def hash_password(password: str) -> Any:
ph = PasswordHasher()
try:
return ph.hash(password)
except HashingError as e:
print("ERROR::", e)
return None
def add_property():
form = PropertyForm()
if request.method == 'POST':
name = request.form['property_name']
details = request.form['property_details']
property_info = name + details
ph = PasswordHasher()
user_hash = ph.hash(current_user.address)
key = blockchain.add_property(property_info, user_hash)
from blockchain.api.models import Property, Notifications
property = Property(token=key, name=name, body=details)
ph = PasswordHasher()
user_address_hash = ph.hash(current_user.address)
no = Notifications(
user_address_hash=user_address_hash,
time=str(datetime.datetime.now().strftime("%d/%m/%y %I:%M%p")),
headline='Property Added',
text=key,
read=False)
# TODO: if exists in db then update row to match name and details
db.session.add(property)
db.session.add(no)
db.session.commit()
message = "Property added successfully with key:{}".format(key)
return render_template('message.html', message=message)
return render_template('new_property.html', form=form)
def setup_function(function):
db.drop_all_tables(with_all_data=True)
db.create_tables()
ph = PasswordHasher()
with db_session:
editor = Group(id=3, name="Editor")
moderator = Group(id=2, name="Moderator")
admin = Group(id=1, name="Admin")
User(
id=1,
nickname="Leader",
email="*****@*****.**",
password=ph.hash("test1"),
groups=[admin],
)
User(
id=2,
nickname="Mary",
email="*****@*****.**",
password=ph.hash("test2"),
groups=[moderator],
)
User(
id=3,
nickname="Jürgen",
email="*****@*****.**",
password=ph.hash("test3"),
groups=[editor],
)
def mutate(self, info, email=None, name=None, role=None, get_alerts=None, old_password=None, new_password=None):
if get_jwt_claims()['role'] == 'Admin' and email and email != get_jwt_identity():
user = User.query.filter_by(email=email).first()
if name:
user.name = name
if role:
user.role = role
if get_alerts is not None:
user.get_alerts = get_alerts
if new_password:
ph = PasswordHasher()
user.password = ph.hash(new_password)
db.session.commit()
else:
user = User.query.filter_by(email=get_jwt_identity()).first()
ph = PasswordHasher()
if name:
user.name = name
if get_alerts is not None:
user.get_alerts = get_alerts
if old_password and new_password and ph.verify(user.password, old_password):
user.password = ph.hash(new_password)
db.session.commit()
return UpdateUserMutation(user=user)
def test_type_is_configurable(self):
"""
Argon2id is default but can be changed.
"""
ph = PasswordHasher(time_cost=1, memory_cost=64)
default_hash = ph.hash("foo")
assert Type.ID is ph.type is ph._parameters.type
assert Type.ID is extract_parameters(default_hash).type
ph = PasswordHasher(time_cost=1, memory_cost=64, type=Type.I)
assert Type.I is ph.type is ph._parameters.type
assert Type.I is extract_parameters(ph.hash("foo")).type
assert ph.check_needs_rehash(default_hash)
def isVerified(password): #?????
ph = PasswordHasher()
hash = ph.hash("") #password
if ph.verify(hash, "") == True:
pass
else:
pass
def createUser():
data = request.json
username = data['username']
password = data['password']
#Initialise password hasher
password_hasher = PasswordHasher()
#Hash the password and get a string of hash.
password_hash = password_hasher.hash(password)
#Get database connection
db = get_db()
cur = db.cursor()
#Check if the username is taken
cur.execute('SELECT * FROM Users WHERE userName=?', (username, ))
out = {}
rows = cur.fetchall()
if len(rows) != 0:
out['status'] = 'fail'
out['reason'] = 'Username already taken'
return jsonify(out)
else:
#Store username and password hash in database
cur.execute('INSERT INTO Users(userName, userPassword) VALUES (?, ?)',
(username, password_hash))
db.commit()
userId = cur.lastrowid
#Return userID and userName in response
out['status'] = 'success'
out['userId'] = userId
out['userName'] = username
return jsonify(out)
def test_check_needs_rehash_no(self):
"""
Return False if the hash has the correct parameters.
