def hash_password(password: str) -> Any:
ph = PasswordHasher()
try:
return ph.hash(password)
except HashingError as e:
print("ERROR::", e)
return None
def verify_password(password: str, hashed_password: str) -> bool:
ph = PasswordHasher()
try:
ph.verify(hashed_password, password)
return True
except VerifyMismatchError:
return False
def get_credentials(self, client, login, passwd):
import argon2
from argon2 import PasswordHasher
# returncode, data = self.get_user_phash(login)
# if returncode != 0:
# raise ValueError(data)
# ph = PasswordHasher()
# # print("DATA iS ", data[0])
# if ph.verify(data[0], passwd):
# self.verified_connections.add((id(client), client.getpeername()))
# return [0, "=>Verification successfull."]
# else:
# raise ValueError("Verification faild")
response = self.get_user_phash(login)
if response['returncode'] != 0:
return self.prepare_response(1, response['data'], "err")
ph = PasswordHasher()
try:
ph.verify(response['data'], passwd)
self.verified_connections.add((id(client), client.getpeername()))
answer = "=>Verification successfull."
return self.prepare_response(0, answer, "answer")
except argon2.exceptions.VerifyMismatchError as e:
print("!=> ", traceback.format_exc())
return self.prepare_response(1, str(e), "err")
def get_transactions(self, user_hash: str = ''):
user_transactions = []
ph = PasswordHasher()
if user_hash != '':
for block in self.chain:
for transaction in block['transactions']:
try:
if ph.verify(transaction['sender'], user_hash):
temp_transaction = deepcopy(transaction)
temp_transaction['sender'] = 'self'
user_transactions.append(temp_transaction)
except Exception:
try:
if ph.verify(transaction['reciever'], user_hash):
temp_transaction = deepcopy(transaction)
temp_transaction['recipient'] = 'self'
user_transactions.append(temp_transaction)
except Exception:
continue
return user_transactions
for block in self.chain:
for transaction in block['transactions']:
user_transactions.append(transaction)
return user_transactions
def post(self):
required_fields = ["username", "password", "isAdmin"]
# Get JSON data from request
json_data = request.get_json(force=True)
for field in required_fields:
if field not in json_data.keys():
return jsonify({
"success": -1,
"error": "Missing {} field".format(field)
})
# create database session
session = getSession(app.config["DB_USER"], app.config["DB_PASS"])
# check to see if username is taken
if session.query(User).filter_by(
username=json_data["username"]).first():
return jsonify({"success": -1, "error": "User already registered"})
# hash password
ph = PasswordHasher()
hash = ph.hash(json_data["password"])
try:
new_user = User(username=json_data["username"],
password=hash,
admin=json_data["isAdmin"])
session.add(new_user)
session.commit()
return jsonify({"success": 1})
except:
return jsonify({
"success": -1,
"error": "Error adding new user to db"
})
def _verify_password(self, stored, password):
ph = PasswordHasher()
try:
ph.verify(stored, password)
return True
except (exceptions.VerifyMismatchError, exceptions.VerificationError):
return False
def login(request):
if request.session.get('is_login', None):
return redirect('search_view')
if request.method == "POST":
login_form = UserForm(request.POST)
message = "Please check all fields"
if login_form.is_valid():
username = login_form.cleaned_data['username']
password = login_form.cleaned_data['password']
try:
user = models.User.objects.get(name=username)
if not user.has_confirmed: #Check if the email is verified or not.
message = "This account currently is disabled, please check your email."
