def test_password_hashing(self): correct = hash_password(self.correct) incorrect = hash_password(self.incorrect) self.assertFalse(check_password(self.incorrect, correct)) self.assertTrue(check_password(self.correct, correct)) self.assertFalse(check_password(self.correct, incorrect))
def edit_user_password(username): # Updates password of a user on non PubCookie setups. message = None errors = [] if session['user_auth_level'] >= 10000 or session['user_username'] == username: # administrator access log_access('users/password') if request.method == 'POST': log_access('users/password', 'posted form') user_id = request.form['user_id'] current_pw = request.form['cur_password'] if 'cur_password' in request.form else '' new_pw = request.form['new_password'] again_pw = request.form['again_password'] user = model.get_user(user_id) current_hash_pw = auth.hash_password(current_pw) if session['user_auth_level'] >= 10000 and session['user_id'] != user_id: current_hash_pw = user['password'] if not user['password'] == current_hash_pw: errors.append("Current Password is incorrect") elif new_pw == '': errors.append("New password is empty") elif not new_pw == again_pw: errors.append("Passwords don't match") else: model.set_password(user_id, auth.hash_password(new_pw)) message = "Saved." form=model.get_user_by_username(username) return render_template('user_edit_password.html', form=form, errors=errors, message=message) else: log_access('users/password', 'access_denied changing password for: ' + username) return redirect(url_for('access_denied'))
def user_editor(self): request = self.request # Verifica se o usuário está logado if self.logged_in != None: # Verifica se ele tem privilégio para adicionar admin if get_privileges(self.logged_in) != 4: return HTTPForbidden() else: url = request.route_url('user_editor') referrer = request.url # Verifica se o referer é a página de edição, se sim muda ela pra home if referrer == url: referrer = '/' came_from = request.params.get('came_from', referrer) message = '' username = '' password = '' level = '' if 'form.submitted' in request.params: username = request.params['username'] password = request.params['password'] level = request.params['level'] # Inicia o DB db = MongoClient(host=DB_HOST, port=DB_PORT) users = db[DB_NAME]['users'] if groupfinder(username, '') != None: users.update_one({'username': username}, { '$set': { 'password': hash_password(password), 'level': int(level) } }) return HTTPFound(location=came_from) else: users.insert_one({ 'username': username, 'password': hash_password(password), 'level': int(level) }) return HTTPFound(location=came_from) return dict( message=message, url=request.application_url + '/user_editor', came_from=came_from, ) else: return HTTPForbidden()
def register(): data = request.get_json() missing = [] if 'firstName' not in data: missing.append('firstName') if 'lastName' not in data: missing.append('lastName') if 'email' not in data: missing.append('email') if 'password' not in data: missing.append('password') elif 'email' in data: data['password'] = auth.hash_password(data['password'], data['email']) if len(missing) > 0: message = 'Incorrect request, missing ' + str(missing) abort(400, message) user_id, perms = db.create_user(data) jwt = auth.jwt.make_jwt(user_id) resp = { 'firstName': data['firstName'], 'lastName': data['lastName'], 'auth': jwt, 'permissions': perms, } return jsonify(resp)
def reset_password(email, token, password): """Uses a token/email combination to set a password""" if not password: raise ValueError("Password must be specified") database = sqlite3.connect('database.sqlite3') database.execute(("DELETE FROM password_recovery" " WHERE datetime(generated, '+15 minute') < CURRENT_TIMESTAMP")) database.commit() count = database.execute(("SELECT count() FROM password_recovery" " WHERE email=:email AND token=:token"), {"email": email, "token": token}).fetchone()[0] if not count == 1: raise ValueError("Incorrect email/token combination") salt = database.execute("SELECT salt FROM groups WHERE contact_email=?", (email,)).fetchone() if salt is None: raise ValueError("Could not find salt for email") salt = salt[0] password_hash = auth.hash_password(password, salt) database.execute("UPDATE groups SET password=:password WHERE contact_email=:email", {"password": password_hash, "email": email}) database.execute("DELETE from password_recovery WHERE token=:token", {"token": token}) database.commit() return password_hash
