def login(request: _Parsed): json = request.json get = json.get user = get("user", "").strip().lower() password = get("password", "") invalids = [] if not user: invalids.append("username") if not password: invalids.append("password") if invalids: raise AppException(f"Invalid {' and '.join(invalids)}", code=401) user_data = get_user_by_id(user) password_hash = user_data.password_hash if not check_password_hash(password_hash, password): raise AppException("Incorrect Password", code=401) username = user_data.user access_token = create_token(issue_access_token(username)) refresh_token = create_token(issue_refresh_token(username, password_hash)) return json_response( {"data": { "success": True, "user_data": user_data.as_json }}, headers={ "x-access-token": access_token, "x-refresh-token": refresh_token }, )
def _is_same_value(self, key: str, val) -> bool: if hasattr(self, key): previous_value = super().__getattribute__(key) return ( (previous_value and check_password_hash(previous_value, val)) if key == "password_hash" else previous_value == val )
def verify_password(token: str, new_password: str): token = decode_token(token) assert_token_is_valid(token) user = token["u"] user_data = get_user_by_id(user) if not check_password_hash(token["ch"], user_data.user + user_data.password_hash): raise AppException("Password already changed!") user_data.password_hash = new_password save_to_db()
def reset_password(request: _Parsed, creds=CredManager): user = creds.user js = request.json current_password = js["current_password"] new_password = js["new_password"] u_data = get_user_by_id(user) hashed_pw = u_data.password_hash if not check_password_hash(hashed_pw, current_password): raise AppException("Incorrect Password", 401) u_data.password_hash = new_password save_to_db() return { "user_data": u_data.as_json, "message": "Please do not close the window while CollegeWarden re encrypts your files with the new password", }