"""
ph = PasswordHasher(1, 8, 1, 16, 16)
assert not ph.check_needs_rehash(ph.hash("foo"))
def test_hash_verify(self, password):
"""
Hashes are valid and can be verified.
"""
ph = PasswordHasher()
assert ph.verify(ph.hash(password), password) is True
def create_user():
'''Create a new user from a post request form'''
ph = PasswordHasher()
name = request.form.get('name')
password = request.form.get('password')
verify_password = request.form.get('verify_password')
if password != verify_password:
return render_template('auth/register.html',
is_taken=False,
is_invalid=True)
user = User(name=name, password=ph.hash(password))
db.session.add(user)
try:
db.session.commit()
except IntegrityError:
# User name already taken
return render_template('auth/register.html',
is_taken=True,
is_invalid=False)
return redirect(url_for('login'))
def main():
"""Testing 'argon2-cffi' package"""
parser = argparse.ArgumentParser()
parser.add_argument(
"-v",
"--verbosity",
dest="verbosity",
action="count",
default=0,
help="set verbosity level",
)
args = parser.parse_args()
if args.verbosity == 1:
logging.basicConfig(level=logging.INFO)
elif args.verbosity > 1:
logging.basicConfig(level=logging.DEBUG)
else:
logging.basicConfig(level=logging.ERROR)
logging.debug(f"{argon2.__name__} {argon2.__version__}")
ph = PasswordHasher()
dummy_hash = ph.hash("s3kr3tp4ssw0rd")
ph.verify(dummy_hash, "s3kr3tp4ssw0rd")
ph.check_needs_rehash(dummy_hash)
def setup_initial_data(db):
from argon2 import PasswordHasher
ph = PasswordHasher()
u1 = User(name="User 1", password=ph.hash("password1"))
u2 = User(name="User 2", password=ph.hash("password2"))
c1 = Client(name="client_u1_1",
user=u1,
token="aaaaAAAAbbbbBBBB0000111-C1")
c2 = Client(name="client_u1_2",
user=u1,
token="aaaaAAAAbbbbBBBB0000111-C2")
a1 = Application(
registration_id="app_c1_1",
client=c1,
routing_token="aaaaAAAAbbbbBBBB0000111-A1",
)
a2 = Application(
registration_id="app_c1_2",
client=c1,
routing_token="aaaaAAAAbbbbBBBB0000111-A2",
)
m1 = Message(data='{"name":"message1"}',
priority=Priority.NORMAL,
time_to_live=0,
target=a1)
m2 = Message(data='{"name":"message2"}',
priority=Priority.NORMAL,
time_to_live=0,
target=a1)
db.session.add_all([u1, u2, c1, c2, a1, a2, m1, m2])
db.session.commit()
def update_crypto_Argon2_password_only(new_password, salt2,
master_key_encrypted):
salt1 = random_bytes(16)
salt2 = random_bytes(16)
ph = PasswordHasher()
password_hashed = ph.hash(new_password)
return 'Argon2', password_hashed, salt1, salt2, master_key_encrypted
def new_transaction_screen():
form = NewTransactionForm()
if request.method == 'POST':
from blockchain.api.models import User, Notifications
reciever_hash = request.form['reciever']
token = request.form['token']
ph = PasswordHasher()
user_hash = ph.hash(current_user.address)
index = blockchain.new_transaction(current_user.address, user_hash,
reciever_hash, token)
no1 = Notifications(
user_address_hash=user_hash,
time=str(datetime.datetime.now().strftime("%d/%m/%y %I:%M%p")),
headline='Property Sent',
text=token,
read=False)
no2 = Notifications(
user_address_hash=reciever_hash,
time=str(datetime.datetime.now().strftime("%d/%m/%y %I:%M%p")),
headline='Property Recieved',
text=token,
read=False)
# TODO: if exists in db then update row to match name and details
db.session.add(no1)
db.session.add(no2)
db.session.commit()
response = {
'message': 'Transaction will be added to Block {}'.format({index})
}
return render_template("message.html", message=response)
return render_template('new_transaction.html',
title='New Transaction',
form=form)
def hash_sample_id(hasher: argon2.PasswordHasher,
sample: Sample,
remove_id=False):
"""Produce hash of sample.id.
Argon2 hash encoding is stored in sample.hash, and the sample.id hash
itself is stored in sample.hash_id.
