Deactivate account

1 year ago · b71df47142
1 changed files with 45 additions and 21 deletions
--- a/smart_service/apis/app_user_login.py
+++ b/smart_service/apis/app_user_login.py
@ -918,6 +918,33 @@ def invalidate_token(refresh_token):
        return {'status': 0, "error": 'Failed'}


+@frappe.whitelist(methods=['POST'])
+def deactivate_account():
+    rate_res = custom_rate_limit(limit=5, seconds=15)
+    if rate_res != 1:
+        return rate_res
+    if refresh_token:
+        frappe.set_user("Administrator")
+        ref_token = refresh_token
+        doc_details = frappe.db.sql('''
+                        SELECT * FROM `tabRefresh Token`;''', as_dict=1)
+        try:
+            for d in doc_details:
+                if decrypt(d['refresh_token']) == ref_token:
+                    frappe.delete_doc('Refresh Token', d['name'])
+                    access_token = generate_access_token(d['user'])
+
+                    return {'status': 1, "error": None}
+
+            return {'status': 0, "error": 'Failed'}
+
+        except Exception as e:
+            return {'status': 0, "error": 'Failed'}
+    else:
+        return {'status': 0, "error": 'Failed'}
+
+
+
 def update_tokens_in_doc(user_email, access, refresh):
    # access_exp_hours = 15 * 60
    # refresh_exp_hrs = 60 * 60 * 24
@ -1023,31 +1050,28 @@ def deactivate_tokens():
        return e


-@frappe.whitelist(allow_guest=1)
-def deactivate_account():
+@frappe.whitelist()
+def deactivate_account(methods=['POST']):
    rate_res = custom_rate_limit(limit=5, seconds=15)
    if rate_res != 1:
        return rate_res
-    token_settings = frappe.get_doc('Token Settings')
-    access_exp_hours = token_settings.access_expiry_time
+    if refresh_token:
+        frappe.set_user("Administrator")
+        ref_token = refresh_token
+        doc_details = frappe.db.sql('''
+                        SELECT * FROM `tabRefresh Token`;''', as_dict=1)
+        try:
+            for d in doc_details:
+                if decrypt(d['refresh_token']) == ref_token:
+                    frappe.delete_doc('Refresh Token', d['name'])
+                    access_token = generate_access_token(d['user'])

-    access_exp_time = datetime.now() + timedelta(minutes=access_exp_hours)
-    frappe.set_user("Administrator")
-    doc_details = frappe.db.sql('''
-                    SELECT * FROM `tabRefresh Token`;''', as_dict=1)
-    try:
-        cur_time = datetime.now()
-        for d in doc_details:
-            if d['access_expiry_time'] < cur_time:
-                doc_value = frappe.get_doc('Refresh Token', d['name'])
-                doc_value.access_token = encrypt(generate_keys(d['user']))
-                doc_value.access_expiry_time = access_exp_time
-                doc_value.save()
+                    return {'status': 1, "error": None}

-            if d['refresh_expiry_time'] < cur_time:
-                frappe.delete_doc('Refresh Token', d['name'])
+            return {'status': 0, "error": 'Failed'}

-        return True
+        except Exception as e:
+            return {'status': 0, "error": 'Failed'}
+    else:
+        return {'status': 0, "error": 'Failed'}

-    except Exception as e:
-        return e