def __call__(self, form, field):
schema = PasswordValidator()
schema \
.min(6) \
.has().digits()
if not schema.validate(field.data):
raise ValidationError(self.message)
def __call__(self, form: FlaskForm, field: Field):
the_schema = PasswordValidator()
the_schema \
.min(8) \
.has().lowercase() \
.has().digits()
if not the_schema.validate(field.data):
raise ValidationError(self.message)
def register():
error_list = []
form = RegistrationForm()
if request.method == 'POST':
#print(request.form['user_name'])
try:
user_name = form.user_name.data
password = form.password.data
if len(user_name) < 3:
#print("a")
if len(user_name) == 0:
error_list.append('Your username is required.')
else:
error_list.append('Your username is too short.')
schema = PasswordValidator()
schema.min(8) \
.has().uppercase() \
.has().lowercase() \
.has().digits()
if not schema.validate(password):
#print("b")
if len(password) == 0:
error_list.append("Your password is required.")
error_list.append('Your password is invalid, please refer to Account notes.')
#print(error_list)
if len(error_list) == 0:
services.add_user(user_name, password, repo.repo_instance)
# All is well, redirect the user to the login page.
return redirect(url_for('authen_bp.login'))
else:
return render_template(
'authen/credentials.html',
title='Register',
form=form,
error_list=error_list,
handler_url=url_for('authen_bp.register'),
)
except services.NameNotUniqueException:
error_list.append("Your username is already taken - please supply another.")
# For a GET or a failed POST request, return the Registration Web page.
return render_template(
'authen/credentials.html',
title='Register',
form=form,
error_list=error_list,
handler_url=url_for('authen_bp.register'),
)
@login_manager.unauthorized_handler
def unauthorized():
# Handle message when unauthorized
message.set_data({"login": "******"})
return message.UNAUTHORIZED
@login_manager.user_loader
def user_loader(id):
# user loader for login manager
user = User.query.filter_by(id=id).first()
return user
# Create a password schema
schema = PasswordValidator()
schema\
.min(8)\
.max(100)\
.has().uppercase()\
.has().lowercase()\
.has().digits()\
.has().no().spaces()\
def type_required(type):
# Decorator to check if user is certain type
def type_required_sub(func):
@wraps(func)
def wrapper(*args, **kwargs):
import re
from typing import Tuple
from flask import request, jsonify, Blueprint
from password_validator import PasswordValidator
from authserver.rabbitmq import RabbitMQ
from common import email_utils
from common.error import ValidationException
password_schema = PasswordValidator()
(password_schema.min(12).max(
100).has().uppercase().has().lowercase().has().digits().has().symbols())
user_api = Blueprint("user_api", __name__)
@user_api.route('/api/user', methods=["POST"])
def create() -> Tuple[str, int]:
from authserver.model.user import User
body = request.json
validate_create(body)
user = User.create(body["email"], body["password"])
create_rmq_user(body["email"], body["password"], user.hashed_id)
return jsonify(dict(topic=f"user.{user.hashed_id}.message"))
def create_rmq_user(email: str, password: str, hashed_id: str) -> None:
rmq = RabbitMQ()
from password_validator import PasswordValidator
with open("input.txt") as file:
lines = file.readlines()
ans = len([l for l in lines if PasswordValidator(l).is_valid()])
print(ans)
"""
User model module
"""
from email_validator import validate_email
from password_validator import PasswordValidator
from sqlalchemy import Column, Integer, String
from sqlalchemy.orm import validates
from lib.pass_tools import hash_password
from models.base import BASE
# Password valid schema
password_schema = PasswordValidator().min(8).max(100).has().uppercase().has(
).lowercase().has().digits().has().symbols().has().no().spaces()
class User(BASE):
"""
User model
"""
__tablename__ = 'users'
id = Column(Integer, primary_key=True)
username = Column(String(50), unique=True)
password = Column(String(255))
first_name = Column(String(255), nullable=False)
last_name = Column(String(255), nullable=False)
email = Column(String(255), nullable=False)
@validates('username')
def validate_username(self, key: str, value: str):
def __init__(self):
self.conn = conn
self.cursor = conn.cursor()
self.pass_validator = PasswordValidator()
self.pass_hash = PassHasher()
class SqlManager:
def __init__(self):
self.conn = conn
self.cursor = conn.cursor()
self.pass_validator = PasswordValidator()
self.pass_hash = PassHasher()
def create_structure(self):
with open(SQL_STRUCTURE_FILE) as f:
sql_file = f.read()
self.cursor.executescript(sql_file)
def change_message(self, new_message, logged_user):
update_sql = '''UPDATE clients
SET message = ?
