def changePasswordForUser(cls, userId: str, oldPassword: str, newPassword: str):
user = Models.User.getById(userId)
if user is None:
raise ApiExceptions.NotFoundException()
# verify the old password
expectedPassword = user.password
expectedSalt = user.salt
expectedNonce = user.nonce
if Encryption.comparePasswords(expectedPassword, expectedNonce, expectedSalt, oldPassword):
cls._setPasswordOnUser(user, newPassword)
else:
raise ApiExceptions.ForbiddenException
def loginUser(cls, username: str, password: str) -> (str, Models.User):
userLookup = cls.getByUsername(username)
if userLookup is not None:
expectedPassword = userLookup.password
expectedSalt = userLookup.salt
expectedNonce = userLookup.nonce
if Encryption.comparePasswords(expectedPassword, expectedNonce,
expectedSalt, password):
# generate a session for the user
session = Models.Session(
owner=userLookup.id,
created=int(time.time()),
sessionType='login',
)
session.save()
return SessionApi.SessionApi.serializeSession(
session), userLookup
else:
raise ApiExceptions.ForbiddenException()
else:
raise ApiExceptions.NotFoundException()