def update_password(options): given_email = options['email'] given_password = options['pass'] given_password = auth.hash_password(given_password) #First connect to the table client = boto3.client('rds-data') #Check that the user exists existing_user = client.execute_statement( secretArn=constants.SECRET_ARN, database=constants.DB_NAME, resourceArn=constants.ARN, sql="SELECT email FROM UserData WHERE email = '%s';" % (given_email)) if (existing_user['records'] == []): constants.ERR = "Password DNE" constants.STATUS_CODE = 404 return #Replace password in database client.execute_statement( secretArn=constants.SECRET_ARN, database=constants.DB_NAME, resourceArn=constants.ARN, sql="UPDATE UserData SET pass = '******' WHERE email = '%s';" % (given_password, given_email)) #Return success return
def register(options): #options: a list of variables given_email = options['email'] given_password = options['pass'] #HASH here given_password = auth.hash_password(given_password) #First connect to the table client = boto3.client('rds-data') #Check if the user already exist in the database and throw a 400 statuscode if they do existing_user = client.execute_statement( secretArn=constants.SECRET_ARN, database=constants.DB_NAME, resourceArn=constants.ARN, sql="SELECT email FROM UserData WHERE email = '%s'" % (given_email)) if (existing_user['records'] != []): print("user exists already") constants.ERR = "User already exists" constants.STATUS_CODE = 409 return existing_user = client.execute_statement( secretArn=constants.SECRET_ARN, database=constants.DB_NAME, resourceArn=constants.ARN, sql= "INSERT INTO UserData (email, pass, type, name) VALUES ('%s','%s','%s','%s')" % (given_email, given_password, 0, given_email)) #Return success return constants.respond(statusCode="200") #OK
def reset_password(self): # process password reset request try: token = self.request.path[2] body = self.request.body password = body['password'] reset_item = self.tables['reset'].get_item(hash_key=token) if (timestamp() - reset_item['timestamp']) > (15 * 60): self.response = Response(status=400) return email_item = self.tables['email'].get_item(hash_key=reset_item['email']) user_item = self.tables['user'].get_item(hash_key=email_item['user']) user_item['password'] = hash_password(password) user_item.put() reset_item.delete() self.response = Response(status=204) return except: exc_type, exc_value, exc_traceback = sys.exc_info() print traceback.format_exception(exc_type, exc_value, exc_traceback) self.response = Response(status=400) return
def register_manager_customer(first_name, last_name, username, password, company, street_address, city, state, zipcode, credit_cards, database): # Generate Manager row new_manager = Manager(username=username, password=None, firstname=first_name, lastname=last_name, state=state, city=city, zipcode=zipcode, street=street_address, companyname=company) new_manager.password = hash_password(password, new_manager) database.add(new_manager) database.commit() # Execute an insert onto Customer manually to avoid duplicate User creation database.execute(Customer.__table__.insert(), { "username": username, "password": new_manager.password, "firstname": first_name, "lastname": last_name}) # Insert credit cards new_credit_cards = [Creditcard( creditcardnum=cc, owner=username) for cc in credit_cards] database.add_all(new_credit_cards) database.commit() token = provision_jwt(new_manager, is_manager=True, is_customer=True, cc_count=len(credit_cards)).get_token().decode() return jsonify({"token": token})
def create(self, params): hashed_password = hash_password(params.get("password")) query = f'insert into {self.TABLENAME} ' \ f'(Name, Email, CreatedOn, password) ' \ f'values ("{params.get("Name")}","{params.get("Email")}",' \ f'"{datetime.now()}","{hashed_password}")' result = self.conn.execute(query) return self.get_by_id(result.lastrowid)
