def changePass():
token = request.form['token']
token = verify_token(token)
old_Password = request.form['old_password']
new_Password = request.form['new_password']
email = database_helper.get_email(token)
email = email[0]
print email
curr_pw = database_helper.get_password(email)
curr_pw = curr_pw[0]
print curr_pw
if len(new_Password) < 7:
return jsonify(success=False, message="Too short password")
if not email:
return jsonify(success=False, message="Invalid token")
#pw_hash = database_helper.get_password(email)
if (bcrypt.check_password_hash(curr_pw, old_Password)):
#if curr_pw == old_Password:
new_pw_hash = bcrypt.generate_password_hash(new_Password)
database_helper.set_password(email, new_pw_hash)
return jsonify(success=True, message="Password changed successfully")
else:
return jsonify(success=False, message="Wrong password")
def sign_in():
if request.method == 'POST':
email = request.form['email']
password = request.form['password']
db_password = database_helper.get_password(email)
if db_password == False:
return json.dumps({'success': False, 'message': "Wrong email!"})
hashed_password = hashlib.sha256(password).hexdigest()
token = uuid.uuid4().hex
for user in connection:
#print(user[1] + email)
if user[1] == email:
user[0].send('Signout')
if hashed_password == db_password:
if database_helper.add_token(email, token):
return json.dumps({
'success': True,
'message': "Login successful!",
'token': token
})
else:
return json.dumps({
'success': False,
'message': '''Wrong password'''
})
def change_password(): token = request.form["token"] old_password = request.form["old_password"] new_password = request.form["new_password"] # Check if online if database_helper.is_user_online(token) != True: return jsonify(success = False, message = "You are not logged in") # get email from token email = database_helper.get_email_from_token(token) if email is None: return jsonify(success = False, message = "Can't find email matching token") # get and compare current password password = database_helper.get_password(email[0]) if password is None: return jsonify(success = False, message = "Can't find password matching email") if password[0] != old_password: return jsonify(success = False, message = "Wrong password entered") # set new password database_helper.set_password(email[0], new_password) return jsonify(success = True, message = "Password successfully updated")
def change_password():
token = request.form["token"]
old_password = request.form["old_password"]
new_password = request.form["new_password"]
# Check if online
if database_helper.is_user_online(token) != True:
return jsonify(success=False, message="You are not logged in")
# get email from token
email = database_helper.get_email_from_token(token)
if email is None:
return jsonify(success=False,
message="Can't find email matching token")
# get and compare current password
password = database_helper.get_password(email[0])
if password is None:
return jsonify(success=False,
message="Can't find password matching email")
if password[0] != old_password:
return jsonify(success=False, message="Wrong password entered")
# set new password
database_helper.set_password(email[0], new_password)
return jsonify(success=True, message="Password successfully updated")
def change_password(token, old_password, new_password):
user = database_helper.user_signedin(token)
if user is None:
return json.dumps({"success": False, "message": "You are not logged in."})
if database_helper.get_password(user[0]) != hashlib.sha512(old_password.encode('utf-8')).hexdigest():
return json.dumps({"success": False, "message": "Wrong password."})
database_helper.update_password(user[0], hashlib.sha512(new_password.encode('utf-8')).hexdigest())
return json.dumps({"success": True, "message": "Password changed."})
def change_password():
email=dh.get_email_by_token(request.args.get("token"))
old=request.args.get("old_password")
new=request.args.get("new_password")
if request.method == 'POST':
if dh.is_user_logged_in_email(email)==True:
if dh.get_password(email)==old:
dh.update_pass(email,new)
return json.dumps([{'success': True, 'message': "Password changed"}])
return json.dumps([{'success': False, 'message': "Wrong password"}])
return json.dumps([{'success': False, 'message': "User not signed in"}])
def signin():
email = request.form["email"]
password = request.form["password"]
data = database_helper.get_password(email)
if data is None:
return json.dumps({
'success': False,
'message': 'The email or password is incorrect'
})
if not bcrypt.check_password_hash(data, password):
return json.dumps({
'success': False,
'message': 'The email or password is incorrect'
})
token = database_helper.get_token(email)
if token is not None:
database_helper.remove_token(token)
if (token in wslist):
try:
wslist[token].send(
json.dumps({
'messageType': 'logout',
'message': "You just got logged out!"
}))
except WebSocketError:
pass
wslist[token].close()
wslist.pop(token)
token = os.urandom(32)
token = base64.b64encode(token).decode('utf-8)')
database_helper.insert_token(email, token)
# When someone logs in, we send a message to all logged in users to update their 'logged in users' count
for user in wslist:
send_message(
wslist[user],
json.dumps({
'messageType':
'loggedInStats',
'message': [
database_helper.getLoggedInUsersCount(),
database_helper.getAllUserCount()
]
}))
return json.dumps({
'success': True,
'message': 'Successfully logged in',
'data': token
})
def sign_in():
email=request.args.get("email")
password=request.args.get("password")
if request.method == 'POST':
if dh.is_user(email)==False:
return json.dumps([{'success': False, 'message': "No user with specifyed email"}])
if dh.is_user_logged_in_email(email)==True:
return json.dumps([{'success': False, 'message': "User already signed in"}])
cpass=dh.get_password(email)
if cpass==password:
token=gen_tok()
dh.signin_user(email,token)
return json.dumps([{'success': True, 'message': "User successfully singed in!",'token': token}])
return json.dumps([{'success': False, 'message': "Wrong password"}])
def change_password():
token = request.form['token']
old_password = request.form['oldpassword']
new_password = request.form['newpassword']
email = database_helper.get_email_by_token(token)
# Check if the user exists:
if (email is not None):
password = database_helper.get_password(email[0])
# Check if the passwords match
if (password[0] == old_password):
database_helper.set_password(email[0], new_password)
return jsonify(success = True, message = "Password changed.")
