Example #1
0
    def get_client_id_byname(self, name, passcode):
        """ retrieve the corresponding client_id of the given banking_id (bid) (called at the server side)

        @param bid: banking id
        @return cid: contact id
        """
        query=sql.SQL("SELECT (c.client_id) FROM clients AS c INNER JOIN credentials   ON (credentials.id=c.client_id) WHERE c.client_name={name} AND credentials.passcode={passcode} LIMIT 1  FOR UPDATE SKIP LOCKED;").\
            format(name=sql.Literal(name),\
                   passcode=sql.Literal(hash(passcode)))
        self.db_log.debug(query)
        self.cur.execute(query)
        return self.cur.fetchone()[0]
Example #2
0
    def register(self, cid, passcode, cred_id):
        """add client credentials returned from the server

        @param cid: client id
        @param passcode: client password
        @param cred_id: credential id
        """
        #, gen_salt('bf',8)
        stat=sql.SQL("INSERT INTO credentials  (id, passcode, cred_id)  VALUES ({cid}, {passcode}, {credid});").\
            format(cid=sql.Literal(cid),\
                   passcode=sql.Literal(hash(passcode)), \
                   credid=sql.Literal(cred_id))
        self.db_log.debug(stat)
        self.cur.execute(stat)
Example #3
0
    def account_byname(self, name, passcode):
        """verify that account with corresponding email doesn't exists

        @param name: client name
        @param passcode: client passcode
        @return boolean for hypothesis test, that it exists
        """
        stat=sql.SQL("SELECT EXISTS(SELECT 1 FROM clients AS c JOIN credentials AS cred ON cred.id=c.client_id WHERE c.client_name={name} AND cred.passcode={passcode}) FOR UPDATE SKIP LOCKED;")\
            .format(name=sql.Literal(name),\
                    passcode=sql.Literal(hash(passcode)))
        self.cur.execute(stat)
        fet=self.cur.fetchone()
        self.logger.debug('exists.account_byname {} fet: {}'.format(name, fet))
        return fet[0]
Example #4
0
    def user(self, user, passcode):
        """verify that account with corresponding email doesn't exists

        @param name: client name
        @param passcode: client passcode
        @return boolean for hypothesis test, that it exists
        """
        #TODO is the duplicate user1, user2 necessary
        stat=sql.SQL("SELECT EXISTS (SELECT 1 FROM clients AS c JOIN credentials AS cred ON (cred.id=c.client_id) WHERE (c.client_email={user} AND cred.passcode={passcode}) OR (c.client_name={user} AND cred.passcode={passcode})) FOR UPDATE SKIP LOCKED;")\
            .format(user=sql.Literal(user),\
                    passcode=sql.Literal(hash(passcode)))
        self.cur.execute(stat)
        fet=self.cur.fetchone()
        self.logger.debug('exists.account_byname {} fet: {}'.format(user, fet))
        return fet[0]
Example #5
0
 def test_password(self):
     exchange = Currency(EUR)
     rate = exchange.rate
     if not db.exists.currency(EUR):
         db.inserts.add_currency(EUR, rate)
     curr_id = db.gets.get_currency_id(EUR)
     passcode = get_rand_pass()
     email = get_email()
     credid = get_credid(email)
     banalce = get_balance()
     email = get_email()
     name = get_name()
     db.inserts.add_client(name, email, curr_id)
     cid = db.gets.get_client_id_byemail(email)
     db.inserts.register(cid, passcode, credid)
     #add_bank_addount
     bid = db.inserts.add_bank_account(cid, balance, bank_name,
                                       branch_number, account_number,
                                       name_reference, curr_id)
     passcode_eq = db.gets.get_password(credid)
     self.assertEqual(hash(passcode), passcode_eq)