Parameters
----------
hasher : argon2.PasswordHasher
Instance of `argon2.PasswordHasher`.
sample : Sample
Sample object.
removeID : bool, optional
Overwrite sample.id with sample.hash_id if True. Default is False.
Returns
-------
None.
"""
sample.hash = hasher.hash(sample.id)
sample.hash_id = sample.hash.split("$")[-1]
if remove_id:
sample.id = sample.hash_id
def make_password(self):
"""Generate Argon2 hash of the provided password."""
# ref: https://argon2-cffi.readthedocs.io/en/stable/api.html
# Note: Argon2 adds a salt by default.
ph = PasswordHasher()
hash = ph.hash(self.password)
self.password = hash
def createAccount():#create account sequence
try:
usr = sys.argv[2]
except:
print('Usage: ./pythenticator < -c | -l > username')
exit(0)
print('Creating user: '******':')
if u == usr:
print('user already exists')
exit(0)
pw = getpass.getpass(prompt='Enter password for user {}:'.format(usr))#password prompt
if not policy.test(pw):#policy.test() returns empty list if it passes
ph = PasswordHasher()
pwhash = ph.hash(pw)
with open("users.db", "a") as file:
file.write(usr)
file.write(':')
file.write(pwhash)
file.write('\n')
print('User creation successful')
else:
print('The password you entered does not meet the following requriements: ', policy.test(pw))
def encrypting_password(self):
if not self.password:
return {'status': False, 'msg': 'password not allow blank'}
password_hash = PasswordHasher()
self.password = password_hash.hash(self.password)
return {'status': True, 'msg': 'senha encripitada'}
def test_hash_password(self):
kdf = PasswordHasher()
password = '******'
hash = kdf.hash(password)
self.assertTrue(kdf.verify(hash, password))
def registration(useremail, password):
try:
ph = PasswordHasher()
conn = psycopg2.connect(database=conn_db,
user=conn_username,
password=conn_password,
host=conn_host,
port=conn_port)
cur = conn.cursor()
cur.execute(
"SELECT username from forumuser WHERE forumuser.username = "******"'" + useremail + "'")
conn.commit() #is there for the sql injecton
rows = cur.fetchall()
if (len(rows) >= 1):
return "This email already exists"
else:
randuserid = str(uuid.uuid1())
print("The password is: " + password)
pwhash = ph.hash(password)
cur.execute(
"INSERT into forumuser(randuserid, username, passwordhash) VALUES(%s,%s,%s)",
(randuserid, useremail, pwhash))
conn.commit()
conn.close()
return "Registration successful"
except psycopg2.OperationalError as e:
return "An Error occured during the registration\n{0}".format(e)
def login():
"""Retrieve a token"""
data = request.get_json()
user = User.query.filter_by(username=data["username"]).first()
if not user:
return jsonify({"message": "Invalid credentials"}), 401
try:
hasher = PasswordHasher()
hasher.verify(user.password, data["password"])
except (VerifyMismatchError, VerificationError, InvalidHash,
AttributeError):
# This must also return 401 or else the user may learn
# private information
return jsonify({"message": "Invalid credentials"}), 401
# Rehash password if the parameters of the PasswordHasher change.
# https://argon2-cffi.readthedocs.io/en/stable/api.html
if hasher.check_needs_rehash(user.password):
user.password = hasher.hash(data["password"])
db.session.add(user)
db.session.commit()
access_token = create_access_token(identity=user.username, fresh=True)
refresh_token = create_refresh_token(user.username)
return (jsonify({
"access_token": access_token,
"refresh_token": refresh_token
}), 200)
def signup():
form = Signup(prefix="a")
print("hi")
if request.method == "POST":
psswd = form.password.data
psswd_confirm = form.confirm.data
if psswd != psswd_confirm:
flash(
"Input for Password and Confirm Password field doesn't match")
return redirect(url_for("signup"))
existing_name = user.query.filter_by(name=form.username.data).first()
existing_email = user.query.filter_by(email=form.email.data).first()
if existing_name or existing_email:
print("This is bad news")
flash("The email or username are already created")
else:
print("hi")
ph = PasswordHasher()
name = form.username.data
email = form.email.data
hashed_pw = ph.hash(form.password.data)
usr = user(name=name, email=email, password=hashed_pw)
db.session.add(usr)
print(usr)
db.session.commit()
print("Saved")
flash('Thanks for registering')
return redirect(url_for("home"))
return render_template("signup.html", form=form)
def _console_test(argv):
pw = argv[1]
salt_length = int(argv[2])
hash_length = int(argv[3])
print('Password: %s' % pw)
print('Salt Length: %s' % salt_length)
print('Hash Length: %s' % hash_length)
print('------------------------------')
print('Calculating hash...')
