Ejemplo n.º 1
0
    def _do_put(self, phrase):
        request_body = self.request.get_json()

        # Check required username field
        try:
            username = request_body['username']
        except KeyError:
            return self.error("Missing username!")
        if not username:
            return self.error("Empty username!")

        # Extract required password field
        try:
            password = request_body['password']
        except KeyError:
            return self.error("Missing password!")
        if not password:
            return self.error("Empty password!")

        try:
            user = api.user_get_by_username(username, session=self.session)
            if user:
                return self.error("User already exists!")
            hashed = utils.hashpw(password)
            user = models.User(username=username, password=hashed)
            api.user_create(user, session=self.session)
            return {'result': "success"}
        except Exception:
            return self.error("Unable to add new user the database!")
Ejemplo n.º 2
0
    def _do_put(self, phrase):
        """
        Create a new user.

        :param phrase: not used

        :returns: success result
        """
        payload_dicts = [{
            'name': "username",
            'is_list': False,
            'required': True
        }, {
            'name': "password",
            'is_list': False,
            'required': True
        }, {
            'name': "phrase",
            'is_list': False
        }]
        payload_objects = self._check_payload(payload_dicts)

        u = self._validate(payload_objects[0], 'username')
        p = self._validate(payload_objects[1], 'password')
        phrase = self._validate(payload_objects[2], 'phrase')
        if len(phrase) < 6:
            raise bh.OppError("Passphrase must be at least 6 characters long!")

        try:
            cipher = aescipher.AESCipher(phrase)
            ok = cipher.encrypt("OK")
            user = api.user_get_by_username(self.session, u)
            if user:
                raise bh.OppError("User already exists!")
            hashed = utils.hashpw(p)
            user = models.User(username=u, password=hashed, phrase_check=ok)
            api.user_create(self.session, user)
            user = api.user_get_by_username(self.session, u)
            if user:
                return {'result': 'success'}
            else:
                raise bh.OppError("Unable to add user: '******'" % u)
        except bh.OppError as e:
            raise bh.OppError(e.error, e.desc, e.status, e.headers)
        except Exception:
            raise bh.OppError("Unable to add user: '******'" % u)
Ejemplo n.º 3
0
def add_user(config, u, p, phrase):
    if len(phrase) < 6:
        sys.exit("Error: passphrase must be at least 6 characters long!")
    try:
        cipher = aescipher.AESCipher(phrase)
        ok = cipher.encrypt("OK")
        s = api.get_scoped_session(config.conf)
        with s.begin():
            user = api.user_get_by_username(s, u)
            if user:
                sys.exit("Error: user already exists!")
            hashed = utils.hashpw(p)
            user = models.User(username=u, password=hashed, phrase_check=ok)
            api.user_create(s, user)
            user = api.user_get_by_username(s, u)
            if user:
                print("Successfully added new user: '******'" % u)
            else:
                print("Error: unable to add user: '******'" % u)
    except Exception as e:
        sys.exit("Error: %s" % str(e))
Ejemplo n.º 4
0
    def test_users_basic(self):
        # Insert and retrieve an user
        user = models.User(username="******", password="******")
        api.user_create(user, session=self.session)
        user = api.user_get_by_username(user.username, session=self.session)
        self.assertIsNotNone(user)
        self.assertEqual(user.username, "user")
        self.assertEqual(user.password, "pass")

        # Update and check the user
        user.username = "******"
        user.password = "******"
        api.user_update(user, session=self.session)
        new_user = api.user_get_by_id(user.id, session=self.session)
        self.assertIsNotNone(new_user)
        self.assertEqual(new_user.username, user.username)
        self.assertEqual(new_user.password, user.password)
        self.assertEqual(new_user.id, user.id)

        # Clean up and verify
        api.user_delete_by_username(user.username, session=self.session)
        user = api.user_get_by_id(user.id, session=self.session)
        self.assertIsNone(user)