def decrypt_topic(self, topic_id, user_key, get_notes=True):
if get_notes:
notes = self.db_query(
'''
SELECT note_id
FROM Note
INNER JOIN Topic ON Topic.topic_id = Note.topic_id
WHERE Note.topic_id=?;
''', [topic_id], False)
note_ids = [note[0] for note in notes]
else:
note_ids = []
encrypted_topic_name, date_created = self.db_query(
'''
SELECT encrypted_topic_name, date_created
FROM Topic
WHERE topic_id=?;
''', [topic_id], False)[0]
topic_name = CryptoAES.decrypt(b64decode(encrypted_topic_name),
user_key).decode()
return {
'topic_id': topic_id,
'topic_name': topic_name,
'date_created': date_created,
'notes': note_ids
}
def get_user_key():
user_id = session['user_id']
master_key = session['master_key']
encrypted_user_key = account_db.get_encrypted_user_key(user_id)
decrypted_user_key = CryptoAES.decrypt(encrypted_user_key, master_key)
return decrypted_user_key
def modify_note_content(self, topic_id, note_id, note_content, user_key):
encrypted_content = b64encode(
CryptoAES.encrypt(note_content.encode(), user_key)).decode()
self.db_update(
'''
UPDATE Note SET
encrypted_content=?
WHERE topic_id=? AND note_id=?;
''', [encrypted_content, topic_id, note_id])
def modify_note_title(self, topic_id, note_id, note_title, user_key):
encrypted_title = b64encode(
CryptoAES.encrypt(note_title.encode(), user_key)).decode()
self.db_update(
'''
UPDATE Note SET
encrypted_title=?
WHERE topic_id=? AND note_id=?;
''', [encrypted_title, topic_id, note_id])
def add_note(self, topic_id, user_key, note_title, content, time_stamp):
date_created = time_stamp
encrypted_content = b64encode(
CryptoAES.encrypt(content.encode(), user_key)).decode()
encrypted_title = b64encode(
CryptoAES.encrypt(note_title.encode(), user_key)).decode()
note_id = sha256(topic_id.encode() + str(time()).encode() +
urandom(16)).digest().hex()
self.db_update(
'''
INSERT INTO Note(topic_id, note_id, date_created, encrypted_title, encrypted_content)
VALUES(?, ?, ?, ?, ?);
''', [
topic_id, note_id, date_created, encrypted_title,
encrypted_content
])
return note_id, date_created
def modify_topic(self, topic_id, user_key, modified_topic_name):
encrypted_topic_name = b64encode(
CryptoAES.encrypt(modified_topic_name.encode(),
user_key)).decode()
self.db_update(
'''
UPDATE Topic SET
encrypted_topic_name=?
WHERE topic_id=?;
''', [encrypted_topic_name, topic_id])
def update_password(self, user_id, old_password, new_password):
hashed_password = self.hash_password(new_password)
old_master_key = self.generate_master_key(user_id, old_password)
new_master_key = self.generate_master_key(user_id, new_password)
old_encrypted_key = self.get_encrypted_user_key(user_id)
user_key = CryptoAES.decrypt(old_encrypted_key, old_master_key)
new_encrypted_key = b64encode(
CryptoAES.encrypt(user_key, new_master_key)).decode()
self.db_update(
'''
UPDATE Account SET
password=?,
encrypted_key=?
WHERE user_id=?;
''', [hashed_password, new_encrypted_key, user_id])
return new_master_key
def decrypt_note(self, note_id, user_key, get_content=True):
if get_content:
encrypted_title, encrypted_content, date_created = self.db_query(
'''
SELECT encrypted_title, encrypted_content, date_created
FROM Note
WHERE note_id=?;
''', [note_id], False)[0]
title = CryptoAES.decrypt(b64decode(encrypted_title),
user_key).decode()
date_created = datetime.fromtimestamp(date_created).strftime(
'%b %d, %Y')
content = CryptoAES.decrypt(b64decode(encrypted_content),
user_key).decode()
return {
'note_id': note_id,
'note_title': title,
'note_content': content,
'date_created': date_created
}
else:
encrypted_title, date_created = self.db_query(
'''
SELECT encrypted_title, date_created
FROM Note
WHERE note_id=?;
''', [note_id], False)[0]
title = CryptoAES.decrypt(b64decode(encrypted_title),
user_key).decode()
date_created = datetime.fromtimestamp(date_created).strftime(
'%b %d, %Y')
return {
'note_id': note_id,
'note_title': title,
'date_created': date_created
}
def add_topic(self, user_id, user_key, topic_name, time_stamp):
topic_id = sha256(user_id.encode() + str(time()).encode() +
urandom(16)).digest().hex()
encrypted_topic_name = b64encode(
CryptoAES.encrypt(topic_name.encode(), user_key)).decode()
self.db_update(
'''
INSERT INTO Topic(user_id, topic_id, encrypted_topic_name, date_created)
VALUES(?, ?, ?, ?);
''', [user_id, topic_id, encrypted_topic_name, time_stamp])
return topic_id, time_stamp
def add_topic(self, user_id, user_key, topic_name):
data_created = time()
topic_id = sha256(user_id.encode() + str(time()).encode() +
urandom(16)).digest().hex()
encrypted_topic_name = b64encode(
CryptoAES.encrypt(topic_name.encode(), user_key)).decode()
self.db_update(
'''
INSERT INTO Topic(user_id, topic_id, encrypted_topic_name, date_created)
VALUES(?, ?, ?, ?);
''', [user_id, topic_id, encrypted_topic_name, data_created])
return topic_id, datetime.fromtimestamp(data_created).strftime(
'%b %d, %Y')
def register(self, username, password):
time_created = time()
username = username.lower()
hashed_password = self.hash_password(password)
user_id = self.generate_user_id(username, password)
user_key = self.generate_user_key(username, password)
master_key = self.generate_master_key(user_id, password, time_created)
encrypted_key = b64encode(CryptoAES.encrypt(user_key,
master_key)).decode()
self.db_update(
'''
INSERT INTO Account(user_id, encrypted_key, username, password, access_level)
VALUES(?, ?, ?, ?, ?);
''', [
user_id, encrypted_key, username, hashed_password,
PermissionConst.ROOT.value
if self.is_firstuser else PermissionConst.NONE.value
])
self.db_update(
'''
INSERT INTO Status(last_online, time_created, stat_id)
VALUES(?, ?, ?);
''', [time_created, time_created, user_id])
self.db_update(
'''
INSERT INTO Attempt(last_attempt, ampt_id)
VALUES(?, ?);
''', [time_created, user_id])
self.db_update(
'''
INSERT INTO Lock(lock_id)
VALUES(?);
''', [user_id])