def loginAuth():
error = None
if request.method == 'POST':
userInput = request.form['user_input']
pwd = request.form['pwd']
user = User.query.filter_by(email=userInput).first()
if user.email:
password = pwd
if _security.password_hash != 'plaintext':
password = get_hmac(password)
if userInput == user.email and _pwd_context.verify(
get_hmac(pwd), user.password):
userDetails = PersonalDetails.query.filter_by(
details=user).first()
return render_template('index.html',
teaminfo=spider.teamInfo(),
teamtab=spider.parseTeamPos(),
virus=spider.caronaInfo(),
temp=spider.parseTemp(),
user=user,
userDetails=userDetails)
else:
error = 'Invalid credentials'
return render_template('login.html', err=error)
def delete_user(email):
with app.app_context():
try:
user = user_datastore.get_user(get_hmac(email))
user_datastore.delete_user(user)
db.session.commit()
except:
print('Delete user failed!')
def delete_user(email):
with app.app_context():
try:
user = user_datastore.get_user(get_hmac(email))
user_datastore.delete_user(user)
db.session.commit()
except:
print('Delete user failed!')
def unlock_user(email):
with app.app_context():
try:
user = user_datastore.get_user(get_hmac(email))
user_datastore.remove_role_from_user(user, user_datastore.find_role('Locked'))
db.session.commit()
except:
print('Unlock user failed!')
def lock_user(email):
with app.app_context():
try:
user = user_datastore.get_user(get_hmac(email))
locked = user_datastore.find_role('Locked')
user_datastore.add_role_to_user(user, locked)
db.session.commit()
except:
print('Lock user failed!')
def unlock_user(email):
with app.app_context():
try:
user = user_datastore.get_user(get_hmac(email))
user_datastore.remove_role_from_user(
user, user_datastore.find_role('Locked'))
db.session.commit()
except:
print('Unlock user failed!')
def lock_user(email):
with app.app_context():
try:
user = user_datastore.get_user(get_hmac(email))
locked = user_datastore.find_role('Locked')
user_datastore.add_role_to_user(user, locked)
db.session.commit()
except:
print('Lock user failed!')
def create_user(email, password):
with app.app_context():
try:
newuser = user_datastore.create_user(email=get_hmac(email), password=encrypt_password(password))
virgin = user_datastore.find_role('Virgin')
user_datastore.add_role_to_user(newuser, virgin)
db.session.commit()
except:
print('User already exists!')
def change_password(email, password):
with app.app_context():
try:
user = user_datastore.get_user(get_hmac(email))
user.password = encrypt_password(password)
virgin = user_datastore.find_role('Virgin')
user_datastore.add_role_to_user(user, virgin)
db.session.commit()
except:
print('Password change failed!')
def create_user(email, password):
with app.app_context():
try:
newuser = user_datastore.create_user(
email=get_hmac(email), password=encrypt_password(password))
virgin = user_datastore.find_role('Virgin')
user_datastore.add_role_to_user(newuser, virgin)
db.session.commit()
except:
print('User already exists!')
def test_verify_password_argon2(app, sqlalchemy_datastore):
init_app_with_options(app, sqlalchemy_datastore,
**{"SECURITY_PASSWORD_HASH": "argon2"})
with app.app_context():
hashed_pwd = hash_password("pass")
assert verify_password("pass", hashed_pwd)
assert "t=10" in hashed_pwd
# Verify double hash
assert verify_password("pass", argon2.hash(get_hmac("pass")))
def change_password(email, password):
with app.app_context():
try:
user = user_datastore.get_user(get_hmac(email))
user.password = encrypt_password(password)
virgin = user_datastore.find_role('Virgin')
user_datastore.add_role_to_user(user, virgin)
db.session.commit()
except:
print('Password change failed!')
def verify_and_update_password(password, user):
"""
Copy-pasted function from flask_security and disable double_hash for
Django passwords.
"""
if (use_double_hash(user.password)
and not user.password.startswith('pbkdf2_sha256')):
verified = _pwd_context.verify(get_hmac(password), user.password)
else:
# Try with original password.
verified = _pwd_context.verify(password, user.password)
if verified and _pwd_context.needs_update(user.password):
user.password = hash_password(password)
_datastore.put(user)
return verified
def test_verify_password_single_hash_list(app, sqlalchemy_datastore):
init_app_with_options(
app, sqlalchemy_datastore, **{
'SECURITY_PASSWORD_HASH':
'bcrypt',
'SECURITY_PASSWORD_SALT':
'salty',
'SECURITY_PASSWORD_SINGLE_HASH':
['django_pbkdf2_sha256', 'plaintext'],
'SECURITY_PASSWORD_SCHEMES':
['bcrypt', 'pbkdf2_sha256', 'django_pbkdf2_sha256', 'plaintext']
})
with app.app_context():
# double hash
assert verify_password('pass', encrypt_password('pass'))
assert verify_password('pass', pbkdf2_sha256.hash(get_hmac('pass')))
# single hash
assert verify_password('pass', django_pbkdf2_sha256.hash('pass'))
assert verify_password('pass', plaintext.hash('pass'))
def test_verify_password_single_hash_list(app, sqlalchemy_datastore):
init_app_with_options(
app,
sqlalchemy_datastore,
**{
"SECURITY_PASSWORD_HASH": "bcrypt",
"SECURITY_PASSWORD_SALT": "salty",
"SECURITY_PASSWORD_SINGLE_HASH": ["django_pbkdf2_sha256", "plaintext"],
"SECURITY_PASSWORD_SCHEMES": [
"bcrypt",
"pbkdf2_sha256",
"django_pbkdf2_sha256",
"plaintext",
],
}
)
with app.app_context():
# double hash
assert verify_password("pass", hash_password("pass"))
assert verify_password("pass", pbkdf2_sha256.hash(get_hmac("pass")))
# single hash
assert verify_password("pass", django_pbkdf2_sha256.hash("pass"))
assert verify_password("pass", plaintext.hash("pass"))
def test_can_verify_django_and_flask_password(app, user):
context = app.extensions['security'].pwd_context
assert context.verify(get_hmac('password'), user.password)
assert context.verify('vincent', django_fixture()['fields']['password'])