ph = PasswordHasher(hash_len=hash_length,
salt_len=salt_length,
encoding='utf-8',
time_cost=1000,
memory_cost=1024)
pwhash = ph.hash(pw)
print('Verifying hash...')
ph2 = PasswordHasher()
verified = ph2.verify(pwhash, pw)
parsed = parse_argon_hash(pwhash)
print('Results:')
print('Hash : %s' % pwhash)
print('Verified: %s' % verified)
print('Parsed : %s' % parsed)
"""
def gen_passwd_hash(pw):
ph = PasswordHasher(hash_len=hash_length,
salt_len=salt_length,
encoding=encoding,
time_cost=time_cost,
memory_cost=memory_cost)
pwhash = ph.hash(pw)
def post(self):
required_fields = ["username", "password", "isAdmin"]
# Get JSON data from request
json_data = request.get_json(force=True)
for field in required_fields:
if field not in json_data.keys():
return jsonify({
"success": -1,
"error": "Missing {} field".format(field)
})
# create database session
session = getSession(app.config["DB_USER"], app.config["DB_PASS"])
# check to see if username is taken
if session.query(User).filter_by(
username=json_data["username"]).first():
return jsonify({"success": -1, "error": "User already registered"})
# hash password
ph = PasswordHasher()
hash = ph.hash(json_data["password"])
try:
new_user = User(username=json_data["username"],
password=hash,
admin=json_data["isAdmin"])
session.add(new_user)
session.commit()
return jsonify({"success": 1})
except:
return jsonify({
"success": -1,
"error": "Error adding new user to db"
})
def test_server_authenticate(database, tracer):
password = "******"
ph = PasswordHasher()
password_hash = ph.hash(password)
user = UserFactory.create(password=password_hash)
assert database.query(User).one()
user_store = UserDataStore(database, tracer)
user_case = UserUseCase(user_store, tracer)
order_store = OrderDataStore(database, tracer)
order_case = OrderUseCase(order_store, tracer)
date = datetime.date.today()
holiday_store = HolidayDataStore(date, tracer)
holiday_case = HolidayUseCase(holiday_store, tracer)
balance_client = BalanceClient(settings.BALANCE_TOKEN)
balance_case = BalanceUseCase(order_case, balance_client, tracer)
authentication_case = AuthenticationUseCase(user_case, tracer)
case = PromotionUseCase(discounts=[holiday_case, user_case], tracer=tracer)
servicer = PromotionServicer(case, user_case, order_case, balance_case,
authentication_case, tracer)
request = AuthenticateRequest(email=user.email, password=password)
result = servicer.Authenticate(request, None)
assert result.id_token.startswith('ey')
def update_user_by_id(id):
if g.user.id == id:
user = g.user
else:
user = User.query.filter(User.id == id).one_or_none()
if user is None:
return error(404)
body = request.json
password = body.get("password")
role = body.get("role")
if password:
if len(password) < 8:
return error(400, type="ShortPassword")
hasher = PasswordHasher()
hash = hasher.hash(password)
user.password_hash = hash
if role:
if g.user.role != UserRole.ADMIN:
return error(401, type="InsufficientPermission")
if role != "normal" and role != "admin":
return error(400, message="`role` must be one of {normal, admin}.")
