diff --git a/services/register/config.yaml b/services/register/config.yaml index bc1370fd86805cf64bba5f7063b502ce2aa0432c..f63df9fe95452c0443dce72e8934dc2d4998d8fc 100644 --- a/services/register/config.yaml +++ b/services/register/config.yaml @@ -3,6 +3,7 @@ mongo: { 'password': 'example', 'db': 'capif_users', 'col': 'user', + 'admins': 'admins', 'host': 'mongo_register', 'port': '27017' } @@ -16,5 +17,6 @@ register: { register_uuid: '6ba7b810-9dad-11d1-80b4-00c04fd430c8', refresh_expiration: 30, #days token_expiration: 10, #mins - admin_users: {admin: "password123"} + admin_users: {admin_user: "admin", + admin_pass: "password123"} } \ No newline at end of file diff --git a/services/register/register_service/__main__.py b/services/register/register_service/__main__.py index 12f6ffd6542ebffb4f045d805fb752d976f0ef65..7554fa2e70f9a99239457f33404825a57693cd3b 100644 --- a/services/register/register_service/__main__.py +++ b/services/register/register_service/__main__.py @@ -1,13 +1,11 @@ - -import os from flask import Flask from .controllers.register_controller import register_routes from flask_jwt_extended import JWTManager from OpenSSL.crypto import PKey, TYPE_RSA, X509Req, dump_certificate_request, FILETYPE_PEM, dump_privatekey import requests import json -import jwt from .config import Config +from .db.db import MongoDatabse app = Flask(__name__) @@ -73,6 +71,11 @@ response = requests.request("GET", url, headers=headers, verify = False) key_data = json.loads(response.text)["data"]["data"]["key"] +# Create an Admin in the Admin Collection +client = MongoDatabse() +if not client.get_col_by_name(client.capif_admins).find_one({"admin_name": config["register"]["admin_users"]["admin_user"], "admin_pass": config["register"]["admin_users"]["admin_pass"]}): + client.get_col_by_name(client.capif_admins).insert_one({"admin_name": config["register"]["admin_users"]["admin_user"], "admin_pass": config["register"]["admin_users"]["admin_pass"]}) + app.config['JWT_ALGORITHM'] = 'RS256' app.config['JWT_PRIVATE_KEY'] = key_data diff --git a/services/register/register_service/controllers/register_controller.py b/services/register/register_service/controllers/register_controller.py index 14877f8b5739332e98a0628a58d335926908b393..ded8e8bc9a5fcfb6fa2cfa8bc1f1f033d585b19c 100644 --- a/services/register/register_service/controllers/register_controller.py +++ b/services/register/register_service/controllers/register_controller.py @@ -5,6 +5,7 @@ from ..core.register_operations import RegisterOperations from ..config import Config from functools import wraps from datetime import datetime, timedelta +from ..db.db import MongoDatabse from flask_httpauth import HTTPBasicAuth import jwt @@ -34,7 +35,9 @@ def generate_tokens(username): @auth.verify_password def verify_password(username, password): users = register_operation.get_users()[0].json["users"] - if username in config["register"]["admin_users"] and password == config["register"]["admin_users"][username]: + client = MongoDatabse() + admin = client.get_col_by_name(client.capif_admins).find_one({"admin_name": username, "admin_pass": password}) + if admin: return username, "admin" for user in users: if user["username"] == username and user["password"]==password: @@ -84,12 +87,40 @@ def refresh_token(username): @register_routes.route("/createUser", methods=["POST"]) @admin_required() def register(username): - username = request.json["username"] - password = request.json["password"] - description = request.json["description"] - email = request.json["email"] + required_fields = { + "username": str, + "password": str, + "enterprise": str, + "country": str, + "email": str, + "purpose": str + } + + optional_fields = { + "phone_number": str, + "company_web": str, + "description": str + } + + user_info = request.get_json() + + missing_fields = [] + for field, field_type in required_fields.items(): + if field not in user_info: + missing_fields.append(field) + elif not isinstance(user_info[field], field_type): + return jsonify({"error": f"Field '{field}' must be of type {field_type.__name__}"}), 400 + + for field, field_type in optional_fields.items(): + if field in user_info and not isinstance(user_info[field], field_type): + return jsonify({"error": f"Optional field '{field}' must be of type {field_type.__name__}"}), 400 + if field not in user_info: + user_info[field] = None + + if missing_fields: + return jsonify({"error": "Missing required fields", "fields": missing_fields}), 400 - return register_operation.register_user(username, password, description, email) + return register_operation.register_user(user_info) @register_routes.route("/getauth", methods=["GET"]) @auth.login_required diff --git a/services/register/register_service/core/register_operations.py b/services/register/register_service/core/register_operations.py index 1eb6b0775acc8319d15d3b2456280d420b1f5c58..b76d09286d16a0b0e8ab1ca066100f0f6ffb0d55 100644 --- a/services/register/register_service/core/register_operations.py +++ b/services/register/register_service/core/register_operations.py @@ -13,17 +13,18 @@ class RegisterOperations: self.mimetype = 'application/json' self.config = Config().get_config() - def register_user(self, username, password, description, email): + def register_user(self, user_info): mycol = self.db.get_col_by_name(self.db.capif_users) - exist_user = mycol.find_one({"username": username}) + exist_user = mycol.find_one({"username": user_info["username"]}) if exist_user: return jsonify("user already exists"), 409 name_space = uuid.UUID(self.config["register"]["register_uuid"]) - user_uuid = str(uuid.uuid5(name_space, username)) + user_uuid = str(uuid.uuid5(name_space,user_info["username"])) - user_info = dict(uuid=user_uuid, username=username, password=password, description=description, email=email, onboarding_date=datetime.now()) + user_info["uuid"] = user_uuid + user_info["onboarding_date"]=datetime.now() obj = mycol.insert_one(user_info) return jsonify(message="User registered successfully", uuid=user_uuid), 201 diff --git a/services/register/register_service/db/db.py b/services/register/register_service/db/db.py index 0b08933251035fc285b0983575d2e30844cce8f3..65a8a83fe4da25f7b992898a60485ccbaa9228d4 100644 --- a/services/register/register_service/db/db.py +++ b/services/register/register_service/db/db.py @@ -12,6 +12,7 @@ class MongoDatabse(): self.config = Config().get_config() self.db = self.__connect() self.capif_users = self.config['mongo']['col'] + self.capif_admins = self.config['mongo']['admins'] def get_col_by_name(self, name): diff --git a/tests/resources/common/basicRequests.robot b/tests/resources/common/basicRequests.robot index 335743fdc1029a84d3a3e3d7592f081e9f6f4743..433a13cd74e3fb02a1333d812c9d5679a7b16b36 100644 --- a/tests/resources/common/basicRequests.robot +++ b/tests/resources/common/basicRequests.robot @@ -416,6 +416,11 @@ Create User At Register ... password=${password} ... description=${description} ... email=${email} + ... enterprise=enterprise + ... country=Spain + ... purpose=testing + ... phone_number=123456789 + ... company_web=www.enterprise.com ${resp}= Post On Session register_session /createUser headers=${headers} json=${body} Should Be Equal As Strings ${resp.status_code} 201