dmart 1.4.17__py3-none-any.whl

api/qr/router.py

@@ -0,0 +1,108 @@
+from time import time
+from fastapi import APIRouter, Depends, Path, Body, status
+from fastapi.responses import StreamingResponse
+from api.managed.router import retrieve_entry_meta
+from utils.internal_error_code import InternalErrorCode
+from utils.jwt import JWTBearer
+from io import BytesIO
+import models.api as api
+import utils.regex as regex
+import hmac
+import hashlib
+from utils.settings import settings
+from models.enums import ResourceType
+from fastapi.responses import ORJSONResponse
+
+router = APIRouter(default_response_class=ORJSONResponse)
+
+
+@router.get("/generate/{resource_type}/{space_name}/{subpath:path}/{shortname}")
+async def generate_qr_user_profile(
+    resource_type: ResourceType = Path(...),
+    space_name: str = Path(..., pattern=regex.SPACENAME, examples=["data"]),
+    subpath: str = Path(..., pattern=regex.SUBPATH, examples=["/content"]),
+    shortname: str = Path(..., pattern=regex.SHORTNAME,
+                          examples=["unique_shortname"]),
+    logged_in_user=Depends(JWTBearer()),
+) -> StreamingResponse:
+    data: str | dict = await retrieve_entry_meta(
+        resource_type,
+        space_name,
+        subpath,
+        shortname,
+        logged_in_user=logged_in_user,
+    )
+
+    if (
+        isinstance(data, dict)
+        and data.get("owner_shortname") != logged_in_user
+        and f"management/{subpath}/{data['shortname']}"
+        != f"{space_name}/users/{logged_in_user}"
+    ):
+        raise api.Exception(
+            status.HTTP_400_BAD_REQUEST,
+            api.Error(type="qr", code=InternalErrorCode.QR_ERROR,
+                      message="QR cannot be generated"),
+        )
+    m = hmac.new(settings.jwt_secret.encode(), digestmod=hashlib.sha256)
+    data = f"{resource_type}/{space_name}/{subpath}/{shortname}"
+    date = int(time())
+    m.update(f"{date}.{data}".encode())
+    hexed_data = m.hexdigest()
+
+    try:
+        segno = __import__("segno")
+        qrcode = segno.make(f"{date}.{hexed_data}")
+        v_path = BytesIO()
+        qrcode.save(v_path, kind="png", dpi=600, scale=10)
+
+        return StreamingResponse(iter([v_path.getvalue()]), media_type="image/png")
+    except ModuleNotFoundError:
+        raise api.Exception(
+            status.HTTP_400_BAD_REQUEST,
+            api.Error(
+                type="request",
+                code=InternalErrorCode.NOT_ALLOWED,
+                message="segno is not installed!",
+            ),
+        )
+
+
+@router.post("/validate")
+async def validate_qr_user_profile(
+    resource_type: ResourceType = Body(...),
+    space_name: str = Body(..., pattern=regex.SPACENAME, examples=["data"]),
+    subpath: str = Body(..., pattern=regex.SUBPATH, examples=["/content"]),
+    shortname: str = Body(..., pattern=regex.SHORTNAME,
+                          examples=["unique_shortname"]),
+    logged_in_user=Depends(JWTBearer()),
+    qr_data: str = Body(..., embed=True),
+):
+    await retrieve_entry_meta(
+        resource_type,
+        space_name,
+        subpath,
+        shortname,
+        logged_in_user=logged_in_user,
+    )
+    arr_data = qr_data.split(".")
+    req_date, req_data = arr_data[0], arr_data[1]
+    if int(req_date) + 60 < int(time()):
+        raise api.Exception(
+            status.HTTP_400_BAD_REQUEST,
+            api.Error(type="qr", code=InternalErrorCode.QR_EXPIRED,
+                      message="QR did expire"),
+        )
+    data = f"{resource_type}/{space_name}/{subpath}/{shortname}"
+    m = hmac.new(settings.jwt_secret.encode(), digestmod=hashlib.sha256)
+    m.update(f"{req_date}.{data}".encode())
+    hexed_data = m.hexdigest()
+
+    if hexed_data == req_data:
+        return api.Response(status=api.Status.success)
+    else:
+        raise api.Exception(
+            status.HTTP_400_BAD_REQUEST,
+            api.Error(type="qr", code=InternalErrorCode.QR_INVALID,
+                      message="Invalid data passed"),
+        )

api/user/model/errors.py

@@ -0,0 +1,14 @@
+from models.api import Error
+from utils.internal_error_code import InternalErrorCode
+
+INVALID_OTP = Error(
+    type="OTP",
+    code=InternalErrorCode.OTP_INVALID,
+    message="Invalid OTP",
+)
+
+EXPIRED_OTP = Error(
+    type="OTP",
+    code=InternalErrorCode.OTP_EXPIRED,
+    message="Expired OTP",
+)

