def userActionsId(action, id): user = user_datastore.get_user(id) if user != None and user != []: #Removes a user if action == "remove": if user != current_user: user_datastore.delete_user(user) db.session.commit() return json.dumps({"status": "user removed"}) else: return json.dumps({"status" : "user could not be removed"}) #Edits a user elif action == "edit": form = forms.EditUserForm(request.form) if form.validate(): if form.password != "": verify_and_update_password(form.password.data, user) if form.role.entries != []: user.setRoles(form.role.entries) return json.dumps(user.display()) #Displays a users' information elif action == "display": if user != None: return json.dumps(user.display()) else: return json.dumps({"status" : "could not display user"}) return json.dumps({"status" : "user does not exist"})
def test_register_user(self, apidb, testapi, role, invite): data = {"firstName":"myFirstName", "lastName":"myLastName", "email":"*****@*****.**", "password":"******", "token":invite.token} resp = testapi.post_json(url_for('v1.AuthView:register_user'), data) #test register user creates user but confirmed_at is not set u = User.query.filter_by(email=data['email']).first() from flask_security.utils import verify_and_update_password verify_and_update_password(user=u, password='******').should_not.be.none u.confirmed_at.should.be.none return resp
def post(self): if request.json: data = request.json user = self.model.query.filter(self.model.email == data['email']).first() if user and verify_and_update_password(data['password'], user) and login_user(user): user_data = self.schema().dump(user).data return jsonify({'success': 200, 'data': user_data}) else: return make_response(jsonify({'error': 403, 'data': 'invalid data'}), 403) else: data = request.form user = self.model.query.filter(self.model.email == data['email']).first() if user and verify_and_update_password(data['password'], user) and login_user(user): return redirect('/test/v1/admin/', 302)
def validate(self): """ this is a slimmed down version of the default validate function where username is used instead of email for user authentication """ if self.password.data.strip() == '': flash('password required') return False if self.username.data.strip() == '': flash('username required') return False self.user = User.query.filter_by(username=self.username.data).first() if not self.user: flash('invalid username') current_app.logger.warning('invalid login attempt by {}'.format(self.username.data)) return False if not verify_and_update_password(self.password.data, self.user): current_app.logger.warning('invalid password') flash('invalid password') return False return True
def validate(self): self.email_or_login.errors, self.password.errors = [], [] if self.email_or_login.data.strip() == '': self.email_or_login.errors.append(get_message('LOGIN_NOT_PROVIDED')[0]) return False if self.password.data.strip() == '': self.password.errors.append(get_message('PASSWORD_NOT_PROVIDED')[0]) return False self.user = _datastore.find_user(login=self.email_or_login.data.strip()) if self.user is None: self.user = _datastore.find_user(email=self.email_or_login.data.strip()) if self.user is None: self.email_or_login.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) return False if not self.user.password: self.password.errors.append(get_message('PASSWORD_NOT_SET')[0]) return False if not verify_and_update_password(self.password.data, self.user): self.password.errors.append(get_message('INVALID_PASSWORD')[0]) return False if not self.user.is_active: self.email_or_login.errors.append(get_message('DISABLED_ACCOUNT')[0]) return False return True
def authenticate_user(user_id): """Return the user's account balance if user and password match, return False otherwise""" user = DB.User.query.get(user_id) if not user: return str(False) if verify_and_update_password(request.args["password"], user): return str(user.bar_account_balance) return str(False)
def authenticate(username, password, scopes): user = user_datastore.get_user(username) if user and verify_and_update_password(password, user): scope_perms = [] for scope in scopes: scope_perms.append(user.has_role(scope)) if all(scope_perms): return user
