Exemple #1
0
def changePass():
    token = request.form['token']
    token = verify_token(token)
    old_Password = request.form['old_password']
    new_Password = request.form['new_password']
    email = database_helper.get_email(token)
    email = email[0]

    print email
    curr_pw = database_helper.get_password(email)
    curr_pw = curr_pw[0]
    print curr_pw

    if len(new_Password) < 7:
        return jsonify(success=False, message="Too short password")

    if not email:
        return jsonify(success=False, message="Invalid token")

    #pw_hash = database_helper.get_password(email)
    if (bcrypt.check_password_hash(curr_pw, old_Password)):
    #if curr_pw == old_Password:
        new_pw_hash = bcrypt.generate_password_hash(new_Password)
        database_helper.set_password(email, new_pw_hash)
        return jsonify(success=True, message="Password changed successfully")
    else:
        return jsonify(success=False, message="Wrong password")
Exemple #2
0
def sign_in():
    if request.method == 'POST':
        email = request.form['email']
        password = request.form['password']
        db_password = database_helper.get_password(email)
        if db_password == False:
            return json.dumps({'success': False, 'message': "Wrong email!"})
        hashed_password = hashlib.sha256(password).hexdigest()
        token = uuid.uuid4().hex
        for user in connection:
            #print(user[1] + email)
            if user[1] == email:
                user[0].send('Signout')
        if hashed_password == db_password:
            if database_helper.add_token(email, token):
                return json.dumps({
                    'success': True,
                    'message': "Login successful!",
                    'token': token
                })
        else:
            return json.dumps({
                'success': False,
                'message': '''Wrong password'''
            })
Exemple #3
0
def change_password():
	token = request.form["token"]
	old_password = request.form["old_password"]
	new_password = request.form["new_password"]
	
	# Check if online
	if database_helper.is_user_online(token) != True:
		return jsonify(success = False, message = "You are not logged in")
	
	# get email from token
	email = database_helper.get_email_from_token(token)
	
	if email is None:
		return jsonify(success = False, message = "Can't find email matching token")
	
	# get and compare current password
	password = database_helper.get_password(email[0])
	if password is None:
		return jsonify(success = False, message = "Can't find password matching email")
	
	if password[0] != old_password:
		return jsonify(success = False, message = "Wrong password entered")
		
	# set new password
	database_helper.set_password(email[0], new_password)
	
	return jsonify(success = True, message = "Password successfully updated")
Exemple #4
0
def change_password():
    token = request.form["token"]
    old_password = request.form["old_password"]
    new_password = request.form["new_password"]

    # Check if online
    if database_helper.is_user_online(token) != True:
        return jsonify(success=False, message="You are not logged in")

    # get email from token
    email = database_helper.get_email_from_token(token)

    if email is None:
        return jsonify(success=False,
                       message="Can't find email matching token")

    # get and compare current password
    password = database_helper.get_password(email[0])
    if password is None:
        return jsonify(success=False,
                       message="Can't find password matching email")

    if password[0] != old_password:
        return jsonify(success=False, message="Wrong password entered")

    # set new password
    database_helper.set_password(email[0], new_password)

    return jsonify(success=True, message="Password successfully updated")
Exemple #5
0
def change_password(token, old_password, new_password):
    
    user = database_helper.user_signedin(token)
    if user is None:
        return json.dumps({"success": False, "message": "You are not logged in."})

    if database_helper.get_password(user[0]) != hashlib.sha512(old_password.encode('utf-8')).hexdigest():
        return json.dumps({"success": False, "message": "Wrong password."})