def registration(): if request.method == 'GET': return render_template('registration.html') elif request.method == 'POST': new_user_data = { 'user_name': request.form['user_name'], 'password': auth.hash_password(request.form['password'])} data_manager.add_user(new_user_data) return redirect(url_for('list'))
def register_user(first_name, last_name, username, password, database): # Add new user to the database new_user = User(username=username, password=None, firstname=first_name, lastname=last_name) new_user.password = hash_password(password, new_user) database.add(new_user) database.commit() token = provision_jwt(new_user, cc_count=0).get_token().decode() return jsonify({"token": token})
def post(self): username = self.get_argument('username', None) password = self.get_argument('password', '') password_hash = auth.hash_password(password) user = auth.maybe_get_user_by_full_creds(username, password_hash) if user is None: self.render('templates/bad-auth.html') else: self.render('templates/view-user-info.html', user=user)
def setUp(self): self.userid = generate_key() self.username = '******' self.email = '*****@*****.**' self.password = '******' self.sessionid = None self.connection = boto.dynamodb.connect_to_region('eu-west-1') try: username_item = self.connection.get_table('username').get_item( hash_key=self.username) self.connection.get_table('user').get_item( hash_key=username_item['user']).delete() username_item.delete() # XXX scan these test user tags and delete them except: pass try: self.connection.get_table('email').get_item( hash_key=self.email).delete() except: pass self.connection.get_table('user').new_item(hash_key=self.userid, attrs={ 'username': self.username, 'email': self.email, 'password': hash_password( self.password), }).put() self.connection.get_table('username').new_item(hash_key=self.username, attrs={ 'user': self.userid, }).put() self.connection.get_table('email').new_item(hash_key=self.email, attrs={ 'user': self.userid, }).put() self.sessionid = generate_key() self.connection.get_table('session').new_item(hash_key=self.sessionid, attrs={ 'user': self.userid, 'email': self.email, 'username': self.username, 'timestamp': timestamp() }).put() self.cookie = 'session_id=' + self.sessionid + ';'
def password_do(): code = request.forms.get('code') share = db.shares.find_one({'code':code}) if not share: abort(400,"That is not a valid password reset code.") user = db.users.find_one({'email':share['email']}) user['password'] = hash_password(request.forms.get('new_password')) db.users.save(user) do_login(request,user) return redirect('/')
def create_do(): eml = request.forms.get('email') pwd = request.forms.get('password') code = request.forms.get('code') name = request.forms.get('name') kwargs = {"email":eml,"password":pwd,"code":code,"name":name,"errors":[]} if not eml or '@' not in eml or not pwd: kwargs['errors'].append("Please enter a valid username and password") return template('create',**kwargs) user = db.users.find_one({'email':eml}) print user if user: kwargs['errors'].append('That email is already in use! Maybe you want to <a class="btn small" href="/login">login</a>?') return template('create',**kwargs) if not name or name.lower() == 'name': stupid = ['Jills_Mortuary--You_kill_Em_We_Chill_Em','no_fatties,please','Hey!','wonderful-bill','DataDyne-Inc.',\ 'Wonderful_Me','programmers-delight','The_Colbert_Nation','WackoMan','the-ugly-duckling'] kwargs['errors'].append("You must provide a name for your pile. Like '%s' or '%s'" % (random.choice(stupid),random.choice(stupid))) return template('create',**kwargs) valid,invalid_char = valid_chars(name) if not valid: kwargs['errors'].append("That is an invalid name. Just use letters, numbers and '_-,+'. You can't use '%s'." % invalid_char) return template('create',**kwargs) if db.piles.find_one({'name':name}): kwargs['errors'].append('Sorry, that pile name is already in use!') return template('create',**kwargs) invite = db.invites.find_one({'code':code}) if not invite: kwargs['errors'].append("That is an invalid code or has already been used. Sorry.") return template('create',**kwargs) if invite.get('remaining', 1) == 1: db.invites.remove(invite) else: invite['remaining'] -= 1 db.invites.save(invite) randid = lambda: ''.join([random.choice(string.letters + string.digits) for x in xrange(6)]) pid = randid() while db.piles.find_one({"_id":pid}): pid = randid() user = {'email':eml,'password':hash_password(pwd)} pile = {'_id':pid,'emails':[eml],'name':name,'welcome':True} db.piles.save(pile) db.users.save(user) do_login(request,user) # Let the login look up the piles because they might have more than one! return redirect('/%s' % pile['name'])
def before_insert(self, mapper, connection, instance): if instance.active: instance.active = 1 else: instance.active = 0 instance.datecreated = datetime.now() instance.datemodified = datetime.now() instance.rowstamp = uuid.uuid4() hashed = hash_password(instance.password) instance.password = hashed.split('$')[0] instance.salt = hashed.split('$')[1]
def register_manager(first_name, last_name, username, password, company, street_address, city, state, zipcode, database): # Add new manager to the database new_manager = Manager(username=username, password=None, firstname=first_name, lastname=last_name, state=state, city=city, zipcode=zipcode, street=street_address, companyname=company) new_manager.password = hash_password(password, new_manager) database.add(new_manager) database.commit() token = provision_jwt(new_manager, is_manager=True, cc_count=0).get_token().decode() return jsonify({"token": token})
def put(self, id): user = User.get_by_id(id) if user is None: abort(404) args = self.reqparse.parse_args() u = dict(filter(lambda (k, v): v is not None, args.items())) if u.get('password') is not None: u['password'] = hash_password(u['password']) update_model(user, u) user.put() return {'user': marshal(user, user_fields)}
def post(self): args = self.reqparse.parse_args() u = User.all(keys_only=True).filter('user_name', args['user_name']).get() if u: abort(409, message="User with user_name '%s' already exists" % args['user_name']) u = User(user_name=args.user_name, first_name=args.first_name, last_name=args.last_name, password=hash_password(args.password)) u.put() return {'user': marshal(u, user_fields)}
def setUp(self): self.userid = generate_key() self.username = '******' self.email = '*****@*****.**' self.password = '******' self.sessionid = None self.connection = boto.dynamodb.connect_to_region('eu-west-1') try: username_item = self.connection.get_table('username').get_item(hash_key=self.username) self.connection.get_table('user').get_item(hash_key=username_item['user']).delete() username_item.delete() # XXX scan these test user tags and delete them except: pass try: self.connection.get_table('email').get_item(hash_key=self.email).delete() except: pass self.connection.get_table('user').new_item( hash_key=self.userid, attrs={ 'username': self.username, 'email': self.email, 'password': hash_password(self.password), } ).put() self.connection.get_table('username').new_item( hash_key=self.username, attrs={ 'user': self.userid, } ).put() self.connection.get_table('email').new_item( hash_key=self.email, attrs={ 'user': self.userid, } ).put() self.sessionid = generate_key() self.connection.get_table('session').new_item( hash_key=self.sessionid, attrs={ 'user': self.userid, 'email': self.email, 'username': self.username, 'timestamp': timestamp() } ).put() self.cookie = 'session_id=' + self.sessionid + ';'
def post(self): username = self.get_argument('username', None) password = self.get_argument('password', '') otp = self.get_argument('otp', None) password_hash = auth.hash_password(password) session_id = auth.maybe_authorize_user(username, password_hash, otp) if session_id is None: self.render('templates/bad-auth.html') else: logger.info('User {} logged in, session_id = {}', username, session_id) self.set_cookie('session_id', session_id) self.redirect('/')
