def is_authenticated(self): #Checks for a token, which is required for authentication. token = session.get('tumblr_token') if token: #Checks that the token is valid. if self.token_hash == make_secure_token(*token): return True '''Otherwise, check that the token gets info for a blog, and is therefore a valid auth for our uname''' if get_handle() == self.userid: update_user_tokenhash(self.userid, make_secure_token(*token)) return True return False
def test_make_secure_token_default_key(self): # Old test: 0f05743a2b617b2625362ab667c0dbdf4c9ec13a # New test with sha512: h1 = "47bec94a46a5d3939ca0671b01bafd5d7d5353941791734ec1e4734de40e5ce0" h2 = "a45c05c17cd33b8a18840991bb1cc154fa4ee8ef2f80a572b5a6a24b3a3afc20" with self.app.test_request_context(): self.assertEqual(make_secure_token('foo'), h1 + h2)
def generate_key(self): """Using make_secure_token https://flask-login.readthedocs.org/en/latest/_modules/flask_login.html#make_secure_token """ key = make_secure_token(str(self.user_id), key=str(random.random())) self.key = key
def get_auth_token(self): secure_token = make_secure_token( str(self.id), self.username, self.password, str(self.role)) return secure_token
def login(): response = {'code': 0, 'message': 'Missing parameters (email or password)'} email = request.form.get('email') password = request.form.get('password') if not email or not password: return make_response(jsonify(response), 400) user = User.query.filter_by(email=email, password=password).first() if user is not None: timestamp = (datetime.datetime.utcnow() + datetime.timedelta(days=1)).timestamp() token = make_secure_token(email, password, str(timestamp)) timestamp = int(timestamp) db.session.add(Session(id=user.id, timestamp=timestamp, token=token)) db.session.commit() response = {'code': 1, 'message': 'OK', 'data': {'token': token, 'expirationTimestamp': timestamp}} else: user = User.query.filter_by(email=email).first() if user: response = {'code': 0, 'message': 'Invalid password'} else: response = {'code': 0, 'message': 'User does not exist'} if response['code'] is 1: return make_response(jsonify(response), 200) return make_response(jsonify(response), 401)
def verify_and_authenticate(self): now = datetime.utcnow() self.verified = True self.verified_at = now self.signin_token = make_secure_token(uuid.uuid4().hex) self.authenticated = True self.lastsignin_at = now self.updated_at = now
def get_secure_token(self): """ Returns a secure token for each user generated from its user name. In order to get HMAC compliance this can be modified to be generatd from: username + email + SECRET_KEY make_secure_token(self.username + self.email + SECRET_KEY, key='deterministic') """ return make_secure_token(self.username, key='deterministic')
def set_remember_token(user): """Create and save a new remember token for an authentiated user. Session tokens are created using the username encrypted with the app's secret key via HMAC. """ token = make_secure_token(user.id) user.remember_token = token database.set('remember_token', token, user.id)
def get_auth_token(self): """ See https://flask-login.readthedocs.org/en/latest/#alternative-tokens :return: A secure token unique to this ``User`` with the current ``password_hash``. :rtype: string """ return make_secure_token(self.email, self.password_hash)
def validate(email): email = email.strip() user = User.query.filter_by(email=email).first() if user and not user.verified: token = make_secure_token(uuid.uuid4().hex) user.verification_token = token, user.verification_token_expires_at = datetime.utcnow() + timedelta( days=1) db.session.commit() return user
def refresh_password_reset_token(email): email = email.strip() user = User.query.filter_by(email=email).first() if user and not user.banned: token = make_secure_token(uuid.uuid4().hex) user.password_reset_token = token, user.password_reset_token_expires_at = datetime.utcnow( ) + timedelta(minutes=15) db.session.commit() return user
def test_get_auth_token(self): """ Authentication tokens are created using Flask-Login's ``make_secure_token`` function and the email address and password of the user. """ user = User(email='email', password_hash='password_hash') with app.app_context(): self.assertEqual(user.get_auth_token(), make_secure_token('email', 'password_hash'))
