def __init__(self, dbconfig=None, autocreate=False):
MoinAuth.__init__(self)
self.dbconfig = dbconfig
self.autocreate = autocreate
self.phpass = phpass.PasswordHash()
def final_prep(c):
"""[Override]"""
# Pass it up the hierarchy
SaltedAlgorithm.final_prep(SaltedAlgorithm)
## print "Phpass.final_prep()..."
import phpass
c.phpass_hasher = phpass.PasswordHash(iteration_count_log2=14)
def password(self, password):
"""
Setter for _password, saves hashed password, salt and reset_password string
:param password:
:return:
"""
t_hasher = phpass.PasswordHash(11, False)
self._password = t_hasher.hash_password(
password.encode('utf-8') + app.config['PASSWORD_HASH_SALT']
)
def jwt_authenticate(username, password):
"""
helper function to authenticate user if credentials are correct
:param email:
:param password:
:return:
"""
user = User.query.filter_by(name=username).first()
if user is None:
return None
t_hasher = phpass.PasswordHash(11, False)
auth_ok = t_hasher.check_password(
password.encode('utf-8') + app.config['PASSWORD_HASH_SALT'],
user.password.encode('utf-8'))
if auth_ok:
return user
else:
return None
def validate_login(self, field):
"""
validate login
:param field:
:return:
"""
user = self.get_user()
if user is None:
raise validators.ValidationError('User does not exist.')
t_hasher = phpass.PasswordHash(11, False)
auth_ok = t_hasher.check_password(
self.password.encode('utf-8') + app.config['PASSWORD_HASH_SALT'],
user.password.encode('utf-8'))
if not auth_ok:
raise validators.ValidationError('Credentials incorrect.')
if not user.is_admin and not user.is_super_admin:
raise validators.ValidationError(
'Access Forbidden. Admin Rights Required')
port = '3312',
database = 'k72ny9v0yxb0'
)
cursor = db_con.cursor()
#query = ("SELECT user_login, user_pass FROM ippmgpusers WHERE user_login = '******'")
#query = ("UPDATE ippmgpusers SET user_pass = '******' WHERE ippmgpusers.ID = 1006")
query = ("SELECT id, user_login, user_pass, user_email FROM ippmgpusers WHERE 1")
cursor.execute(query)
print cursor
for abcd, user_login, user_pass, user_email in cursor:
if user_login == user1:
print user_pass
heslo_db = user_pass
email = user_email
print abcd
cursor.close()
db_con.close()
wp_database = "k72ny9v0yxb0:[email protected]:3312"
my_password = phpass.PasswordHash()
my_password = my_password.check_password(pw=password1, stored_hash=heslo_db)
print my_password
#!/usr/bin/env python
import phpass
ok = 0
# Try to use stronger but system-specific hashes, with a possible fallback to
# the weaker portable hashes.
t_hasher = phpass.PasswordHash(8, False)
correct = 'test12345'
hx = t_hasher.hash_password(correct)
print 'Hash: %r' % hx
check = t_hasher.check_password(correct, hx)
if check:
ok += 1
print "Check correct: %r (should be True)" % check
wrong = 'test12346'
check = t_hasher.check_password(wrong, hx)
if not check:
ok += 1
print "Check wrong: %r (should be False)" % check
t_hasher = None
# Force the use of weaker portable hashes.
t_hasher = phpass.PasswordHash(8, True)
