Example #1
0
 def obj_create(self, bundle, request=None, **kwargs):
     try:
         email = bundle.data['email']
         salt = bundle.data['salt']
         password_hash = bundle.data['password_hash']
     except KeyError:
         raise exceptions.BadRequest('Specify email, salt and password_hash.')
     try:
         salt = crypto.from_string(salt)
     except (ValueError, TypeError, ):
         raise exceptions.BadRequest('Incorrect salt value.')
     try:
         password_hash = crypto.from_string(password_hash)
     except (ValueError, TypeError, ):
         raise exceptions.BadRequest('Incorrect password_hash value.')
     try:
         bundle.obj = self._meta.object_class.objects.create(
             email = email,
             username = email,
             password = crypto.make_password(password_hash, salt),
         )
     except db.IntegrityError:
         raise exceptions.BadRequest('There\'s already user with this email.')
     except (ValueError, TypeError, ):
         raise exceptions.BadRequest('Invalid data provided (mismatched type).')
     models.UserProfile.objects.create(
         user=bundle.obj,
     )
     bundle.data = {} # To prevent creation data e.g. `password_hash` population.
     return bundle
Example #2
0
 def is_authenticating(self, user, credentials, request):
     '''
     Checks authentication credentials for validity and prepares them for authentication.
     
     @returns `True` if somebody tries to authenticate, `False` otherwise.
     '''
     if not set(credentials.keys()).issuperset(['one_time_salt', 'password_hash', 'salt', ]):
         return False
     try:
         credentials['salt'] = crypto.from_string(credentials['salt'])
     except (ValueError, TypeError, ):
         raise exceptions.BadRequest('Incorrect salt value.')
     try:
         credentials['one_time_salt'] = crypto.from_string(credentials['one_time_salt'])
     except (ValueError, TypeError, ):
         raise exceptions.BadRequest('Incorrect one_time_salt value.')
     try:
         credentials['password_hash'] = crypto.from_string(credentials['password_hash'])
     except (ValueError, TypeError, ):
         raise exceptions.BadRequest('Incorrect password_hash value.')
     return True
Example #3
0
 def full_hydrate(self, bundle):
     if not bundle.request.user.is_authenticated():
         self.unauthorized_result(bundle=bundle)
     bundle = super(User, self).full_hydrate(bundle)
     bundle.obj.profile.data = bundle.data['data']
     fields = set(bundle.data.keys())
     if fields.intersection(self.PASSWORD_CHANGING_FIELDS):
         if fields.issuperset(self.PASSWORD_CHANGING_FIELDS):
             try:
                 password_hash = crypto.from_string(bundle.data['new_password_hash'])
             except (ValueError, TypeError, ):
                 raise exceptions.BadRequest('Incorrect new_password_hash value.')
             try:
                 salt = crypto.from_string(bundle.data['new_salt'])
             except (ValueError, TypeError, ):
                 raise exceptions.BadRequest('Incorrect new_salt value.')
             bundle.obj.password = crypto.make_password(password_hash, salt)
         else:
             raise exceptions.BadRequest('Both new_password_hash and new_salt fields should be presented.')
     bundle.data = {} # To prevent update data e.g. `password_hash` population.
     return bundle