def register_customer(first_name, last_name, username, password, credit_cards, database): # Add new customer to the database new_customer = Customer(username=username, password=None, firstname=first_name, lastname=last_name) new_customer.password = hash_password(password, new_customer) new_credit_cards = [Creditcard( creditcardnum=cc, owner=username) for cc in credit_cards] database.add_all([new_customer] + new_credit_cards) database.commit() token = provision_jwt(new_customer, is_customer=True, cc_count=len(credit_cards)).get_token().decode() return jsonify({"token": token})
def create_user(form): cur = db.singleton() form['auth_level'] = int(form['auth_level']) if not 'password' in form: form['password'] = '' form['password'] = auth.hash_password(form['password']) id = -1 error = None try: id = db.query(cur, '''INSERT INTO ''' + config.DATABASE_SCHEMA + '''.users( fullname, username, networkid, pager, email, cellphone, deskphone, auth_level, password) VALUES (%(fullname)s, %(username)s, %(networkid)s, %(pager)s, %(email)s, %(cellphone)s, %(deskphone)s, %(auth_level)s, %(password)s) RETURNING id''', form, True) except psycopg2.IntegrityError, e: error = e.message
def do_put(self): try: if self.session: body = self.request.body if not 'password' in body: # malformed payload self.response = Response(status=400) return user = self.tables['user'].get_item(hash_key=self.session['user']) user['password'] = hash_password(body['password']) self.response = Response(status=204) return else: self.response = Response(status=401) return except: self.response = Response(status=400) return
def insert_new_cleaner(data): if not ('phonenumber' in data and data['password']): raise Exception('new cleaner data must include phonenumber and password') if db.cleaners.find_one({"phonenumber": data["phonenumber"]}): raise Exception("cleaner with phonenumber {0} already exists".format(data["phonenumber"])) salt = auth.generate_salt() hashed_pwd = auth.hash_password(data["password"], salt) ret = db.cleaners.insert({ "name": data["name"], "phonenumber": data['phonenumber'], "salt": salt, "hashed_pwd": hashed_pwd, }) return ret
def create_user(form): cur = db.singleton() form['auth_level'] = int(form['auth_level']) if not 'password' in form: form['password'] = '' form['password'] = auth.hash_password(form['password']) id = -1 error = None try: id = db.query( cur, '''INSERT INTO ''' + config.DATABASE_SCHEMA + '''.users( fullname, username, networkid, pager, email, cellphone, deskphone, auth_level, password) VALUES (%(fullname)s, %(username)s, %(networkid)s, %(pager)s, %(email)s, %(cellphone)s, %(deskphone)s, %(auth_level)s, %(password)s) RETURNING id''', form, True) except psycopg2.IntegrityError, e: error = e.message
def login(): data = request.get_json() if 'email' not in data or 'password' not in data: abort(400, "Missing credentials") data['password'] = auth.hash_password(data['password'], data['email']) res, perms = db.login(data) jwt = auth.jwt.make_jwt(res[0]) resp = { 'firstName': res[1], 'lastName': res[2], 'auth': jwt, 'permissions': perms, } return jsonify(resp)
def register_new_user(login, password, name, data): # 1 - Проверить, нет ли пользователя с таким же логином # 2 - Родить рандомную соль (10 байт) # 3 - Захешировать пароль с применением рандомной соли # 4 - Начать транзакцию # 5 - Сохранить запись пользователя и получить ID # 6 - Сохранить записи users_kv_data из массива data # 7 - Закоммитить транзакцию # 8 - Вернуть (True, None) if database.count_users_by_login(login) > 0: return False, 'Login already exists' else: salt = auth.generate_r_salt() pass_h = auth.hash_password(password, salt) if database.add_user_with_data(login, pass_h, salt, name, data): return True, None else: return False, 'Internal error'
def POST_reset_password(): try: data = json.loads(request.data) cleaner = model.get_cleaner(phonenumber=data["phonenumber"]) if not (cleaner and 'reset_code' in cleaner): raise Exception(str("Something went wrong")) if not ((data['reset_code'] == cleaner["reset_code"]) and (datetime.now() < cleaner['reset_code_expires'])): raise Exception(str("Invalid password reset code")) # if they made it this far all is good new_hashed_pwd = auth.hash_password(data["password"], cleaner["salt"]) model.update_cleaner(cleaner["_id"], {"hashed_pwd": new_hashed_pwd}) cleaner_data = model.public_cleaner(cleaner) auth.login(cleaner_data) return respond200() except Exception as e: return respond500(e)