api/user/model/requests.py

@@ -0,0 +1,165 @@
+from typing import Dict
+from pydantic import BaseModel, Field
+from utils.internal_error_code import InternalErrorCode
+import utils.regex as rgx
+from models.api import Exception, Error
+from models.enums import StrEnum
+
+
+class OTPType(StrEnum):
+    SMS = "SMS"
+    EMAIL = "EMAIL"
+
+
+class SendOTPRequest(BaseModel):
+    shortname: str | None = Field(None, pattern=rgx.SHORTNAME)
+    msisdn: str | None = Field(None, pattern=rgx.MSISDN)
+    email: str | None = Field(None, pattern=rgx.EMAIL)
+
+    def check_fields(self) -> Dict[str, str]:
+        if self.email is None and self.msisdn is None and self.shortname is None:
+            raise Exception(
+                422,
+                Error(
+                    type="OTP",
+                    code=InternalErrorCode.EMAIL_OR_MSISDN_REQUIRED,
+                    message="One of these [email, msisdn, shortname] should be set!",
+                ),
+            )
+
+        if [self.email, self.msisdn, self.shortname].count(None) != 2:
+            raise Exception(
+                422,
+                Error(
+                    type="OTP",
+                    code=InternalErrorCode.INVALID_STANDALONE_DATA,
+                    message="Too many input has been passed",
+                ),
+            )
+
+        elif self.msisdn:
+            return {"msisdn": self.msisdn}
+        elif self.email:
+            return {"email": self.email}
+        elif self.shortname:
+            return {"shortname": self.shortname}
+
+        raise Exception(
+            500,
+            Error(
+                type="OTP",
+                code=InternalErrorCode.OTP_ISSUE,
+                message="Something went wrong",
+            ),
+        )
+
+    model_config = {
+        "json_schema_extra": {
+            "examples": [
+                {
+                    "msisdn": "7777778110"
+                }
+            ]
+        }
+    }
+
+class PasswordResetRequest(BaseModel):
+    msisdn: str | None = Field(None, pattern=rgx.MSISDN)
+    shortname: str | None = Field(None, pattern=rgx.SHORTNAME)
+    email: str | None = Field(None, pattern=rgx.EMAIL)
+
+    def check_fields(self) -> Dict[str, str]:
+        if self.email is None and self.msisdn is None and self.shortname is None:
+            raise Exception(
+                422,
+                Error(
+                    type="OTP",
+                    code=InternalErrorCode.EMAIL_OR_MSISDN_REQUIRED,
+                    message="One of these [shortname, email, msisdn] should be set!",
+                ),
+            )
+
+        if [self.email, self.msisdn, self.shortname].count(None) != 2:
+            raise Exception(
+                422,
+                Error(
+                    type="OTP",
+                    code=InternalErrorCode.INVALID_STANDALONE_DATA,
+                    message="Too many input has been passed",
+                ),
+            )
+
+        elif self.msisdn:
+            return {"msisdn": self.msisdn}
+        elif self.email:
+            return {"email": self.email}
+        elif self.shortname:
+            return {"shortname": self.shortname}
+
+        raise Exception(
+            500,
+            Error(
+                type="password_reset",
+                code=InternalErrorCode.PASSWORD_RESET_ERROR,
+                message="Something went wrong",
+            ),
+        )
+
+    model_config = {
+        "json_schema_extra": {
+            "examples": [
+                {
+                    "msisdn": "7777778110"
+                }
+            ]
+        }
+    }
+class ConfirmOTPRequest(SendOTPRequest, BaseModel):
+    code: str = Field(..., pattern=rgx.OTP_CODE)
+
+    model_config = {
+        "json_schema_extra": {
+            "examples": [
+                {
+                    "code": "84293201"
+                }
+            ]
+        }
+    }
+
+class UserLoginRequest(BaseModel):
+    shortname: str | None = Field(None, pattern=rgx.SHORTNAME)
+    email: str | None = Field(None, pattern=rgx.EMAIL)
+    msisdn: str | None = Field(None, pattern=rgx.MSISDN)
+    password: str | None = Field(None)
+    invitation: str | None = Field(None, pattern=rgx.INVITATION)
+    firebase_token: str | None = Field(None)
+    otp: str | None = Field(None)
+
+    def check_fields(self) -> Dict[str, str] | None:
+        if self.shortname is None and self.email is None and self.msisdn is None:
+            return {}
+            # raise ValueError("One of these [shortname, email, msisdn] should be set!")
+
+        if [self.shortname, self.email, self.msisdn].count(None) != 2:
+            raise ValueError("Too many input has been passed")
+
+        if self.shortname:
+            return {"shortname": self.shortname}
+        elif self.msisdn:
+            return {"msisdn": self.msisdn}
+        elif self.email:
+            return {"email": self.email}
+
+        return None
+
+    model_config = {
+        "json_schema_extra": {
+            "examples": [
+                {
+                    "shortname": "john_doo",
+                    "password": "my_secure_password_@_93301"
+                }
+            ]
+        }
+    }

api/user/model/responses.py

@@ -0,0 +1,11 @@
+from pydantic import BaseModel, Field
+
+from models.api import Response
+
+
+class Confirmation(BaseModel):
+    confirmation: str = Field(...)
+
+
+class ConfirmationResponse(Response):
+    data: Confirmation