WHERE id = ?'''
self.cursor.execute(update_sql, (new_message, logged_user.get_id()))
self.conn.commit()
logged_user.set_message(new_message)
def change_pass(self, new_pass, logged_user):
if self.pass_validator.validate(logged_user.get_username(), new_pass):
user_pass, user_salt = self.pass_hash.make_pass(new_pass)
else:
raise StrongPasswordError
update_sql = '''UPDATE clients
SET password =?,
salt =?
WHERE id =?'''
self.cursor.execute(update_sql, (user_pass, user_salt, logged_user.get_id()))
self.conn.commit()
def register(self, username, password):
if self.pass_validator.validate(username, password):
user_pass, user_salt = self.pass_hash.make_pass(password)
else:
return False
insert_sql = '''INSERT INTO clients (username, password, salt)
VALUES (?, ?, ?)'''
self.cursor.execute(insert_sql, (username, user_pass, user_salt))
self.conn.commit()
def __get_salt(self, username):
sql = '''SELECT username, password, salt
FROM clients
WHERE username =?'''
self.cursor.execute(sql, (username, ))
data = self.cursor.fetchone()
if data is None:
return None
else:
return data['salt']
def _login(self, username):
if not self._is_blocked(username):
def _is_blocked(self, username):
client_id = self.get_client_id_by_username(username)
now = datetime.datetime.now()
sql = '''SELECT id, block_end
FROM blocked_users
WHERE client_id=?
ORDER BY id
DESC
LIMIT 1'''
self.cursor.execute(sql, (client_id, ))
result = self.cursor.fetchone()
if result is None:
return False
return (now, result['blocked_end'])
def block_user(self, username):
start = datetime.datetime.now()
end = start + BLOCK_TIME
client_id = self.get_client_id_by_username(username)
sql = '''INSERT INTO blocked_users
(client_id, blocked_start, blocked_end)
VALUES (?, ?, ?)'''
def create_login_attempt(self, username, password, status='FAIL'):
login_attempts = BLOCK_ATTEMPTS
if self.pass_validator.validate(username, password):
status = 'SUCCEED'
else:
if login_attempts > 0:
login_attempts -= 1
else:
status = 'BLOCKED'
client_id = self.get_client_id_by_username(username)
now = datetime.datetime.now()
sql = '''INSERT INTO login_attemps
(client_id, attempt_status, time_stamp)
values (?, ?, ?)'''
self.cursor.execute(sql, (client_id, status, now))
def login(self, username, password):
self._login(username)
data = self.__get_salt(username)
if data is None:
return False
select_query = '''SELECT id, username, balance, message
FROM clients
WHERE username =?
AND password =?
LIMIT 1'''
passkey = self.pass_hash.make_pass(password, data)
self.cursor.execute(select_query, (username, passkey[0]))
user = self.cursor.fetchone()
if(user):
return Client(user[0], user[1], user[2], user[3])
else:
return False
def get_client_id_by_username(self, username):
sql = '''SELECT id from clients where username=? '''
self.cursor.execute(sql, (username, ))
result = self.cursor.fetchone()
return result['id']
def main(argv: List):
ih = InputHandler(argv[0])
v = PasswordValidator(ih.inputs)
v.calculate_valids()
print(v.valid_count)