def upgrade(): app = current_app db.session.flush() current_salt = Keys.query.filter_by(name = 'SECURITY_PASSWORD_SALT').first().value app.config.update(dict(SECURITY_PASSWORD_SALT=current_salt)) app.config['SECURITY_PASSWORD_HASH'] = config.SECURITY_PASSWORD_HASH if app.extensions.get('security') is None: user_datastore = SQLAlchemyUserDatastore(db, User, Role) Security(app, user_datastore, register_blueprint=False) else: app.config['SECURITY_PASSWORD_SALT'] = current_salt users = User.query.all() # This will upgrade the plaintext password of all the user as per the # SECURITY_PASSWORD_HASH. for user in users: if user.password is not None: verify_and_update_password(user.password, user) db.session.commit()
def post(self): form = UserLeaveForm() if form.validate_on_submit(): if verify_and_update_password(form.password.data, current_user): flash("Your input is correct.") is_pw_correct = True current_user.is_want_leave = True db.session.commit() return render_template('main/leave.html', form=form, is_pw_correct=is_pw_correct) else: flash("Your input is not correct.") return redirect(url_for('AuthView:get'))
def login(): data = request.json user = user_datastore.get_user(data['email']) if not user: return "Invalid username or password", 401 if not verify_and_update_password(data['password'], user): return "Invalid username or password", 401 login_user(user) return jsonify({ 'auth_token': user.get_auth_token(), 'email': user.email })
def test_add_admin(self): email = '*****@*****.**' password = '******' add_admin(email, password) user = User.query.filter_by(email=email).first() admin_role = Role.query.filter_by(name='admin').first() self.assertEqual(user.email, email) self.assertTrue(user.active) self.assertIn(admin_role, user.roles) self.assertTrue(verify_password('password', user.password)) self.assertTrue(verify_and_update_password(password, user))
def login_user(): if "email" not in request.json: return error_response(errors.AUTH_EMAIL_MISSING, 400) if "password" not in request.json: return error_response(errors.AUTH_PSSWD_MISSING, 400) # email and password are in the posted data. user = User.query.filter_by(email=request.json.get("email")).first() psswd_check = False if user: psswd_check = verify_and_update_password(request.json.get("password"), user) if user and psswd_check: login(user, remember=True) return jsonify(user.to_dict()) else: return error_response(errors.AUTH_INCORRECT_CREDENTIALS, 401)
def login(): """直接使用flask-security的工具方法完成登陆验证""" username = request.json.get('username', '') passwd = request.json.get('password', '') security = current_app.extensions['security'] datastore = security.datastore user = datastore.get_user(username) if not verify_and_update_password(passwd, user): return jsonres(metacode=401, msg=u'用户不在在或密码不正确') login_user(user) loginRes = dict(authentication_token=user.get_auth_token(), nickname=(user.nickname or user.email), avatar=user.avatar) return jsonres(rv=dict(user=loginRes))
def upgrade(): app = current_app db.session.flush() current_salt = Keys.query.filter_by( name='SECURITY_PASSWORD_SALT').first().value app.config.update(dict(SECURITY_PASSWORD_SALT=current_salt)) app.config['SECURITY_PASSWORD_HASH'] = config.SECURITY_PASSWORD_HASH if app.extensions.get('security') is None: user_datastore = SQLAlchemyUserDatastore(db, User, Role) Security(app, user_datastore, register_blueprint=False) else: app.config['SECURITY_PASSWORD_SALT'] = current_salt users = User.query.with_entities( User.id, User.email, User.password, User.active, User.confirmed_at)\ .all() # This will upgrade the plaintext password of all the user as per the # SECURITY_PASSWORD_HASH. for user in users: if user.password is not None: verify_and_update_password(user.password, user) db.session.commit()
def change_password(): form = ChangePwdForm(request.form) if form.validate(): user = User.query.filter(User.id == request.form['user_id']).first() if utils.verify_and_update_password(request.form['old_pwd'], user): if request.form['new_pwd_1'] == request.form['new_pwd_2']: new_password_encrypted = utils.hash_password(request.form['new_pwd_1']) user.password = new_password_encrypted db.session.commit() logout_user() return redirect(url_for('profile')) return "Sorry, did you input different new passwords?" else: return "Sorry, is your old password correct?" return "Sorry, is there something wring in your information?"