return render(request, 'login/login.html', locals())
ph = PasswordHasher()
if ph.verify(user.password, password):
#Check if the password is correct, thows exception if it is not
#Write user status and data into Session dict
request.session['is_login'] = True
request.session['user_id'] = user.id
request.session['user_name'] = user.name
request.session['user_email'] = user.email
request.session['user_password'] = user.password
request.session['user_phone'] = user.phone
return redirect('search_view')
except:
message = "Username or password is incorrect"
return render(request, 'login/login.html', locals())
login_form = UserForm()
return render(request, 'login/login.html', locals())
def verificar_senha(self, password):
ph = PasswordHasher()
try:
ph.verify(self.password, password)
return {'status': True, 'msg': 'senha correta'}
except Exception:
return {'status': False, 'msg': 'senha incorreta'}
def check_argon(uid, user_lst_3, password_1):
ph = PasswordHasher()
try:
ph.verify(user_lst_3[uid], password_1)
return True
except argon2.exceptions.VerifyMismatchError:
return False
def __init__(self, auth_database: Union[str, Path]):
if isinstance(auth_database, str):
self.auth_db = Path(auth_database)
elif isinstance(auth_database, Path):
self.auth_db = auth_database
self.ph = PasswordHasher()
self.logger = logging.getLogger("ModernRelay.log")
def registration(useremail, password):
try:
ph = PasswordHasher()
conn = psycopg2.connect(database=conn_db,
user=conn_username,
password=conn_password,
host=conn_host,
port=conn_port)
cur = conn.cursor()
cur.execute(
"SELECT username from forumuser WHERE forumuser.username = "******"'" + useremail + "'")
conn.commit() #is there for the sql injecton
rows = cur.fetchall()
if (len(rows) >= 1):
return "This email already exists"
else:
randuserid = str(uuid.uuid1())
print("The password is: " + password)
pwhash = ph.hash(password)
cur.execute(
"INSERT into forumuser(randuserid, username, passwordhash) VALUES(%s,%s,%s)",
(randuserid, useremail, pwhash))
conn.commit()
conn.close()
return "Registration successful"
except psycopg2.OperationalError as e:
return "An Error occured during the registration\n{0}".format(e)
def signup():
form = Signup(prefix="a")
print("hi")
if request.method == "POST":
psswd = form.password.data
psswd_confirm = form.confirm.data
if psswd != psswd_confirm:
flash(
"Input for Password and Confirm Password field doesn't match")
return redirect(url_for("signup"))
existing_name = user.query.filter_by(name=form.username.data).first()
existing_email = user.query.filter_by(email=form.email.data).first()
if existing_name or existing_email:
print("This is bad news")
flash("The email or username are already created")
else:
print("hi")
ph = PasswordHasher()
name = form.username.data
email = form.email.data
hashed_pw = ph.hash(form.password.data)
usr = user(name=name, email=email, password=hashed_pw)
db.session.add(usr)
print(usr)
db.session.commit()
print("Saved")
flash('Thanks for registering')
return redirect(url_for("home"))
return render_template("signup.html", form=form)
def signin(user):
__password = user['password']
try:
__id = user['id']
users = User.objects.filter(id=__id)
except:
try:
__email = user['email']
users = User.objects.filter(email=__email)
except:
pass
ph = PasswordHasher()
for u in users:
if (u.active == 'false'):
return None
try:
ph.verify(u.password, __password)
__logged_user = {
'id': u.id,
'name': u.name,
'email': u.email,
'level': u.level
}
return __logged_user
except:
return None
def isVerified(password): #?????
ph = PasswordHasher()
hash = ph.hash("") #password
if ph.verify(hash, "") == True:
pass
else:
pass
def new_transaction_screen():
form = NewTransactionForm()
if request.method == 'POST':
from blockchain.api.models import User, Notifications
reciever_hash = request.form['reciever']
token = request.form['token']
ph = PasswordHasher()
user_hash = ph.hash(current_user.address)
index = blockchain.new_transaction(current_user.address, user_hash,
reciever_hash, token)
no1 = Notifications(
user_address_hash=user_hash,
time=str(datetime.datetime.now().strftime("%d/%m/%y %I:%M%p")),
headline='Property Sent',
text=token,
read=False)
no2 = Notifications(
user_address_hash=reciever_hash,
time=str(datetime.datetime.now().strftime("%d/%m/%y %I:%M%p")),
headline='Property Recieved',
text=token,
read=False)
# TODO: if exists in db then update row to match name and details
db.session.add(no1)
db.session.add(no2)
db.session.commit()
response = {
'message': 'Transaction will be added to Block {}'.format({index})
}
return render_template("message.html", message=response)
return render_template('new_transaction.html',
title='New Transaction',
form=form)
def verify_password(self, password):
hasher = PasswordHasher()
try:
hasher.verify(self.password_hash, password)
return True
except Exception:
return False
def createUser():
data = request.json
username = data['username']
password = data['password']
#Initialise password hasher
password_hasher = PasswordHasher()
#Hash the password and get a string of hash.