def add_oauth_identity(self, service_name, service_id): try: oauth_id, created = OAuthIdentity.get_or_create( name=service_name, service_id=service_id, user_id=self.id) self.auth_token = make_secure_token(service_name, service_id) save() return created except Exception: rollback() return False
def after_login(resp): user = User.from_openid(resp.identity_url) if user is None: # Create a new user account. user = User.new(**{"email": resp.email, "fullname": resp.fullname, "token": login_ext.make_secure_token(os.urandom(4), resp.email, os.urandom(4)), "openid": resp.identity_url}) login_ext.login_user(user) return flask.redirect(oid.get_next_url())
def signup(form): email = form.email.data.strip() username = form.username.data.strip() token = make_secure_token(uuid.uuid4().hex) user = User(username=username, email=email, password=bcrypt.generate_password_hash( form.password.data.strip()), verification_token=token, verification_token_expires_at=datetime.utcnow() + timedelta(days=1)) db.session.add(user) db.session.commit() return username, email, token
def check_link(email, timestamp, token): try: timestamp = int(timestamp) except: timestamp = 0 diff = time.time() - timestamp if diff > 60: UserBiz.delete_unactivated_user(email) raise DaixieError(LINK_OVERDUE) if token != make_secure_token(email, str(timestamp)): raise DaixieError(LINK_INVALID) return True
def test_custom_token_loader(self): @self.login_manager.token_loader def load_token(token): return USER_TOKENS.get(token) with self.app.test_client() as c: c.get('/login-notch-remember') self._delete_session(c) # Test that remember me functionality still works self.assertEqual(u'Notch', c.get('/username').data.decode('utf-8')) # Test that we used the custom authentication token remember_cookie = self._get_remember_cookie(c) expected_value = make_secure_token(u'Notch', key='deterministic') self.assertEqual(expected_value, remember_cookie.value)
def add_user(cls, name, email, oauth_service_name, oauth_service_id): try: user, created = User.get_or_create(name=name, email=email) if created: user.user_level = default_user_level() user.auth_token = make_secure_token( args=[oauth_service_name, oauth_service_id], key="deterministic") save() oauth_id, created = OAuthIdentity.get_or_create( name=oauth_service_name, service_id=oauth_service_id, user_id=user.id) if created: save() return user, created except Exception as e: print e.message rollback()
def create_user(session, username, password, email): user = session.query(User).filter(User.name == username).first() if user is not None: return None else: user = { 'name': username, 'display_name': username, 'email': email, 'avatar': 'new_user.png', 'approved': False, 'timezone': 'UTC', 'password': bcrypt.hashpw(password, bcrypt.gensalt(12)) } user['token'] = make_secure_token(user['name'], user['password']) user = User(**user) session.add(user) session.flush() return user
def create_user(session, username, password, email): user = session.query(User).filter(User.name==username).first() if user is not None: return None else: user = { 'name': username, 'display_name': username, 'email': email, 'avatar': 'new_user.png', 'approved': False, 'timezone': 'UTC', 'password': bcrypt.hashpw(password, bcrypt.gensalt(12)) } user['token'] = make_secure_token(user['name'], user['password']) user = User(**user) session.add(user) session.flush() return user
def get_auth_token(self): return make_secure_token(self.name, self.password)
def set_secure_token(self): secure_token = make_secure_token(self.email)
def get_tokenhash(): token = session.get('tumblr_token') if token: return make_secure_token(*token) else: return ''
def get_auth_token(self): """Generate an authentication token.""" return make_secure_token(self.uid, self.username, self.password)