    database_helper.update_password(user[0], hashlib.sha512(new_password.encode('utf-8')).hexdigest())
    return json.dumps({"success": True, "message": "Password changed."})
Exemple #6
0
def change_password():
	email=dh.get_email_by_token(request.args.get("token"))
	old=request.args.get("old_password")
	new=request.args.get("new_password")
	if request.method == 'POST':
		if dh.is_user_logged_in_email(email)==True:
			if dh.get_password(email)==old:
				dh.update_pass(email,new)
				return json.dumps([{'success': True, 'message': "Password changed"}])
			return json.dumps([{'success': False, 'message': "Wrong password"}])
		return json.dumps([{'success': False, 'message': "User not signed in"}])
Exemple #7
0
def signin():
    email = request.form["email"]
    password = request.form["password"]
    data = database_helper.get_password(email)
    if data is None:
        return json.dumps({
            'success': False,
            'message': 'The email or password is incorrect'
        })

    if not bcrypt.check_password_hash(data, password):
        return json.dumps({
            'success': False,
            'message': 'The email or password is incorrect'
        })

    token = database_helper.get_token(email)
    if token is not None:
        database_helper.remove_token(token)
        if (token in wslist):
            try:
                wslist[token].send(
                    json.dumps({
                        'messageType': 'logout',
                        'message': "You just got logged out!"
                    }))
            except WebSocketError:
                pass
            wslist[token].close()
            wslist.pop(token)

    token = os.urandom(32)
    token = base64.b64encode(token).decode('utf-8)')
    database_helper.insert_token(email, token)
    # When someone logs in, we send a message to all logged in users to update their 'logged in users' count
    for user in wslist:
        send_message(
            wslist[user],
            json.dumps({
                'messageType':
                'loggedInStats',
                'message': [
                    database_helper.getLoggedInUsersCount(),
                    database_helper.getAllUserCount()
                ]
            }))
    return json.dumps({
        'success': True,
        'message': 'Successfully logged in',
        'data': token
    })
Exemple #8
0
def sign_in():
	email=request.args.get("email")
	password=request.args.get("password")
	if request.method == 'POST':
		if dh.is_user(email)==False:
			return json.dumps([{'success': False, 'message': "No user with specifyed email"}])
		if dh.is_user_logged_in_email(email)==True:
			return json.dumps([{'success': False, 'message': "User already signed in"}])
		cpass=dh.get_password(email)
		if cpass==password:
			token=gen_tok()
			dh.signin_user(email,token)
			return json.dumps([{'success': True, 'message': "User successfully singed in!",'token': token}])
		return json.dumps([{'success': False, 'message': "Wrong password"}]) 
Exemple #9
0
def change_password():
    token = request.form['token']
    old_password = request.form['oldpassword']
    new_password = request.form['newpassword']
    email = database_helper.get_email_by_token(token)
    # Check if the user exists:
    
    if (email is not None):
        password = database_helper.get_password(email[0])
        # Check if the passwords match
        if (password[0] == old_password):
            database_helper.set_password(email[0], new_password)
            return jsonify(success = True, message = "Password changed.")
        else:
            return jsonify(success = False, message = "Wrong password.")
    else:
        return jsonify(success = False, message = "You are not logged in.")
Exemple #10
0
def sign_in():
    if request.method == 'POST' :
        username=request.form['username']
        if database_helper.check_user_exists_email(username):
            if database_helper.get_password(username) == request.form['password'] :
                #Check that there is no token already stored
                new_token = secrets.token_hex(16) 
                database_helper.save_token(username,new_token)
                answer = {"success" : "True", "message" : "Sucessfully signed in !" , "data": new_token }
                return answer, 200
            else :
                answer = {"success" : "False", "message" : "Wrong username or password" , "data": "" }
                return json.dumps(answer), 200
        else:
            answer = {"success" : "False", "message" : "Wrong username or password" , "data": "" }
            return json.dumps(answer), 200
    else:
        abort(404)
Exemple #11
0
def change_password():
    if request.method == 'POST' :
        token = request.form['token']
        oldpwd = request.form['oldPassword']
        newpwd = request.form['newPassword']
        
