Beispiel #1
0
 def post(self):
     username = self.request.get("username")
     exists = User.all().filter("username ="******"status": "ERROR", "error": "There is already a user with that username. Choose another."}))
         return
     pwhash = self.request.get("password")
     user = User()
     user.username = username
     user.salt = ''.join(random.choice(string.ascii_letters + string.digits) for x in range(self.SALT_LENGTH))
     h = hashlib.sha256()
     h.update(user.salt + pwhash)
     user.pw_hsh = h.hexdigest()
     user.token = utils.generateCookie(username)
     user.put()
     self.response.set_cookie("PBLOGIN", user.token, max_age=utils.cookieExpiration(), secure=not(ON_DEV))
     self.response.write(json.dumps({"status": "OK"}))
Beispiel #2
0
 def post(self):
     username = self.request.get("username")
     user = User.all().filter("username ="******"status": "ERROR", "error": "There is no user with that username."}))
         return
     pwhash = self.request.get("password")
     h = hashlib.sha256()
     h.update(user.salt + pwhash)
     if user.pw_hsh != h.hexdigest():
         self.response.write(json.dumps({"status": "ERROR", "error": "Incorrect password."}))
         return
     newcookie = utils.generateCookie(username)
     user.token = newcookie
     user.put()
     expiration = utils.cookieExpiration()
     self.response.set_cookie("PBLOGIN", user.token, max_age=expiration, secure=not(ON_DEV))
     self.response.write(json.dumps({"status": "OK"}))