@auth_routes.route('/authorize_ios', methods=['POST']) def authorize_iOS(): """ User login/auth/session management """ username = request.form.get('username', '') password = request.form.get('password', '') user = None try: user = User.from_login(username, password) except StormpathError, err: pass if user: app_user = AppUser.query.get(stormpathUserHash(user.get_id())) t = make_secure_token(username + password) if app_user.ios_token != t: app_user.set_ios_token(t) return jsonify({ 'username': user.username, 'user_id': app_user.user_id, 'authenticated': True, 'ios_token': t }) else: return jsonify({ 'username': username, 'authenticated': False, 'ios_token': None }) @auth_routes.route('/logout') @login_required
def get_auth_token(self): a = make_secure_token(str(self.id), self.password) print a return a
__author__ = 'izavaleta' from flask.ext.login import make_secure_token import requests import json # newuser = {'username': '******', 'password': '******', 'email': '*****@*****.**'} # r = requests.post('http://127.0.0.1:5000/add/user', data=json.dumps(newuser), # headers={'content-type': 'application/json'}) for i in range(1, 11): print "User: user%i token: %s " % ( i, make_secure_token("user%i" % i, key="deterministic"))
def get_auth_token(self): return make_secure_token("123456")
def test_make_secure_token_default_key(self): with self.app.test_request_context(): self.assertEqual(make_secure_token('foo'), '0f05743a2b617b2625362ab667c0dbdf4c9ec13a')
def get_auth_token(self): if not self.token: self.token = make_secure_token(self.username, self.pwhash, os.urandom(1024)) return self.token
def token_password(self, key, value): return make_secure_token(value)
def get_secure_token(*args, **kwargs): return make_secure_token(*args, **kwargs)
def get_auth_token(self): return make_secure_token(self.userid, key=secret_key)
def get_auth_token(self): return make_secure_token(self.username)
def test_make_secure_token_default_key(self): with self.app.test_request_context(): self.assertEqual(make_secure_token("foo"), "0f05743a2b617b2625362ab667c0dbdf4c9ec13a")
def send_activate_email(id, email): timestamp = '%d' % time.time() token = make_secure_token(email, timestamp) url = url_for('general.activate', id=id, email=email, timestamp=timestamp, token=token, _external=True) return EmailBiz.send_activate_email(id, email, url, u'30分钟')
def check_auth(cls, username, password): password = make_secure_token(password) return cls.query.filter_by(username=username, password=password) \ .first()
def get_auth_token(self): rv = lm.make_secure_token(self.username + self.password) app.logger.debug(rv) return rv
__author__ = 'izavaleta' from flask.ext.login import make_secure_token import requests import json # newuser = {'username': '******', 'password': '******', 'email': '*****@*****.**'} # r = requests.post('http://127.0.0.1:5000/add/user', data=json.dumps(newuser), # headers={'content-type': 'application/json'}) for i in range(1, 11): print "User: user%i token: %s " % (i, make_secure_token("user%i" % i, key="deterministic"))
def get_auth_token(self): return make_secure_token(self.email, str(self.id), self.password)
def update_auth_token(self): self.auth_token = make_secure_token(self.email, self.name)
def get_auth_token(self): return make_secure_token(self.username, self.password)
@auth_routes.route('/authorize_ios', methods=['POST']) def authorize_iOS(): """ User login/auth/session management """ username = request.form.get('username', '') password = request.form.get('password', '') user = None try: user = User.from_login(username, password) except StormpathError, err: pass if user: app_user = AppUser.query.get(stormpathUserHash(user.get_id())) t = make_secure_token(username + password) if app_user.ios_token != t: app_user.set_ios_token(t) return jsonify({ 'username': user.username, 'user_id': app_user.user_id, 'authenticated': True, 'ios_token': t }) else: return jsonify({ 'username': username, 'authenticated': False, 'ios_token': None })
def get_auth_token(self): return make_secure_token(self.name, key='deterministic')
def generate_auth_token(self): if (self.email is not None and self.username is not None and self.password_hash is not None): return make_secure_token(self.email, self.username, self.password_hash) return None
def randomize_auth_token(self): self.auth_token = make_secure_token( generate_password_hash(current_app.config['SECRET_KEY']))
def get_auth_token(self): secure_token = make_secure_token(str(self.id), self.username, self.password, str(self.role)) return secure_token