        if database_helper.get_password(database_helper.get_username_from_token(token))==oldpwd:
            if len(newpwd) >=10 :
                database_helper.change_password(token,newpwd)
                answer = {"success" : "True", "message" : "Sucessfully changed password !" , "data": "" }
                return json.dumps(answer), 200
            else: 
                answer = {"success" : "False", "message" : "New password is too short" , "data": "" }
                return json.dumps(answer), 200
        else:
            answer = {"success" : "False", "message" : "Old passwords don't match" , "data": "" }
            return json.dumps(answer), 200
    else:
        abort(404)
Exemple #12
0
def change_password():
    if request.method == 'POST':
        token = request.form['token']
        old_password = request.form['old_password']
        new_password = request.form['new_password']
        email = database_helper.get_email(token)
        if email == False:
            return json.dumps({'success': False, 'message': "Invalid token"})
        if len(new_password) < 7:
            return json.dumps({
                'success': False,
                'message': '''Password is too short'''
            })
        db_current_hashed_password = database_helper.get_password(email)
        hashed_old_password = hashlib.sha256(old_password).hexdigest()
        if hashed_old_password == db_current_hashed_password:
            hashed_new_password = hashlib.sha256(new_password).hexdigest()
            database_helper.change_password(email, hashed_new_password)
            return json.dumps({'success': True, 'message': "Password changed"})
        return json.dumps({'success': False, 'message': "Wrong password"})
Exemple #13
0
def changePass():
    token = request.form['token']
    old_Password = request.form['old_password']
    new_Password = request.form['new_password']
    email = database_helper.get_email(token)
    email = email[0]

    print email
    curr_pw = database_helper.get_password(email)
    curr_pw = curr_pw[0]
    print curr_pw

    if len(new_Password) < 7:
        return jsonify(success=False, message="Too short password")

    if not email:
        return jsonify(success=False, message="Invalid token")

    if curr_pw == old_Password:
        database_helper.set_password(email, new_Password)
        return jsonify(sucess=True, message="Password changed successfully")
    else:
        return jsonify(sucess=False, message="Wrong password")
Exemple #14
0
def change_password():
    oldPassword = request.form["oldpass"]
    newPassword = request.form["newpass"]
    time_stamp = request.form["time"]
    email = request.form["email"]
    blob = oldPassword + newPassword + email
    if check_hash(blob, email, request.form["hash"], time_stamp):
        return json.dumps({
            'success':
            False,
            'message':
            'You are trying to hack a user. You should be ashamed of yourself!'
        })

    if len(newPassword) < 8:
        return json.dumps({
            'success': False,
            'message': 'The password is too short'
        })

    token = database_helper.get_token(email)
    if token is None:
        return json.dumps({
            'success': False,
            'message': 'User is not logged in'
        })
    else:
        if bcrypt.check_password_hash(database_helper.get_password(email),
                                      oldPassword):
            database_helper.change_password(
                email, bcrypt.generate_password_hash(newPassword))
            return json.dumps({
                'success': True,
                'message': 'Password was changed successfully'
            })
        else:
            return json.dumps({'success': False, 'message': 'Wrong password'})
Exemple #15
0
def signIn():
    email = request.form['email']
    password = request.form['password']
    # Check valid user
    usrpw= database_helper.get_password(email)
    pw_hash = usrpw[0]
    #print "pw: hash ", pw_hash
    if email in session:
        session[email].send("signout")
        #del session[email]
        #database_helper.signOutbyEmail(email)
    if bcrypt.check_password_hash(pw_hash, password):
        token = ''.join(random.choice(string.lowercase) for i in range(35))
        print "Token i sign in: ", token
        curruser = database_helper.get_loggedInUsers(email)
        print "curruser: "******"User successfully signed in", data=token)
    else:
        return jsonify(success=False, message="Wrong password or email")
Exemple #16
0
def verify_password(email, password):
    hash = hash_pwd(password)
    if hash == database_helper.get_password(email):
        return True
    else:
        return False
Exemple #17
0
def get_password(email):
    return database_helper.get_password(email)