def login_user(): if 'email' not in request.json: return error_response(errors.AUTH_EMAIL_MISSING, 400) if 'password' not in request.json: return error_response(errors.AUTH_PSSWD_MISSING, 400) # email and password are in the posted data. user = User.query.filter_by(email=request.json.get('email')).first() psswd_check = False if user: psswd_check = verify_and_update_password(request.json.get('password'), user) if user and psswd_check: login(user, remember=True) return jsonify(user.to_dict()) else: return error_response(errors.AUTH_INCORRECT_CREDENTIALS, 401)
def validate(self): user_ip = request.headers.get('X-Forwarded-For', request.remote_addr) time_now = datetime.datetime.now() # Use super of LoginForm, not super of CustomLoginForm, since I # want to skip the LoginForm validate logic if not super(LoginForm, self).validate(): audit_logger.warning( f"Invalid Login - User [{self.email.data}] from IP [{user_ip}] at [{time_now}]" ) return False self.email.data = remove_null_caracters(self.email.data) self.user = _datastore.find_user(username=self.email.data) if self.user is None: audit_logger.warning( f"Invalid Login - User [{self.email.data}] from IP [{user_ip}] at [{time_now}] - " f"Reason: [Invalid Username]") self.email.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) return False self.user.password = remove_null_caracters(self.user.password) if not self.user.password: audit_logger.warning( f"Invalid Login - User [{self.email.data}] from IP [{user_ip}] at [{time_now}] - " f"Reason: [Invalid Password]") self.email.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) return False self.password.data = remove_null_caracters(self.password.data) if not verify_and_update_password(self.password.data, self.user): audit_logger.warning( f"Invalid Login - User [{self.email.data}] from IP [{user_ip}] at [{time_now}] - " f"Reason: [Invalid Password]") self.email.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) return False # if requires_confirmation(self.user): # self.email.errors.append(get_message('CONFIRMATION_REQUIRED')[0]) # return False if not self.user.is_active: audit_logger.warning( f"Invalid Login - User [{self.email.data}] from IP [{user_ip}] at [{time_now}] - " f"Reason: [Disabled Account]") self.email.errors.append(get_message('DISABLED_ACCOUNT')[0]) return False return True
def validate(self): if not super(LoginForm, self).validate(): return False # Verify username field is not blank. We don't concern ourselves with email # because we don't use that to validate if self.username.data.strip() == '': self.username.errors.append('USERNAME NOT PROVIDED') return False # If the password field is left blank, fail. if self.password.data.strip() == '': self.password.errors.append('PASSWORD NOT PROVIDED') return False # set the user to be the user name in the field and look it up # in the database self.user = security.datastore.get_user(self.username.data) # Ensure the user exists in the database if self.user is None: self.username.errors.append('INCORRECT USERNAME/PASSWORD') return False # Ensure the password was set if not self.user.password: self.password.errors.append('PASSWORD WAS NOT SET') return False # Verify the password provided matches what is in the database for that user if not verify_and_update_password(self.password.data, self.user): self.password.errors.append('INCORRECT USERNAME/PASSWORD') return False # If user confirmation is enabled and the user has not confirmed, deny access if requires_confirmation(self.user): self.user.errors.append('CONFIRMATION REQUIRED') return False # Make sure that the user account is active and not disabled if not self.user.is_active: self.username.errors.append('DISABLED ACCOUNT') return False # If all other checks are passed, the user is valid return True
def load_user_from_request(request): apikey = request.headers.environ.get("HTTP_X_API_KEY", None) if apikey: user = user_datastore.find_user(apikey=apikey) if not user: return None else: auth = request.headers.get("Authorization") if not auth or auth.count(":") != 1: return None login, password = auth.split(":") user = user_datastore.find_user(email=login.strip()) if user is None: return None if not verify_and_update_password(password.strip(), user): return None return user if login_user(user) else None
def _try_local_auth(self): self.user = _datastore.find_user(username=self.email.data) if not self.user: self.email.errors.append(get_message("USER_DOES_NOT_EXIST")[0]) return False if not self.user.password: self.password.errors.append(get_message("PASSWORD_NOT_SET")[0]) return False if not verify_and_update_password(self.password.data, self.user): self.password.errors.append(get_message("INVALID_PASSWORD")[0]) return False if requires_confirmation(self.user): self.email.errors.append(get_message("CONFIRMATION_REQUIRED")[0]) return False if not self.user.is_active: self.email.errors.append(get_message("DISABLED_ACCOUNT")[0]) return False return True
