2025-04-30 20:11:17 -04:00
|
|
|
import re
|
|
|
|
|
from flask import Blueprint, request, jsonify, session
|
|
|
|
|
from custom_functions.database.user_db import change_password, change_api_key
|
|
|
|
|
|
2025-07-22 20:01:22 +07:00
|
|
|
user_change_bp = Blueprint("user_change_bp", __name__)
|
2025-04-30 20:11:17 -04:00
|
|
|
|
|
|
|
|
# Define allowed characters regex (no spaces allowed)
|
|
|
|
|
PASSWORD_REGEX = re.compile(r'^[A-Za-z0-9!@#$%^&*()_+\-=\[\]{};\'":\\|,.<>\/?`~]+$')
|
|
|
|
|
|
2025-07-22 20:01:22 +07:00
|
|
|
|
|
|
|
|
@user_change_bp.route("/user/change_password", methods=["POST"])
|
2025-04-30 20:11:17 -04:00
|
|
|
def change_password_route():
|
2025-07-22 20:01:22 +07:00
|
|
|
username = session.get("username")
|
2025-04-30 20:11:17 -04:00
|
|
|
if not username:
|
2025-07-22 20:01:22 +07:00
|
|
|
return jsonify({"message": "False"}), 400
|
2025-04-30 20:11:17 -04:00
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
data = request.get_json()
|
2025-07-22 20:01:22 +07:00
|
|
|
new_password = data.get("new_password", "")
|
2025-04-30 20:11:17 -04:00
|
|
|
|
|
|
|
|
if not PASSWORD_REGEX.match(new_password):
|
2025-07-22 20:01:22 +07:00
|
|
|
return jsonify({"message": "Invalid password format"}), 400
|
2025-04-30 20:11:17 -04:00
|
|
|
|
|
|
|
|
change_password(username=username, new_password=new_password)
|
2025-07-22 20:01:22 +07:00
|
|
|
return jsonify({"message": "True"}), 200
|
2025-04-30 20:11:17 -04:00
|
|
|
|
|
|
|
|
except Exception as e:
|
2025-07-22 20:01:22 +07:00
|
|
|
return jsonify({"message": "False"}), 400
|
2025-04-30 20:11:17 -04:00
|
|
|
|
|
|
|
|
|
2025-07-22 20:01:22 +07:00
|
|
|
@user_change_bp.route("/user/change_api_key", methods=["POST"])
|
2025-04-30 20:11:17 -04:00
|
|
|
def change_api_key_route():
|
|
|
|
|
# Ensure the user is logged in by checking session for 'username'
|
2025-07-22 20:01:22 +07:00
|
|
|
username = session.get("username")
|
2025-04-30 20:11:17 -04:00
|
|
|
if not username:
|
2025-07-22 20:01:22 +07:00
|
|
|
return jsonify({"message": "False", "error": "User not logged in"}), 400
|
2025-04-30 20:11:17 -04:00
|
|
|
|
|
|
|
|
# Get the new API key from the request body
|
2025-07-22 20:01:22 +07:00
|
|
|
new_api_key = request.json.get("new_api_key")
|
2025-04-30 20:11:17 -04:00
|
|
|
|
|
|
|
|
if not new_api_key:
|
2025-07-22 20:01:22 +07:00
|
|
|
return jsonify({"message": "False", "error": "New API key not provided"}), 400
|
2025-04-30 20:11:17 -04:00
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
# Call the function to update the API key in the database
|
|
|
|
|
success = change_api_key(username=username, new_api_key=new_api_key)
|
|
|
|
|
|
|
|
|
|
if success:
|
2025-07-22 20:01:22 +07:00
|
|
|
return (
|
|
|
|
|
jsonify({"message": "True", "success": "API key changed successfully"}),
|
|
|
|
|
200,
|
|
|
|
|
)
|
2025-04-30 20:11:17 -04:00
|
|
|
else:
|
2025-07-22 20:01:22 +07:00
|
|
|
return (
|
|
|
|
|
jsonify({"message": "False", "error": "Failed to change API key"}),
|
|
|
|
|
500,
|
|
|
|
|
)
|
2025-04-30 20:11:17 -04:00
|
|
|
|
|
|
|
|
except Exception as e:
|
|
|
|
|
# Catch any unexpected errors and return a response
|
2025-07-22 20:01:22 +07:00
|
|
|
return jsonify({"message": "False", "error": str(e)}), 500
|