password_hash = password_hasher.hash(password)
#Get database connection
db = get_db()
cur = db.cursor()
#Check if the username is taken
cur.execute('SELECT * FROM Users WHERE userName=?', (username, ))
out = {}
rows = cur.fetchall()
if len(rows) != 0:
out['status'] = 'fail'
out['reason'] = 'Username already taken'
return jsonify(out)
else:
#Store username and password hash in database
cur.execute('INSERT INTO Users(userName, userPassword) VALUES (?, ?)',
(username, password_hash))
db.commit()
userId = cur.lastrowid
#Return userID and userName in response
out['status'] = 'success'
out['userId'] = userId
out['userName'] = username
return jsonify(out)
def login():
message = ""
site_login = request.form.get("site_login")
password = request.form.get("password")
result = db.execute(
"SELECT password,visible_name,user_id FROM users WHERE login=:login", {
"login": site_login
}).fetchone()
### users table schema
### user_id | login | password | visible_name
if result is None:
message = "Login or password is incorrect. Please try again."
return render_template("index.html", message=message)
password_hash = result[0]
message = password_hash
visible_name = result[1]
user_id = result[2]
try:
pwd_hasher = PasswordHasher()
pwd_hasher.verify(password_hash, password)
except argon2.exceptions.VerifyMismatchError:
message = "Login or password is incorrect. Please try again."
return render_template("index.html", message=message)
except:
message = "An error has occured during authentication. Please try again."
return render_template("index.html", message=message)
session['site_login'] = site_login
session['visible_name'] = visible_name
session['user_id'] = user_id
return redirect(url_for('homepage'))
def test_check_needs_rehash_no(self):
"""
Return False if the hash has the correct parameters.
"""
ph = PasswordHasher(1, 8, 1, 16, 16)
assert not ph.check_needs_rehash(ph.hash("foo"))
def test_hash_verify(self, password):
"""
Hashes are valid and can be verified.
"""
ph = PasswordHasher()
assert ph.verify(ph.hash(password), password) is True
def createAccount():#create account sequence
try:
usr = sys.argv[2]
except:
print('Usage: ./pythenticator < -c | -l > username')
exit(0)
print('Creating user: '******':')
if u == usr:
print('user already exists')
exit(0)
pw = getpass.getpass(prompt='Enter password for user {}:'.format(usr))#password prompt
if not policy.test(pw):#policy.test() returns empty list if it passes
ph = PasswordHasher()
pwhash = ph.hash(pw)
with open("users.db", "a") as file:
file.write(usr)
file.write(':')
file.write(pwhash)
file.write('\n')
print('User creation successful')
else:
print('The password you entered does not meet the following requriements: ', policy.test(pw))
def authenticate():
if request.method == 'POST':
username = request.get_json().get('username')
password = request.get_json().get('password')
hash = False
ph = PasswordHasher()
session = generateSession()
for fld_password, in session.query(User.fld_password).\
filter(User.fld_username == username):
hash = fld_password
if (hash is not False):
try:
result = ph.verify(fld_password, password)
if result:
response = jsonify({'message': 'Login Successful'})
return make_response(response)
except Exception as err:
print(err)
return make_response(
jsonify({'error': 'something bad happened'}))
return make_response(jsonify({'error': 'something bad happened'}))
return render_template('account_services/authenticate.html')
def create_user():
'''Create a new user from a post request form'''
ph = PasswordHasher()
name = request.form.get('name')
password = request.form.get('password')
