def check_hashed_password(password, hashed_password):
"""
Checks the password sent by user is equal the encrypted on the database
:param password: sha512 password
:param hashed_password: pbkdf2 sha512 password
:return: True if it matches False if else
"""
return pbkdf2_sha512.verify(password, hashed_password)
def verify(password, encoded):
'''verifies if encoded password correspond to plain password'''
if encoded == "" or password == "" or encoded is None or password is None:
return False
encoded = encoded.replace(CUSTOM_HEADER, PBKDF2SHA512_HEADER, 1)
#print encoded
ver = pbkdf2_sha512.verify(password, encoded)
return ver
def check_password_hash(password, hash):
"""
Checks the password sent by user in the request matches the one in database
The password in database is encrypted more than the one in the request at this stage
:param password: sha512-hashed password
:param hash: pbkdf2_sha512 encrypted password
:return: True if passwords match, False otherwise
"""
return pbkdf2_sha512.verify(password, hash)
def check_hashed_password(password, hashed_password):
"""
Checks that the password the user sent matches that of the database.
The database password is encrypted more than the user's password at this stage.
:param password: sha512-hashed password
:param hashed_password: pbkdf2_sha512 encrypted password
:return: True if password match, False otherwise
"""
return pbkdf2_sha512.verify(password, hashed_password)
def make_login():
data = request.json
if not 'email' in data or not 'password' in data:
return jsonify({'response': 'invalid input'})
db = app.data.driver.db
user = db[USERS_DOMAIN].find_one({'email': data.get('email')})
if not user:
return jsonify({'response': 'invalid username or password'})
if pbkdf2_sha512.verify(data['password'], user.get('password')):
return jsonify(generate_token(user_id=str(user.get('_id'))))
def check_login(form, field):
username = escape(form.username.data)
token = escape(form.telephone.data)
password = escape(form.password.data)
user_object = Users.query.filter_by(username=username).first()
if user_object is None:
raise ValidationError()
elif token != user_object.telephone:
raise ValidationError()
elif not pbkdf2_sha512.verify(password, user_object.password):
raise ValidationError()
def check_hashed_password(password: str, hashed_password: str) -> bool:
return pbkdf2_sha512.verify(password, hashed_password)
def is_password(self, claimed_password):
try:
return pbkdf2_sha512.verify(claimed_password, self.password_hash)
except ValueError:
return False
def post(self):
type = self.get_argument("type", "")
if type == "login_pwd":
opwd = self.get_argument('opwd', None)
npwd = self.get_argument('npwd', None)
npwd2 = self.get_argument('npwd2', None)
if "" in [opwd, npwd, npwd2]:
print "pwd is null"
return self.write(
json.dumps({
"status": "error",
"msg": u"密码不能为空"
}))
if npwd != npwd2:
print "npwd is difference"
return self.write(
json.dumps({
"static": "error",
"msg": u"新密码不一致,请重新输入"
}))
else:
# 旧密码验证
if not self.application.auth.log_in(self.user['name'], opwd):
self.write(json.dumps({
"status": "error",
"msg": u"密码不正确"
}))
# 新密码写入
if not self.application.auth.changepwd(self.user['uid'], npwd):
print "login_pwd updated"
self.write(json.dumps({
"status": "error",
"msg": u"error"
}))
else:
self.write(json.dumps({"status": "ok", "msg": u"密码已修改"}))
elif type == "phone":
# print "phone"
old_phone = self.get_argument('old_phone', None)
new_phone = self.get_argument('new_phone', None)
phone_code = self.get_argument('phone_code', None)
user = self.db.user.find_one({"uid": self.user['uid']})
# print old_phone, new_phone, phone_code
# 旧手机号码验证
if old_phone != user['phone']:
return self.write(
json.dumps({
"status": "error",
"msg": u"原手机号码不正确"
}))
if old_phone == new_phone:
return self.write(
json.dumps({
"status": "error",
"msg": u"新号码和旧号码不能一致"
}))
if phone_code != self.get_cookie('msg_code'):
return self.write(
json.dumps({
"msg": u'手机验证码输入错误',
"error": 'error'
}))
# 新手机号写入
else:
if not self.application.auth.changephone(
self.user['uid'], new_phone):
print "login_phone updated"
return self.write(
json.dumps({
"msg": u"修改手机号失败",
"error": 'error'
}))
else:
return self.write(
json.dumps({
"status": "ok",
"msg": u"修改手机号码成功"
}))
elif type == "email":
# print "email"
old_email = self.get_argument('old_email', None)
new_email = self.get_argument('new_email', None)
email_code = self.get_argument('email_code', None)
user = self.db.user.find_one({"uid": self.user['uid']})
# 旧邮箱验证
if old_email != user['email']:
return self.write(
json.dumps({
"status": "error",
"msg": u"原邮箱帐号不正确"
}))
if old_email == new_email:
return self.write(
json.dumps({
"status": "error",
"msg": u"新邮箱和旧邮箱不能一致"
}))
if email_code != self.get_cookie('email_code'):
return self.write(
json.dumps({
"msg": u'邮箱验证码输入错误',
"error": 'error'
}))
# 新邮箱号写入
else:
if not self.application.auth.changeemail(
self.user['uid'], new_email):
print "user_email updated"
return self.write(
json.dumps({
"msg": u"修改邮箱失败",
"error": 'error'
}))
else:
self.db.user.update({"uid": self.user['uid']},
{"$set": {
"email_check": 1
}})
return self.write(
json.dumps({
"status": "ok",
"msg": u"修改邮箱成功"
}))
elif type == "pay_pwd":
print "pay_pwd"
old_pay_pwd = self.get_argument('old_pay_pwd', "")
new_pay_pwd = self.get_argument('new_pay_pwd', "")
pwd_code = self.get_argument('paypwd_code', "")
cookiecode = self.get_secure_cookie('verify_code')
print pwd_code
print cookiecode
if "" in [old_pay_pwd, new_pay_pwd]:
print "pay_pwd is null"
return self.write(
json.dumps({
"status": "error",
"msg": u"支付密码不能为空"
}))
if pwd_code != cookiecode:
print "pwd_code != cookiecode"
return self.write(
json.dumps({
"status": "error",
"msg": u"验证码错误"
}))
else:
user = self.db.user.find_one({"uid": self.user['uid']})
login_pwd = user.get("pwd")
if not user.get("pay_pwd", None):
rs = pbkdf2_sha512.verify(old_pay_pwd, login_pwd)
print "pay_pwd", user.get("pay_pwd")
else:
rs = pbkdf2_sha512.verify(old_pay_pwd, user.get("pay_pwd"))
print rs
if rs:
if self.application.auth.changepaypwd(
self.user['uid'], new_pay_pwd):
user = self.db.user.find_one({"uid": self.user['uid']})
print user.get("pay_pwd")
return self.write(
json.dumps({
"status": "ok",
"msg": u"支付密码更新成功"
}))
else:
return self.write(
json.dumps({
"status": "error",
"msg": u"原支付密码不正确"
}))
else:
self.write(json.dumps({"status": "error", "msg": u"参数错误"}))
def verify_password(password: str, encrypted_password: str) -> bool:
try:
valid = pbkdf2_sha512.verify(password, encrypted_password)
except ValueError:
valid = False
return valid