def request_new_account(self): # request creation of new user account try: body = self.request.body try: email_item = self.tables['email'].get_item(hash_key=body['email']) except: email_item = None try: username_item = self.tables['username'].get_item(hash_key=body['username']) except: username_item = None if email_item or username_item: # such a user already exists self.response = Response(status=400, body='Username and/or email already registered') return attrs = { 'email': body['email'], 'username': body['username'], 'password': hash_password(body['password']), 'timestamp': timestamp(), } token = generate_key() activation_item = self.tables['activation'].new_item(hash_key=token, attrs=attrs) activation_item.put() # send email with activation token to given address conn = boto.ses.connect_to_region('us-east-1') msg_subject = 'XXX Service Name Here new user account creation requested' msg_body = '' \ 'You requested that we create a new XXX Service Name Here user account for you. ' \ 'To activate your account, please click the following link, or copy and paste it to your web browser:\n\n' \ 'http://xxxservicedomain/user/activation/%s\n\n' \ 'The link is valid until XXXX-XX-XX XX:XX:XX\n\n' \ '\tYours, &c.\n\tXXX Service Name Here' % token conn.send_email('*****@*****.**', msg_subject, msg_body, [body['email']]) self.response = Response(status=204) return except: exc_type, exc_value, exc_traceback = sys.exc_info() print traceback.format_exception(exc_type, exc_value, exc_traceback) self.response = Response(status=400) return
def login_do(): if not request.forms.get('email') or not request.forms.get('password'): return template('login',email=request.forms['email'],errors=['No username or password']) hashed_pwd = hash_password(request.forms['password']) email = request.forms['email'].lower() user_ent = db.users.find_one({"email":email,"password":hashed_pwd}) if not user_ent: return template('login',email=request.forms['email'],errors=['Bad email or password']) piles = list(db.piles.find({'emails':email})) do_login(request,user_ent,piles) print piles if piles: return redirect('/'+piles[0]['name']) else: return redirect('/broke')
def init_db(Meal, Plan, User): db.create_all() user = User.query.filter_by(email='*****@*****.**').first() if not user: user = User( alt_id=generate_alt_id(size=64), alias='dummy', email='*****@*****.**', password=hash_password('password'), ) plan = Plan(name='dummy plan', users=[user]) meal = Meal( name='dummy meal', created_date=datetime.datetime.utcnow(), planned_date=to_date_int(datetime.date.today()), plan=plan, ) db.session.add(user) db.session.add(meal) db.session.commit()
def mk_organization(): if request.method == 'POST': # add organization org = organizations.Organizations() org.load(name=request.json.get('name'), domain=request.json.get('domain')) if org.dump(): return Response(json.dumps( dict(error='cannot create organization')), status=400, mimetype='application/json') if not check_fields(): return Response(json.dumps( dict(error='fields not correct: {0}'.format(','.join( error_fields)))), status=400, mimetype='application/json') try: for k, v in request.json.items(): org.set(k, v) org.set('enabled', False) org.set('api_key', uuid.uuid4()) org.set('password', auth.hash_password(request.json.get('password'))) org.insert() org.load(name=request.json.get('name')) return Response(json.dumps( dict(success='organization created', api_key=str(org.get('api_key')))), status=200, mimetype='application/json') except Exception, e: print str(e) return Response(json.dumps( dict(error='cannot create organization')), status=500, mimetypr='applicate/json')
