| import logging
|
| from datetime import datetime
|
| import hashlib
|
|
|
| class AuthManager:
|
| """Authentication and user management"""
|
|
|
| def __init__(self, db_manager):
|
| """Initialize auth manager with database manager"""
|
| self.db = db_manager
|
|
|
| def hash_password(self, password):
|
| """Simple password hashing (in production, use bcrypt or similar)"""
|
| return hashlib.sha256(password.encode()).hexdigest()
|
|
|
| def authenticate_user(self, username, password):
|
| """Authenticate user and return user data"""
|
| try:
|
| user = self.db.execute_query_one(
|
| "SELECT id, username, email, name, role, org FROM users WHERE username = %s",
|
| (username,)
|
| )
|
|
|
| if not user:
|
| logging.warning(f"User not found: {username}")
|
| return None
|
|
|
| user_password = self.db.execute_query_one(
|
| "SELECT password FROM users WHERE username = %s",
|
| (username,)
|
| )
|
|
|
| if not user_password:
|
| logging.warning(f"Password not found for user: {username}")
|
| return None
|
|
|
| stored_password = user_password['password']
|
|
|
|
|
| is_hashed = len(stored_password) == 64 and all(c in '0123456789abcdef' for c in stored_password)
|
|
|
| if is_hashed:
|
|
|
| password_match = stored_password == self.hash_password(password)
|
| else:
|
|
|
| password_match = stored_password == password
|
|
|
| logging.info(f"Debug - Username: {username}, Password type: {'hashed' if is_hashed else 'plain'}")
|
|
|
| if not password_match:
|
| logging.warning(f"Invalid password for user: {username}")
|
| return None
|
|
|
|
|
| try:
|
| self.db.execute_query(
|
| "UPDATE users SET updated_at = %s WHERE id = %s",
|
| (datetime.now(), user['id'])
|
| )
|
| except Exception as e:
|
| logging.warning(f"Could not update last login: {e}")
|
|
|
| logging.info(f"User authenticated successfully: {username}")
|
| return user
|
|
|
| except Exception as e:
|
| logging.error(f"Authentication error: {e}")
|
| return None
|
|
|
| def get_user_data(self, username):
|
| """Get user data by username - for compatibility with UI"""
|
| try:
|
| user = self.db.execute_query_one(
|
| "SELECT id, username, email, name, role, org FROM users WHERE username = %s",
|
| (username,)
|
| )
|
|
|
| if user:
|
| logging.info(f"Retrieved user data for: {username}")
|
| return user
|
| else:
|
| logging.warning(f"User not found: {username}")
|
| return None
|
|
|
| except Exception as e:
|
| logging.error(f"Error getting user data: {e}")
|
| return None
|
|
|
| def create_user(self, username, email, password, name, role, org_name="",
|
| phone="", country_code="", department="", location="", organization_id=None):
|
| """Create a new user account"""
|
| try:
|
|
|
| existing_user = self.db.execute_query_one(
|
| "SELECT id FROM users WHERE username = %s OR email = %s",
|
| (username, email)
|
| )
|
|
|
| if existing_user:
|
| logging.warning(f"User already exists: {username} or {email}")
|
| return False
|
|
|
|
|
| if role == 'organization':
|
| org_result = self.db.execute_query(
|
| """INSERT INTO organizations (name, email, phone, country_code, department, location, created_at)
|
| VALUES (%s, %s, %s, %s, %s, %s, %s)""",
|
| (org_name or name, email, phone, country_code, department, location, datetime.now())
|
| )
|
|
|
| if not org_result:
|
| logging.error("Failed to create organization")
|
| return False
|
|
|
|
|
| org_id = self.db.execute_query_one(
|
| "SELECT id FROM organizations WHERE email = %s ORDER BY created_at DESC LIMIT 1",
|
| (email,)
|
| )
|
| organization_id = org_id['id'] if org_id else None
|
|
|
|
|
| hashed_password = self.hash_password(password)
|
| user_result = self.db.execute_query(
|
| """INSERT INTO users (username, email, password, name, role, org, created_at)
|
| VALUES (%s, %s, %s, %s, %s, %s, %s)""",
|
| (username, email, hashed_password, name, role, organization_id, datetime.now())
|
| )
|
|
|
| if user_result:
|
| logging.info(f"User created successfully: {username}")
|
| return True
|
| else:
|
| logging.error(f"Failed to create user: {username}")
|
| return False
|
|
|
| except Exception as e:
|
| logging.error(f"User creation error: {e}")
|
| return False
|
|
|
| def get_user_by_id(self, user_id):
|
| """Get user by ID"""
|
| try:
|
| user = self.db.execute_query_one(
|
| "SELECT id, username, email, name, role, org FROM users WHERE id = %s",
|
| (user_id,)
|
| )
|
| return user
|
| except Exception as e:
|
| logging.error(f"Error fetching user by ID: {e}")
|
| return None
|
|
|
| def update_user_last_login(self, user_id):
|
| """Update user's last login timestamp"""
|
| try:
|
| result = self.db.execute_query(
|
| "UPDATE users SET updated_at = %s WHERE id = %s",
|
| (datetime.now(), user_id)
|
| )
|
| return bool(result)
|
| except Exception as e:
|
| logging.error(f"Error updating last login: {e}")
|
| return False
|
|
|
