Beispiel #1
0
async def validate_update_user_form(conn, form):
    username = form.get('username')
    first_name = form.get('first_name')
    last_name = form.get('last_name')
    old_password = form.get('old_password')
    new_password = form.get('new_password')
    permission = form.get('permission')
    city = form.get('city')
    user_id = form.get('user_id')

    if not username:
        return 'username is required'
    if not permission:
        return 'permission is required'
    
    if not city or city == 'None':
        city = ''
    
    user = await models.get_user_by_id(conn, user_id)

    if old_password and new_password:
        if check_password_hash(old_password, user['password']):
            password = generate_password_hash(new_password)
        else:
            return 'invalid password'
    else:
        password = None
    
    await models.update_user(conn, user_id, username, first_name, last_name, permission, city, password)
Beispiel #2
0
    def validate_user_login(session, login, password):
        user = Users.get_user_by_login_sync(session, login)

        if not user:
            return 'Invalid username'
        if not check_password_hash(password, user.password):
            return 'Invalid password'
        else:
            return None
Beispiel #3
0
    async def post(self):
        # Создание сессии
        data = await self.post()
        session = await get_session(self)
        location = self.app.router['login'].url_for()
        email = data['email']
        password = data['password']
        user = await User.get_user_by_email(self.app['db'], email)

        if user and check_password_hash(password, user['password']):
            session['user'] = dict(user)

            location = self.app.router['index'].url_for()

        return web.HTTPFound(location=location)
async def auth_middleware(request, handler):

    if '/api/' not in request.rel_url.path:
        return await handler(request)

    auth_init = request.headers.get('Authorization', '').replace('Basic ', '')
    if not auth_init:
        raise web.HTTPUnauthorized

    user, password = base64.b64decode(auth_init).decode().split(':')
    async with request.app['db'].acquire() as conn:
        current_user = await get_user_by_name(conn, user)
    if not current_user or not check_password_hash(password, current_user[3]):
        raise web.HTTPUnauthorized

    return await handler(request)
Beispiel #5
0
async def validate_login_form(conn, form):
    username = form.get('username')
    password = form.get('password')

    if not username or not password:
        return 'username or password is required'
    
    user = await models.get_user_by_name(conn, username)

    if not user:
        return 'invalid username or password'
    if not check_password_hash(password, user['password']):
        return 'invalid username or password'
    else:
        return None
    
    return 'error'
async def validate_login_form(conn, form, csrf_token):

    username = form['username']
    password = form['password']

    if form['csrfmiddlewaretoken'] != csrf_token:
        return 'Invalid csrf_token'

    user = await db.get_user_by_name(conn, username)

    if not user:
        return 'Invalid username'
    if not check_password_hash(password, user['password_hash']):
        return 'Invalid password'
    else:
        return None

    return 'error'
Beispiel #7
0
async def validate_login_form(app, form):

    username = form['username']
    password = form['password']

    if not username:
        return 'username is required'
    if not password:
        return 'password is required'

    user = await get_users_by_name(app, username)

    if not user:
        return 'Invalid username'
    user = user[0]
    if not check_password_hash(password, user['password_hash']):
        return 'Invalid password'
    else:
        return None
Beispiel #8
0
async def validate_login_form(conn, form):

    username = form['username']
    password = form['password']

    if not username:
        return 'username is required'
    if not password:
        return 'password is required'

    user = await db.get_user_by_name(conn, username)

    if not user:
        return 'Invalid username'
    if not check_password_hash(password, user['password_hash']):
        return 'Invalid password'
    else:
        return None

    return 'error'
Beispiel #9
0
    async def post(self):
        data = await self.json()

        required = ['key', 'login', 'password']
        if not all(key in data for key in required):
            return web.json_response({
                "status": "error",
                "error": "Missing values"
            })

        session = await get_session(self)
        user = await User.get_user_by_key(self.app['db'], data['key'])
        if user and user['login'] == data['login'] and check_password_hash(
                data['password'], user['password']):
            session['user'] = dict(user)
            response = {"status": "ok", "login": data['login']}
            # await remember(self, response, user['key'])
        else:
            response = {
                "status": "error",
                "error": "Incorrect login or password"
            }

        return web.json_response(response)