def resetPassword(): data = request.get_json() missing = [] if 'email' not in data: missing.append('email') if 'newPassword' not in data: missing.append('newPassword') if 'token' not in data: missing.append('token') if len(missing) > 0: message = 'Incorrect request, missing ' + str(missing) abort(400, message) user_id = db.checkPasswordToken(data['email'], data['token']) db.updatePassword(user_id, auth.hash_password(data['newPassword'], data['email']), data['email']) return jsonify('Success')
def create_group(name, password, contact): if not name or not password or not contact: raise ValueError('Must have at least 1 character in all fields') contact = trimstring(contact) #Verify Email Address match = re.match(r'^.+@.+\..+$', contact) if match is None: raise ValueError('Malformed email address') database = sqlite3.connect('database.sqlite3') trim_group = trimstring(name) group_count = database.execute( "SELECT count() FROM groups WHERE lower(name)=:groupname", { "groupname": trim_group }).fetchone()[0] if group_count > 0: raise ValueError('Groupname already exists') salt = auth.generate_random() hashed_password = auth.hash_password(password, salt) try: database.execute( ('INSERT INTO groups(name, password, salt, contact_email)' ' values(:name, :password, :salt, :contact)'), { "name": name, "password": hashed_password, "salt": salt, "contact": contact }) database.commit() except sqlite3.IntegrityError: raise ValueError( "Could not create group. Contact Skvaderonen for support. %s") return True
def set_password(self, password): user = system.users.first(loginid=self.username, status='A') if user: self.set_hashed_password(hash_password(password))
def create(username, password): user = User(username=username, password=auth.hash_password(password)) db.session.add(user) db.session.commit() return user
app = Flask(__name__) api = Api(app) api.add_resource(UserListApi, '/api/v1.0/users', endpoint='users') api.add_resource(UserApi, '/api/v1.0/users/<int:id>', endpoint='user') api.add_resource(BeerReviewUserApi, '/api/v1.0/users/<int:id>/reviews', endpoint='user_reviews') api.add_resource(BeerGlassListApi, '/api/v1.0/beer_glasses', endpoint='beer_glasses') api.add_resource(BeerGlassApi, '/api/v1.0/beer_glasses/<int:id>', endpoint='beer_glass') api.add_resource(BeerListApi, '/api/v1.0/beers', endpoint='beers') api.add_resource(BeerApi, '/api/v1.0/beers/<int:id>', endpoint='beer') api.add_resource(BeerReviewBeerApi, '/api/v1.0/beers/<int:id>/reviews', endpoint='beer_reviews') api.add_resource(BeerReviewListApi, '/api/v1.0/beer_reviews', endpoint='reviews') api.add_resource(BeerReviewApi, '/api/v1.0/beer_reviews/<int:id>', endpoint='review') api.add_resource(FavoritesUserApi, '/api/v1.0/users/<int:id>/favorites', endpoint='user_favorites') api.add_resource(FavoritesBeerApi, '/api/v1.0/beers/<int:id>/favorites', endpoint='beer_favorites') api.add_resource(FavoritesListApi, '/api/v1.0/favorites', endpoint='favorites') api.add_resource(FavoritesApi, '/api/v1.0/favorites/<int:id>', endpoint='favorite') # Create initial user if the user does not exist u = User.all().get() if u is None: u = User(user_name='admin', first_name='Admin', last_name='Admin', password=hash_password('beer_app1')) u.put() if __name__ == '__main__': app.run(debug = True)
def test_02_equality(self, client): hash = auth.hash_password("test") assert auth.verify_password(hash, "test")
def test_01_len(self, client): assert len(auth.hash_password("test")) == 152
'/api/v1.0/beers/<int:id>/reviews', endpoint='beer_reviews') api.add_resource(BeerReviewListApi, '/api/v1.0/beer_reviews', endpoint='reviews') api.add_resource(BeerReviewApi, '/api/v1.0/beer_reviews/<int:id>', endpoint='review') api.add_resource(FavoritesUserApi, '/api/v1.0/users/<int:id>/favorites', endpoint='user_favorites') api.add_resource(FavoritesBeerApi, '/api/v1.0/beers/<int:id>/favorites', endpoint='beer_favorites') api.add_resource(FavoritesListApi, '/api/v1.0/favorites', endpoint='favorites') api.add_resource(FavoritesApi, '/api/v1.0/favorites/<int:id>', endpoint='favorite') # Create initial user if the user does not exist u = User.all().get() if u is None: u = User(user_name='admin', first_name='Admin', last_name='Admin', password=hash_password('beer_app1')) u.put() if __name__ == '__main__': app.run(debug=True)