def validate(self): self.user = _datastore.get_user(self.email.data) if self.user is None: self.email.validate(self) self.email.errors.append("User or password invalid.") return False if not verify_and_update_password(self.password.data, self.user): self.password.errors.append(get_message('INVALID_PASSWORD')[0]) return False if not self.user.password: self.password.errors.append(get_message('PASSWORD_NOT_SET')[0]) return False if requires_confirmation(self.user): self.email.errors.append(get_message('CONFIRMATION_REQUIRED')[0]) return False if not self.user.is_active: self.email.errors.append(get_message('DISABLED_ACCOUNT')[0]) return False return True
def get_jwt() -> Tuple[str, int]: """ Get a JWT to use for accessing the api. Works outside of a session context by posting the user credentials. This is conceptually equivalent to logging in via the login form. :return: JWT provided via a JSON object (or error) """ if current_user and current_user.is_authenticated: return jsonify(jwt=create_jwt_for_user(current_user)), 200 credentials = request.get_json(force=True) if not credentials or 'email' not in credentials or 'password' not in credentials: return jsonify(error="Incomplete credentials."), 400 user = user_datastore.find_user(email=credentials['email']) if verify_and_update_password(credentials['password'], user): jwt_json: str = jsonify(jwt=create_jwt_for_user(user)) return jwt_json, 200 jwt_error_json: str = jsonify(error="Could not authenticate user.") return jwt_error_json, 401
def login_post(): email = request.form.get('email') password = request.form.get('password') remember = True if request.form.get('remember') else False user = User.objects(email=email).first() # ToDo: There is username enumeration here. # Check if enabled account if not user or not user.active: flash('This account has been disabled') return redirect(url_for('auth.login')) # check if user actually exists if not user or not verify_and_update_password(password, user): flash('Please check your login details and try again.') return redirect(url_for('auth.login')) # ToDo: Need to put a real check for remember me in here login_user(user, remember=remember) return redirect(url_for('dashboard.main_dashboard'))
def login(): print("data", request.get_json()) data = json.loads(request.get_json()['data']) print("data", data) # auth = request.authorization user = user_datastore.find_user(email=data['email']) if user: if (verify_and_update_password(data['password'], user)): token = jwt.encode( { 'user': data['email'], 'exp': datetime.datetime.utcnow() + datetime.timedelta(minutes=10) }, app.config['SECRET_KEY'], algorithm="HS256") print("Logged as ", data['email']) return jsonify({'token': token}) return make_response('Could not verify!', 401, {'WWW-Authenticate': 'Basic realm="Login Required"'})
def validate(self): if not super(ExtendedLoginForm, self).validate(): return False self.user = user_datastore.get_user(self.email.data) if self.user is None: self.email.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) # Reduce timing variation between existing and non-existung users hash_password(self.password.data) return False if not self.user.password: self.password.errors.append(get_message('PASSWORD_NOT_SET')[0]) # Reduce timing variation between existing and non-existung users hash_password(self.password.data) return False if not verify_and_update_password(self.password.data, self.user): self.password.errors.append(get_message('INVALID_PASSWORD')[0]) return False if not self.user.is_active: self.email.errors.append(get_message('DISABLED_ACCOUNT')[0]) return False return True
def validate(self): if not super(LoginForm, self).validate(): return False if not self.username.data.strip(): self.username.errors.append("Username not provided") return False if not self.password.data.strip(): self.password.errors.append( get_message("PASSWORD_NOT_PROVIDED")[0]) return False username = self.username.data self.user = _security.datastore.find_user(username=username) if not self.user: logger.warning("not found {} using username field, " "now using fallback with email".format(username)) self.user = _security.datastore.find_user(email=username) if self.user is None: self.username.errors.append(get_message("USER_DOES_NOT_EXIST")[0]) return False if not self.user.password: self.password.errors.append(get_message("PASSWORD_NOT_SET")[0]) return False if not verify_and_update_password(self.password.data, self.user): self.password.errors.append(get_message("INVALID_PASSWORD")[0]) return False if requires_confirmation(self.user): self.username.errors.append( get_message("CONFIRMATION_REQUIRED")[0]) return False if not self.user.is_active: self.username.errors.append(get_message("DISABLED_ACCOUNT")[0]) return False return True