else:
return jsonify(success = False, message = "Wrong password.")
else:
return jsonify(success = False, message = "You are not logged in.")
def sign_in():
if request.method == 'POST' :
username=request.form['username']
if database_helper.check_user_exists_email(username):
if database_helper.get_password(username) == request.form['password'] :
#Check that there is no token already stored
new_token = secrets.token_hex(16)
database_helper.save_token(username,new_token)
answer = {"success" : "True", "message" : "Sucessfully signed in !" , "data": new_token }
return answer, 200
else :
answer = {"success" : "False", "message" : "Wrong username or password" , "data": "" }
return json.dumps(answer), 200
else:
answer = {"success" : "False", "message" : "Wrong username or password" , "data": "" }
return json.dumps(answer), 200
else:
abort(404)
def change_password():
if request.method == 'POST' :
token = request.form['token']
oldpwd = request.form['oldPassword']
newpwd = request.form['newPassword']
if database_helper.get_password(database_helper.get_username_from_token(token))==oldpwd:
if len(newpwd) >=10 :
database_helper.change_password(token,newpwd)
answer = {"success" : "True", "message" : "Sucessfully changed password !" , "data": "" }
return json.dumps(answer), 200
else:
answer = {"success" : "False", "message" : "New password is too short" , "data": "" }
return json.dumps(answer), 200
else:
answer = {"success" : "False", "message" : "Old passwords don't match" , "data": "" }
return json.dumps(answer), 200
else:
abort(404)
def change_password():
if request.method == 'POST':
token = request.form['token']
old_password = request.form['old_password']
new_password = request.form['new_password']
email = database_helper.get_email(token)
if email == False:
return json.dumps({'success': False, 'message': "Invalid token"})
if len(new_password) < 7:
return json.dumps({
'success': False,
'message': '''Password is too short'''
})
db_current_hashed_password = database_helper.get_password(email)
hashed_old_password = hashlib.sha256(old_password).hexdigest()
if hashed_old_password == db_current_hashed_password:
hashed_new_password = hashlib.sha256(new_password).hexdigest()
database_helper.change_password(email, hashed_new_password)
return json.dumps({'success': True, 'message': "Password changed"})
return json.dumps({'success': False, 'message': "Wrong password"})
def changePass():
token = request.form['token']
old_Password = request.form['old_password']
new_Password = request.form['new_password']
email = database_helper.get_email(token)
email = email[0]
print email
curr_pw = database_helper.get_password(email)
curr_pw = curr_pw[0]
print curr_pw
if len(new_Password) < 7:
return jsonify(success=False, message="Too short password")
if not email:
return jsonify(success=False, message="Invalid token")
if curr_pw == old_Password:
database_helper.set_password(email, new_Password)
return jsonify(sucess=True, message="Password changed successfully")
else:
return jsonify(sucess=False, message="Wrong password")
def change_password():
oldPassword = request.form["oldpass"]
newPassword = request.form["newpass"]
time_stamp = request.form["time"]
email = request.form["email"]
blob = oldPassword + newPassword + email
if check_hash(blob, email, request.form["hash"], time_stamp):
return json.dumps({
'success':
False,
'message':
'You are trying to hack a user. You should be ashamed of yourself!'
})
if len(newPassword) < 8:
return json.dumps({
'success': False,
'message': 'The password is too short'
})
token = database_helper.get_token(email)
if token is None:
return json.dumps({
'success': False,
'message': 'User is not logged in'
})
else:
if bcrypt.check_password_hash(database_helper.get_password(email),
oldPassword):
database_helper.change_password(
email, bcrypt.generate_password_hash(newPassword))
return json.dumps({
'success': True,
'message': 'Password was changed successfully'
})
else:
return json.dumps({'success': False, 'message': 'Wrong password'})
def signIn():
email = request.form['email']
password = request.form['password']
# Check valid user
usrpw= database_helper.get_password(email)
pw_hash = usrpw[0]
#print "pw: hash ", pw_hash
if email in session:
session[email].send("signout")
#del session[email]
#database_helper.signOutbyEmail(email)
if bcrypt.check_password_hash(pw_hash, password):
token = ''.join(random.choice(string.lowercase) for i in range(35))
print "Token i sign in: ", token
curruser = database_helper.get_loggedInUsers(email)
print "curruser: "******"User successfully signed in", data=token)
else:
return jsonify(success=False, message="Wrong password or email")
def verify_password(email, password):
hash = hash_pwd(password)
if hash == database_helper.get_password(email):
return True
else:
return False
def get_password(email):
return database_helper.get_password(email)
