def test_hash_check_vj4(self): password1 = 'password1' salt1 = pwhash.gen_salt() hash1 = pwhash.hash_vj4(password1, salt1) self.assertTrue(pwhash.check(password1, salt1, hash1)) salt2 = pwhash.gen_salt() self.assertFalse(pwhash.check(password1, salt2, hash1)) password2 = 'password2' self.assertFalse(pwhash.check(password2, salt1, hash1))
def test_hash_check_vj4(self):
password1 = 'password1'
salt1 = pwhash.gen_salt()
hash1 = pwhash.hash_vj4(password1, salt1)
self.assertTrue(pwhash.check(password1, salt1, hash1))
salt2 = pwhash.gen_salt()
self.assertFalse(pwhash.check(password1, salt2, hash1))
password2 = 'password2'
self.assertFalse(pwhash.check(password2, salt1, hash1))
async def check_password_by_uname(uname: str, password: str, auto_upgrade: bool=False):
"""Check password. Returns doc or None."""
doc = await get_by_uname(uname, PROJECTION_ALL)
if not doc:
raise error.UserNotFoundError(uname)
if pwhash.check(password, doc['salt'], doc['hash']):
if auto_upgrade and pwhash.need_upgrade(doc['hash']) \
and validator.is_password(password):
await set_password(doc['_id'], password)
return doc
async def change_password(uid: int, current_password: str, password: str):
"""Change password. Returns doc or None."""
doc = await get_by_uid(uid)
if (not doc) or (not pwhash.check(current_password, doc['salt'], doc['hash'])):
return None
validator.check_password(password)
salt = pwhash.gen_salt()
coll = db.Collection('user')
doc = await coll.find_and_modify(query={'_id': doc['_id'],
'salt': doc['salt'],
'hash': doc['hash']},
update={'$set': {'salt': salt,
'hash': pwhash.hash_vj4(password, salt)}},
new=True)
return doc
async def change_password(uid: int, current_password: str, password: str):
"""Change password. Returns doc or None."""
doc = await get_by_uid(uid)
if (not doc) or (not pwhash.check(current_password, doc['salt'],
doc['hash'])):
return None
validator.check_password(password)
salt = pwhash.gen_salt()
coll = db.Collection('user')
doc = await coll.find_and_modify(query={
'_id': doc['_id'],
'salt': doc['salt'],
'hash': doc['hash']
},
update={
'$set': {
'salt':
salt,
'hash':
pwhash.hash_vj4(password, salt)
}
},
new=True)
return doc
async def check_password_by_uname(uname: str, password: str):
"""Check password. Returns doc or None."""
doc = await get_by_uname(uname)
if doc and pwhash.check(password, doc['salt'], doc['hash']):
return doc
async def check_password_by_uid(uid: int, password: str):
"""Check password. Returns doc or None."""
doc = await get_by_uid(uid, PROJECTION_ALL)
if doc and pwhash.check(password, doc['salt'], doc['hash']):
return doc
async def check_password_by_uname(uname: str, password: str):
"""Check password. Returns doc or None."""
doc = await get_by_uname(uname)
if doc and pwhash.check(password, doc['salt'], doc['hash']):
return doc