user.role = UserRole.ADMIN if (role == "admin") else UserRole.NORMAL
db.session.commit()
return serialize_user(user)
def login(self, username, password):
success = False
msg = ''
userID = 'N/A'
key = 'N/A'
self.cursor.execute(
"""select password, id from users
where username = %s""", (username, ))
if self.cursor.rowcount == 0:
success = False
msg += '\n\tUsername does not exists'
elif self.cursor.rowcount != 1:
success = False
msg += '\n\tUnknown Error'
else:
row = self.cursor.fetchone()
hashed = row[0]
userID = row[1]
verifier = PasswordHasher()
try:
verifier.verify(hashed, password)
success = True
except:
success = False
if success:
msg += 'Authenticated'
if verifier.check_needs_rehash(hashed):
hashed = verifier.hash(password)
count = self.cursor.execute(
"""update users
set password = %s
where username = %s""", (hashed, username))
if count != 1:
msg += 'Failed to rehash password, contact support'
logging.error('Failed to rehash password')
self.db.rollback()
else:
self.db.commit()
self.cursor.execute(
"""select activationKey from productKey
where userID = %s""", (userID, ))
row = self.cursor.fetchone()
key = row[0]
else:
success = False
msg += 'Incorrect Password'
return success, msg, userID, key
def create(self, user_id, birthday, identity, email, name, password):
"""Create an user."""
with self.tracer.start_as_current_span("UserUseCase.create",
kind=SERVER):
ph = PasswordHasher()
password_hash = ph.hash(password)
return self.store.create(user_id, birthday, identity, email, name,
password_hash)
def hashedConnections(self):
pHasher = PasswordHasher()
hashedArray = []
for connection in self.connections:
hashedArray.append(pHasher.hash(connection))
return hashedArray
def test_hash(self, password):
"""
Hashing works with unicode and bytes. Uses correct parameters.
"""
ph = PasswordHasher(1, 8, 1, 16, 16, "latin1")
h = ph.hash(password)
prefix = u"$argon2i$v=19$m=8,t=1,p=1$"
assert isinstance(h, six.text_type)
assert h[:len(prefix)] == prefix
def new_user():
userid = request.form.get('userid')
userpw = request.form.get('userpw')
if userid and userpw:
if db.query(User).filter(User.account == userid).first():
flash('id already exists')
else:
ph = PasswordHasher()
hash = ph.hash(userpw)
user = User(userid, hash)
db.add(user)
db.commit()
session['username'] = user.account
flash('welcome to people!')
return redirect(url_for('home'))
else:
flash('account id or password is blank.')
return redirect(url_for('new_user'))
def argon2_test():
start = time.time()
ph = PasswordHasher()
hash = ph.hash(password)
hashed = hashlib.sha256(hash).digest()
end = time.time()
print "argon2 : ",(end-start)
start = time.time()
obj =AES.new(hashed,AES.MODE_CBC, 'This is an IV456')
ciphertext = obj.encrypt("The answer is no")
end = time.time()
print "AES Encrypt: ",(end-start)*1000
start = time.time()
obj =AES.new(hashed,AES.MODE_CBC, 'This is an IV456')
plaintext = obj.decrypt(ciphertext)
end = time.time()
print "AES Decrypt: ",(end-start)*1000
my_plaintext = 0xCCCCAAAA55553333
start = time.time()
big_cipher = SimonCipher(0x111122223333444455556666777788889999AAAABBBBCCCCDDDDEEEEFFFF0000, key_size=256, block_size=128)
simon = big_cipher.encrypt(my_plaintext)
end = time.time()
print "Simon Encrypt: ",(end-start)*1000
start = time.time()
big_cipher1 = SpeckCipher(0x111122223333444455556666777788889999AAAABBBBCCCCDDDDEEEEFFFF0000, key_size=256, block_size=128)
speck = big_cipher1.encrypt(my_plaintext)
end = time.time()
print "Speck Encrypt: ",(end-start)*1000
start = time.time()
big_cipher = SimonCipher(0x111122223333444455556666777788889999AAAABBBBCCCCDDDDEEEEFFFF0000, key_size=256, block_size=128)
plain = big_cipher.decrypt(simon)
end = time.time()
print plain
print "Simon Decrypt: ",(end-start)*1000
start = time.time()
big_cipher1 = SpeckCipher(0x111122223333444455556666777788889999AAAABBBBCCCCDDDDEEEEFFFF0000, key_size=256, block_size=128)
plain = big_cipher1.decrypt(speck)
end = time.time()
print plain
print "Speck Decrypt: ",(end-start)*1000
def password(self, password):
hasher = PasswordHasher()
ph = hasher.hash(password)
self.password_hash = ph
def hash_password(self, password):
ph = PasswordHasher()
self.password_hash = ph.hash(password)