def validate(self): # Use super of LoginForm, not super of CustomLoginForm, since I # want to skip the LoginForm validate logic if not super(LoginForm, self).validate(): return False self.user = _datastore.get_user(self.email.data) if self.user is None: self.email.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) return False if not self.user.password: self.email.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) return False if not verify_and_update_password(self.password.data, self.user): self.email.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) return False # if requires_confirmation(self.user): # self.email.errors.append(get_message('CONFIRMATION_REQUIRED')[0]) # return False if not self.user.is_active: self.email.errors.append(get_message('DISABLED_ACCOUNT')[0]) return False return True
def validate(self): # Use super of LoginForm, not super of CustomLoginForm, since I # want to skip the LoginForm validate logic if not super(LoginForm, self).validate(): return False self.user = _datastore.get_user(self.email.data) if self.user is None: self.email.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) return False if not self.user.password: self.email.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) return False if not verify_and_update_password(self.password.data, self.user): self.email.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) return False # if requires_confirmation(self.user): # self.email.errors.append(get_message('CONFIRMATION_REQUIRED')[0]) # return False if not self.user.is_active: self.email.errors.append(get_message('DISABLED_ACCOUNT')[0]) return False return True
def validate_login(self, form): if self.validate(): user = db.query(User).filter( or_(User.name == form['username'], User.email == form['username'])) if user.count() > 0: usermodel = user.one() if not verify_and_update_password(form['password'], usermodel): self.error = u'用户名或密码错误' return False if usermodel.active == 0: self.error = u'用户尚未激活,登陆邮箱激活' return False self.id = usermodel.id self.__setattr__('is_authenticated', True) session['uid'] = usermodel.id session['username'] = usermodel.name return usermodel else: self.error = u'用户' + form['username'] + u'不存在' return False else: return False
def check_password(self, password): return verify_and_update_password(password, self)
def set_pass(self, user, passw): """ Regenerate an user's password hash. """ verify_and_update_password(passw, user) return True
def check_user_pass(user, passw): """ Checks an user's password. """ return verify_and_update_password(passw, user)
def check_password(self, password: str): return verify_and_update_password(password, self)
def check_password(self, value): return verify_and_update_password(value, self)
def verify_password(self, password=None, new_password=None, **kwargs): """Verify password is not invalid.""" if not verify_and_update_password(password, current_user): _abort(get_message("INVALID_PASSWORD")[0], "password") if password == new_password: _abort(get_message("PASSWORD_IS_THE_SAME")[0], "password")
def check_user_pass(user, passw): """ Checks an user's password. """ return verify_and_update_password(passw, user)
def users(): form = UserForm() dform = DeleteForm() form.roles.choices = [ (r.name, r.description) for r in models.Role.query.order_by(models.Role.name.asc()).all() ] if current_app.config['AJAX_CALL_ENABLED']: form.associate_group_id.choices = [] associate_group_id = current_user.associate_group_id if associate_group_id and is_region_role(): form.associate_group_id.choices = [ (ag.id, ag.name) for ag in models.AssociateGroup.query.filter_by( id=associate_group_id).all() ] return render_template('admin/user.html', form=form, dform=dform) else: province_id = current_user.province_id if province_id and is_region_role(): us = models.User.query.filter_by(province_id=province_id).all() form.province_id.choices = [ (p.province_id, p.type + " " + p.name) for p in models.Province.query.filter_by( province_id=province_id).all() ] else: us = models.User.query.all() form.province_id.choices = [] # form create or edit submit if request.method == 'POST' and form.data['submit']: if not check_role(crud_role): return redirect(url_for(request.endpoint)) form.province_id.choices = [(form.province_id.data, form.province_id.label.text)] # edit user if form.id.data: # remove required validator in fields pass and confirm # when form is edit form setattr(form.password, 'validators', [match_pass]) setattr(form.confirm, 'validators', []) if form.validate_on_submit(): edit_user = user_datastore.find_user(id=form.id.data) if form.old_password.data: if not security_utils.verify_and_update_password( form.old_password.data, edit_user): flash(str(__('Old password is wrong!')), 'error') # TODO: fix return to keep current state of form return redirect(url_for(request.endpoint)) else: edit_user.password = security_utils.hash_password( form.password.data) temp_user = sqla.session.query(models.User) \ .filter_by(email=form.email.data).all() if not check_user_email(temp_user, edit_user.email): form.email.errors.append(__('The email was existed!')) flash(str(__('The email was existed!')), 'error') else: edit_user.email = form.email.data edit_user.fullname = form.fullname.data if form.province_id.data != edit_user.province_id: edit_user.province = models.Province.query \ .filter_by(province_id=form.province_id.data) \ .one() for new_role in form.roles.data: role_is_added = False for r in edit_user.roles: if new_role == r.name: role_is_added = True break if not role_is_added: user_datastore.add_role_to_user( edit_user.email, new_role) temp_roles = list(edit_user.roles) for old_role in temp_roles: if old_role.name not in form.roles.data: user_datastore.remove_role_from_user( edit_user.email, old_role.name) user_datastore.put(edit_user) for user in us: if user.id == edit_user.id: us.remove(user) us.append(edit_user) flash(str(__('Update user success!')), 'success') return redirect(url_for(request.endpoint)) else: flash(str(__('The form is not validated!')), 'error') # add user else: setattr(form.password, 'validators', [data_required, match_pass]) setattr(form.confirm, 'validators', [data_required]) form.id.data = str(uuid.uuid4()) if form.validate_on_submit(): if not user_datastore.find_user(email=form.email.data): province = models.Province.query.filter_by( province_id=form.province_id.data).one() user_datastore.create_user( id=form.id.data, email=form.email.data, fullname=form.fullname.data, province=province, password=security_utils.hash_password( form.password.data)) sqla.session.commit() for role in form.roles.data: user_datastore.add_role_to_user( form.email.data, role) sqla.session.commit() flash(str(__('Add user success!')), 'success') return redirect(url_for(request.endpoint)) else: form.email.errors.append(__('The email was existed!')) flash(str(__('The email was existed!')), 'error') else: flash(str(__('The form is not validated!')), 'error') # form delete submit if request.method == 'POST' and dform.data['submit_del']: if not check_role(crud_role): return redirect(url_for(request.endpoint)) elif dform.validate_on_submit(): del_user = user_datastore.find_user(id=dform.id.data) user_datastore.delete_user(del_user) sqla.session.commit() flash(str(__('Delete user success!')), 'success') return redirect(url_for(request.endpoint)) return render_template('admin/user.html', us=us, form=form, dform=dform)
def validate(self): if not super(DeploymentLoginForm, self).validate(): participant = models.Participant.query.filter( models.Participant.participant_id == self.email.data.strip(), models.Participant.password == self.password.data.strip(), models.Participant.participant_set == g.event.participant_set).join(models.ParticipantRole).filter( models.ParticipantRole.name == '$FC').first() if participant: # get the field co-ordinator user and create it if necessary _user = _datastore.find_user(email=current_app.config.get( 'APOLLO_FIELD_COORDINATOR_EMAIL')) if not _user: _role = _datastore.find_or_create_role( 'field-coordinator', deployment=g.deployment) _user = _datastore.create_user( email=current_app.config.get( 'APOLLO_FIELD_COORDINATOR_EMAIL'), username='', password='', deployment=g.deployment, roles=[_role]) self.user = _datastore.get_user( current_app.config.get('APOLLO_FIELD_COORDINATOR_EMAIL')) session['participant'] = participant.id return True else: return False else: if self.email.data.strip() == '': self.email.errors.append(get_message('EMAIL_NOT_PROVIDED')[0]) return False if self.password.data.strip() == '': self.password.errors.append( get_message('PASSWORD_NOT_PROVIDED')[0]) return False # check by the user identity attributes defined in # the settings for identity_attribute in current_app.config.get( 'SECURITY_USER_IDENTITY_ATTRIBUTES'): kwargs = { 'deployment': g.deployment, identity_attribute: self.email.data } self.user = _datastore.find_user(**kwargs) if self.user: break if self.user is None: self.email.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) return False if not self.user.password: self.password.errors.append(get_message('PASSWORD_NOT_SET')[0]) return False if not verify_and_update_password(self.password.data, self.user): self.password.errors.append(get_message('INVALID_PASSWORD')[0]) return False if requires_confirmation(self.user): self.email.errors.append( get_message('CONFIRMATION_REQUIRED')[0]) return False if not self.user.is_active: self.email.errors.append(get_message('DISABLED_ACCOUNT')[0]) return False return True
def set_pass(self, user, passw): """ Regenerate an user's password hash. """ verify_and_update_password(passw, user) return True
def verify_and_update_password(self, password): return verify_and_update_password(password, self)