verify_password = request.form.get('verify_password')
if password != verify_password:
return render_template('auth/register.html',
is_taken=False,
is_invalid=True)
user = User(name=name, password=ph.hash(password))
db.session.add(user)
try:
db.session.commit()
except IntegrityError:
# User name already taken
return render_template('auth/register.html',
is_taken=True,
is_invalid=False)
return redirect(url_for('login'))
def check_password(self, password):
ph = PasswordHasher()
try:
return ph.verify(self.password_hash, password)
except Exception:
return False
return False
def check_password_hash(hash: str, password: str) -> bool:
ph = PasswordHasher()
try:
if ph.verify(hash, password):
return True
except argon2.exceptions.VerifyMismatchError:
return False
def verify_password(self, password):
hasher = PasswordHasher()
try:
hasher.verify(self.password_hash, password)
return True
except Exception:
return False
def test_hash_password(self):
kdf = PasswordHasher()
password = '******'
hash = kdf.hash(password)
self.assertTrue(kdf.verify(hash, password))
def test_server_authenticate(database, tracer):
password = "******"
ph = PasswordHasher()
password_hash = ph.hash(password)
user = UserFactory.create(password=password_hash)
assert database.query(User).one()
user_store = UserDataStore(database, tracer)
user_case = UserUseCase(user_store, tracer)
order_store = OrderDataStore(database, tracer)
order_case = OrderUseCase(order_store, tracer)
date = datetime.date.today()
holiday_store = HolidayDataStore(date, tracer)
holiday_case = HolidayUseCase(holiday_store, tracer)
balance_client = BalanceClient(settings.BALANCE_TOKEN)
balance_case = BalanceUseCase(order_case, balance_client, tracer)
authentication_case = AuthenticationUseCase(user_case, tracer)
case = PromotionUseCase(discounts=[holiday_case, user_case], tracer=tracer)
servicer = PromotionServicer(case, user_case, order_case, balance_case,
authentication_case, tracer)
request = AuthenticateRequest(email=user.email, password=password)
result = servicer.Authenticate(request, None)
assert result.id_token.startswith('ey')
def update_user_by_id(id):
if g.user.id == id:
user = g.user
else:
user = User.query.filter(User.id == id).one_or_none()
if user is None:
return error(404)
body = request.json
password = body.get("password")
role = body.get("role")
if password:
if len(password) < 8:
return error(400, type="ShortPassword")
hasher = PasswordHasher()
hash = hasher.hash(password)
user.password_hash = hash
if role:
if g.user.role != UserRole.ADMIN:
return error(401, type="InsufficientPermission")
if role != "normal" and role != "admin":
return error(400, message="`role` must be one of {normal, admin}.")
user.role = UserRole.ADMIN if (role == "admin") else UserRole.NORMAL
db.session.commit()
return serialize_user(user)
def __init__(self, currentPassword, *args, **kwargs):
super().__init__(*args, **kwargs)
self.currentPassword = None if currentPassword is None else str(currentPassword)
self.addWidgets()
self.pwdhsr = PasswordHasher()
self.passwordTimer = QtCore.QTimer(timeout=self.validateCurrentPassword)
self.passwordTimer.setSingleShot(True)
def encrypting_password(self):
if not self.password:
return {'status': False, 'msg': 'password not allow blank'}
password_hash = PasswordHasher()
self.password = password_hash.hash(self.password)
return {'status': True, 'msg': 'senha encripitada'}
def gen_passwd_hash(pw):
ph = PasswordHasher(hash_len=hash_length,
salt_len=salt_length,
encoding=encoding,
time_cost=time_cost,
memory_cost=memory_cost)
pwhash = ph.hash(pw)
def test_verify(self, password):
"""
Verification works with unicode and bytes.
