def test_hashed_password(self, user='******'):
old_password = '******'
new_password = '******'
update_password(user, new_password)
auth = frappe.db.sql('''select `password` from `__Auth`
where doctype='User' and name=%s and fieldname="password"''',
user,
as_dict=True)[0]
# is not plain text
self.assertTrue(auth.password != new_password)
# is valid hashing
self.assertTrue(passlibctx.verify(new_password, auth.password))
self.assertTrue(check_password(user, new_password))
# revert back to old
update_password(user, old_password)
self.assertTrue(check_password(user, old_password))
# shouldn't work with old password
self.assertRaises(frappe.AuthenticationError, check_password, user,
new_password)
def validate_params():
data = json.loads(frappe.request.data)
email = data['email']
#badge_id = data['badge_id']
pwd = data.get('pwd')
otp = data.get('otp')
#check_badge_id = frappe.db.sql("""select name, user_type, badge_id, first_name, last_name, email from `tabDell User` where `badge_id`=%(badge_id)s and first_login='******'""",{'badge_id': badge_id]})
#if check_badge_id:
# return {'badge id has been already registered'}
user = frappe.db.get_value("User", filters={"email": data["email"]})
if not user:
return 'no email id'
dell_user = frappe.db.get_value("Dell User",
filters={"email": data["email"]})
dell_user = frappe.get_doc('Dell User', dell_user)
from frappe.utils.password import update_password, check_password, passlibctx
#auth = frappe.db.sql(f"""select `name`, `password` from `__Auth` where `doctype`='User' and `name`={email}""", as_dict=True)
auth = frappe.db.sql(
"""select `name`, `password` from `__Auth` where `doctype`='User' and `name`=%(email)s""",
{'email': email},
as_dict=True)
if otp:
if not passlibctx.verify(otp, auth[0].password):
return {'wrong otp'}
return [{'first name': dell_user.first_name, 'email': dell_user.email}]
if pwd:
if not passlibctx.verify(pwd, auth[0].password):
return {'wrong password'}
return [{'first name': dell_user.first_name, 'email': dell_user.email}]
def verify_otp(medium="sms",
medium_id=None,
otp=None,
login_to_user=False,
purpose="login"):
"""
Verify the OTP against the previously generated OTP.
:param medium: 'email' or 'sms'
:param medium_id: The actual email/mobile_no
:param otp: User input
:param login_to_user: Check this flag to login to the associated user
:param purpose: If purpose was specified while calling generate_otp, it is mandatory to use the same here
"""
if medium not in ("sms", "email"):
frappe.throw("medium can only be 'sms' or 'email'")
if not medium_id:
frappe.throw(f"medium_id is mandatory")
def http_response(out):
r = frappe._dict(status=out, medium=medium_id)
return r
user = None
if login_to_user:
user = get_linked_user(id_type=medium, id=medium_id)
if not user:
return http_response("no_linked_user")
redis_key = get_otp_redis_key(medium, medium_id, purpose)
hashed_otp = frappe.safe_decode(frappe.cache().get_value(redis_key,
expires=True))
if not hashed_otp:
return http_response("no_otp_for_mobile")
if not passlibctx.verify(otp, hashed_otp):
return http_response("invalid_otp")
if login_to_user == 1:
l = LoginManager()
l.login_as(user)
l.resume = False
l.run_trigger('on_session_creation')
return http_response("verified")
def test_hashed_password(self, user='******'): old_password = '******' new_password = '******' update_password(user, new_password) auth = get_password_list(dict(doctype='User', name=user))[0] # is not plain text self.assertTrue(auth.password != new_password) # is valid hashing self.assertTrue(passlibctx.verify(new_password, auth.password)) self.assertTrue(check_password(user, new_password)) # revert back to old update_password(user, old_password) self.assertTrue(check_password(user, old_password)) # shouldn't work with old password self.assertRaises(frappe.AuthenticationError, check_password, user, new_password)
def test_hashed_password(self, user='******'):
old_password = '******'
new_password = '******'
update_password(user, new_password)
auth = frappe.db.sql('''select `password` from `__Auth`
where doctype='User' and name=%s and fieldname="password"''', user, as_dict=True)[0]
# is not plain text
self.assertTrue(auth.password != new_password)
# is valid hashing
self.assertTrue(passlibctx.verify(new_password, auth.password))
self.assertTrue(check_password(user, new_password))
# revert back to old
update_password(user, old_password)
self.assertTrue(check_password(user, old_password))
# shouldn't work with old password
self.assertRaises(frappe.AuthenticationError, check_password, user, new_password)
