def register():
print('SERVER/LOG: Opening registration page')
if request.method == 'POST':
user = request.form['username']
email = request.form['email']
pwd = request.form['password']
create_date = str(timestamp)
print('SERVER/LOG: Account created by ', user, ' at ', create_date)
# TODO: Server side logic to salt and encrypt password
salt = Encrypt.generate_salt()
session_key = Encrypt.generate_session_key()
sym_key_box = Encrypt.generate_key(pwd.encode(), salt)
values = (user, email, create_date, base64.b64encode(salt),
base64.b64encode(session_key), base64.b64encode(sym_key_box))
db.insert_user(values)
return render_template('register.html')
def test_insert_full_user():
'''
Test registration logic, including encrypted storage
:param values=(user, email, createDate, salt, auth, symmetricBox):
'''
user = '******'
email = '*****@*****.**'
createDate = '12042017'
password = b'testpwd'
salt = Encrypt.generate_salt()
session_key = Encrypt.generate_session_key()
sym_key_box = Encrypt.generate_key(password, salt)
values = (user, email, createDate, str(salt), str(session_key),
str(sym_key_box))
insert_statement = (
"INSERT INTO user (user, email, createDate, salt, auth, symmetricBox)"
"VALUE (%s, %s, %s, %s, %s, %s)")
db.insert_row(insert_statement, values)\
