %s", user)
log.debug("Partner : %s", partner)
if user or partner:
request.session.flash(
"Email sudah terdaftar silahkan login standard",
'error')
return HTTPFound(location=request.route_url('login'))
user = User()
user.from_dict(values)
DBSession.add(user)
DBSession.flush()
DBSession.refresh(user)
values = {'external_id': id_info['sub'],
'external_user_name': id_info["name"],
'external_email': id_info["email"],
'provider_name': id_info["iss"],
"local_user_id": user.id,
"status": 1}
external = ExternalIdentity()
external.from_dict(values)
DBSession.add(external)
DBSession.flush()
# # todo: what is this????
# # values['access_token']
# # values['alt_token']
# # values['token_secret']
try:
user = oauth2_login(request)
except Oauth2ParseExc as e:
login = ""
request.session.flash(str(e), "error")
return render_to_response(
login_tpl, dict(
form=form.render(),
message=message,
url=request.route_url('login'),
next_url=next_url,
login=login, ),
request=request)
except Oauth2UserExc as e:
request.session.flash(str(e), 'error')
return HTTPFound(location=request.route_url('login'))
if user and user.status == 1:
return redirect_login(request, user)
else:
message = "User anda masih menunggu verifikasi atau lagi di blokir"
request.session.flash(message, "error")
login = ""
if login_tpl == 'templates/login.pt':
......
opensipkd/base/views/widget.py
import json
import logging
from deform.widget import (
SchemaType,
......@@ -56,6 +57,7 @@ class DateInputWidget(DeformDateInputWidget):
return field.renderer(template, **values)
def deserialize(self, field, pstruct):
logging.debug(f"widget: {field} {pstruct}")
if pstruct in ("", null):
return null
try:
......
opensipkd/base/views/widgets/file_upload.pt
<tal:block tal:define="oid oid|field.oid;
css_class css_class|field.widget.css_class;
style style|field.widget.style;">
${field.start_mapping()}
${field.start_mapping()}
<img tal:define="preview_url cstruct.get('preview_url');
filename cstruct.get('filename')"
tal:condition="preview_url" src="${structure: preview_url}"
></img>
<input type="file" name="upload" id="${oid}"
tal:attributes="style style;
accept accept|field.widget.accept;
......@@ -10,11 +14,6 @@ ${field.start_mapping()}
<input tal:define="uid cstruct.get('uid')"
tal:condition="uid"
type="hidden" name="uid" value="${uid}"/>
<a tal:define="preview_url cstruct.get('preview_url');
filename cstruct.get('filename')"
tal:condition="preview_url" href="${structure: preview_url}"
target="_blank">Show</a>
${field.end_mapping()}
<script type="text/javascript">
deform.addCallback('${oid}', function (oid) {
......
opensipkd/detable/templates/detable.pt
......@@ -18,7 +18,7 @@
data data|field.data;
allow_edit allow_edit|field.allow_edit;
allow_delete allow_delete|field.allow_delete;
allow_view allow_delete|field.allow_view;
allow_view allow_view|field.allow_view;
"
tal:attributes="style style; class css_class; attributes|field.widget.attributes|{};"
i18n:domain="detable"
......
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!