h jddlmZmZmZddlmZddlmZmZddlm Z ddl m Z m Z m Z ddlmZmZddlmZddlmZdd lmZmZmZmZdd lmZdd lmZdd lmZdd l m!Z!m"Z"m#Z#m$Z$ddl%m&Z&ddl'Z'ddl(Z(e dgdZ)eZ*de+de+de,fdZ-de+de+fdZ.d0de/de+fdZ0dedefdZ1dede+de+defd Z2dede+de+deee,ffd!Z3dedefd"Z4dede+de+defd#Z5d1d$e6d%eedffd&Z7d1d$e6d%eedffd'Z8ded(e/d)e+fd*Z9e e*e efd+edefd,Z:e e:fd-efd.Z;e e;fd-efd/Z/home/www/40-admission.kofcorporation.com/app/services/auth.pyverify_passwordr(s   no >>passwordc,tj|S)zHash a password)r%hash)r*s r'get_password_hashr-s   H %%r)lengthctjtjztjzdj fdt |D}|S)zHGenerate a random password with letters, digits, and special characters.c3HK|]}tjywN)secretschoice).0i characterss r' z+generate_random_password..#sIaw~~j1Is")string ascii_lettersdigits punctuationjoinrange)r.r*r7s @r'generate_random_passwordr? s?%% 58J8JJJwwI5=IIH Or)dbuserc*K|jtjtj|jk(j }|r t ddt |j}t}t|j|j||jd}|j||j|j|t|||t|jgdd|d {|S7w) zCreate a new userzEmail already registered status_codedetailF)email full_namer"role is_activezVerify your email addressz Your OTP is: rGsubjectbodyN)queryrfilterrGfirstr r-r*rrHrIaddcommitrefreshrr)r@rAdb_userr"otp_codes r' create_userrV&shhtn##DJJ$**$<=CCEG4NOO' 6O~Hjj..' YY GFF7OIIKJJw2w) zzl+XJ '  N sDD D DrGotpc|jtjtj|k(j }|s t dd|j r t dd|jr0|jtjtjkr t ddt||s t ddd|_t|||S) z.Verify OTP for registration and activate user.User not foundrDrCzUser is already activeOTP has expired Invalid OTPTrNrrOrGrPr rJ otp_expiryrnowrutcrrr@rGrWrAs r'verify_registration_otprbDs 88D> u!4 5 ; ; =D 4DEE ~~4LMM ??doo X\\0JJ4EFF dC MBBDNr4 Kr)c|jtjtj|k(j }|syt ||j sy|S)z)Authenticate a user by email and passwordF)rNrrOrGrPr(r")r@rGr*rAs r'authenticate_userrdTsJ 88D> u!4 5 ; ; =D  8T%9%9 : Kr)cKt}t|||t|jgdd|d{y7w)z Generate and send OTP for login.zYour login OTPzYour login OTP is: rKN)rrrrG)r@rArUs r'send_login_otprf]sA~H2tX& zzl "8* - s7A?Ac|jtjtj|k(j }|s t dd|j s t dd|jr0|jtjtjkr t ddt||s t ddt|||S)zVerify OTP for login.rYrZrDrCzUser is not activer[r\r]ras r'verify_login_otprhgs 88D> u!4 5 ; ; =D 4DEE >>4HII ??doo X\\0JJ4EFF dC MBBr4 Kr)data expires_deltacF|j}|r'tjtj|z}n4tjtjt t z}|jd|itj|tt}|S)zCreate a JWT access token)minutesexp algorithm) copyrr_rr`rrupdaterencoderrrirj to_encodeexpire encoded_jwts r'create_access_tokenrwvsn Ihll+m;hll+i@[.\\ eV_%**Y iHK r)cF|j}|r'tjtj|z}n4tjtjt t z}|jd|itj|tt}|S)zCreate a JWT refresh token)daysrmrn) rprr_rr`rrrqrrrrrrss r'create_refresh_tokenrzsn Ihll+m;hll+i=V.WW eV_%**Y iHK r)user_id refresh_tokenc|jtjtj|k(j }|r(||_|j |j||S)z#Update the refresh token for a user)rNrrOidrPr|rRrS)r@r{r|rAs r'update_refresh_tokenrsQ 88D> G!3 4 : : u!4 5 ; ; =D |## K $##$s+B=6B.$A B=. B::B= current_userc@K|js tdd|Sw)zGet the current active userrCz Inactive userrD)rJr rs r'get_current_active_userrs"  ! !ODD scv|jtjk7rttj d|S)zRequire admin rolezNot enough permissionsrD)rIrADMINr r HTTP_403_FORBIDDENrs r' require_adminrs5HNN*11+   r)) r2)=rrrtypingrjoserrpasslib.contextr fastapir r r fastapi.securityr rsqlalchemy.ormrapp.core.databaserapp.core.configrrrrapp.models.userrapp.schemas.userrapp.models.baserapp.services.otp_servicerrrrapp.services.email_servicerr3r9r% oauth2_schemestrboolr(r-intr?rVrbrdrfrhdictrwrzrrrrr)r'rs22(22E"$ii '$aa1 H:&A  ?C?#?$?&&&S# '<#$ '#tTzARWD   3 4  d 5D3I  t E)T/4J Ws3HO}G]mtu{m|(Dcj*8??O7P (//F'Gr)