"""
ph = PasswordHasher(1, 8, 1, 16, 16, "latin1")
hash = ( # handrolled artisanal test vector
u"$argon2i$m=8,t=1,p=1$"
u"bL/lLsegFKTuR+5vVyA8tA$VKz5CHavCtFOL1N5TIXWSA"
)
assert ph.verify(hash, password)
def test_hash(self, password):
"""
Hashing works with unicode and bytes. Uses correct parameters.
"""
ph = PasswordHasher(1, 8, 1, 16, 16, "latin1")
h = ph.hash(password)
prefix = u"$argon2i$v=19$m=8,t=1,p=1$"
assert isinstance(h, six.text_type)
assert h[:len(prefix)] == prefix
def new_user():
userid = request.form.get('userid')
userpw = request.form.get('userpw')
if userid and userpw:
if db.query(User).filter(User.account == userid).first():
flash('id already exists')
else:
ph = PasswordHasher()
hash = ph.hash(userpw)
user = User(userid, hash)
db.add(user)
db.commit()
session['username'] = user.account
flash('welcome to people!')
return redirect(url_for('home'))
else:
flash('account id or password is blank.')
return redirect(url_for('new_user'))
def login():
userid = request.form.get('userid')
userpw = request.form.get('userpw')
if userid and userpw:
user = get_user(userid)
if user:
ph = PasswordHasher()
try:
ph.verify(user.password, userpw)
except VerifyMismatchError:
flash('check account or password')
else:
session['username'] = user.account
flash('welcome back!')
return redirect(url_for('home'))
else:
flash('check account or password')
else:
flash('account id or password is blank.')
return redirect(url_for('login'))
def argon2_test():
start = time.time()
ph = PasswordHasher()
hash = ph.hash(password)
hashed = hashlib.sha256(hash).digest()
end = time.time()
print "argon2 : ",(end-start)
start = time.time()
obj =AES.new(hashed,AES.MODE_CBC, 'This is an IV456')
ciphertext = obj.encrypt("The answer is no")
end = time.time()
print "AES Encrypt: ",(end-start)*1000
start = time.time()
obj =AES.new(hashed,AES.MODE_CBC, 'This is an IV456')
plaintext = obj.decrypt(ciphertext)
end = time.time()
print "AES Decrypt: ",(end-start)*1000
my_plaintext = 0xCCCCAAAA55553333
start = time.time()
big_cipher = SimonCipher(0x111122223333444455556666777788889999AAAABBBBCCCCDDDDEEEEFFFF0000, key_size=256, block_size=128)
simon = big_cipher.encrypt(my_plaintext)
end = time.time()
print "Simon Encrypt: ",(end-start)*1000
start = time.time()
big_cipher1 = SpeckCipher(0x111122223333444455556666777788889999AAAABBBBCCCCDDDDEEEEFFFF0000, key_size=256, block_size=128)
speck = big_cipher1.encrypt(my_plaintext)
end = time.time()
print "Speck Encrypt: ",(end-start)*1000
start = time.time()
big_cipher = SimonCipher(0x111122223333444455556666777788889999AAAABBBBCCCCDDDDEEEEFFFF0000, key_size=256, block_size=128)
plain = big_cipher.decrypt(simon)
end = time.time()
print plain
print "Simon Decrypt: ",(end-start)*1000
start = time.time()
big_cipher1 = SpeckCipher(0x111122223333444455556666777788889999AAAABBBBCCCCDDDDEEEEFFFF0000, key_size=256, block_size=128)
plain = big_cipher1.decrypt(speck)
end = time.time()
print plain
print "Speck Decrypt: ",(end-start)*1000
def password(self, password):
hasher = PasswordHasher()
ph = hasher.hash(password)
self.password_hash = ph
def hash_password(self, password):
ph = PasswordHasher()
self.password_hash = ph.hash(password)
def verify_password(self, password):
ph = PasswordHasher()
return ph.verify(self.password_hash, password)
