def edit_user_password(username): # Updates password of a user on non PubCookie setups. message = None errors = [] if session['user_auth_level'] >= 10000 or session['user_username'] == username: # administrator access log_access('users/password') if request.method == 'POST': log_access('users/password', 'posted form') user_id = request.form['user_id'] current_pw = request.form['cur_password'] if 'cur_password' in request.form else '' new_pw = request.form['new_password'] again_pw = request.form['again_password'] user = model.get_user(user_id) current_hash_pw = auth.hash_password(current_pw) if session['user_auth_level'] >= 10000 and session['user_id'] != user_id: current_hash_pw = user['password'] if not user['password'] == current_hash_pw: errors.append("Current Password is incorrect") elif new_pw == '': errors.append("New password is empty") elif not new_pw == again_pw: errors.append("Passwords don't match") else: model.set_password(user_id, auth.hash_password(new_pw)) message = "Saved." form=model.get_user_by_username(username) return render_template('user_edit_password.html', form=form, errors=errors, message=message) else: log_access('users/password', 'access_denied changing password for: ' + username) return redirect(url_for('access_denied'))
def POST(self): user_id = web.input().user_id pwd = web.input().pwd ident = model.get_user(user_id) ''' try: if hashlib.sha1("sAlT754-"+passwd).hexdigest() == ident['pass']: session.login = 1 session.privilege = ident['privilege'] render = create_render(session.privilege) return render.login_ok() else: session.login = 0 session.privilege = 0 render = create_render(session.privilege) return render.login_error() except: session.login = 0 session.privilege = 0 render = create_render(session.privilege) return render.login_error() ''' try: if pwd == ident['pwd']: session.user_id = user_id raise web.seeother('/user') else: return render.error_page('Wrong password!') except: return render.error_page("User not found!")
def POST(self): msg = None i = web.input() uid = i.get('userid') pwd = i.get('password') user_iter=model.get_user(uid,pwd) user = list(user_iter) user_info = web.ctx.session.userinfo if user: user_info['Name'] = user[0].username user_info['ID'] = uid user_info['Contact'] = user[0].contactname user_info['UnitAddr'] = user[0].unitaddress user_info['Tel'] = user[0].tel redirect_url = web.ctx.session.redirecturl #print next_page web.ctx.session.logged_in = True web.setcookie('backstep',-2,3600) if redirect_url: return web.seeother(redirect_url) else: #default return web.seeother('/member') else: msg="用户名或密码不正确" web.setcookie('login_id',uid,3600) return render.login()
def POST(self): if session.user.name == "Anonymous": raise web.seeother("/dashboard/login") function = web.input(function=None).function if function == "setpw": inp = web.input(password=None, password1=None, password2=None) current = model.get_user(name=session.user.name, password=inp.password) if not current: flash("error", "Current password incorrect") elif inp.password1 != inp.password2: flash("error", "New passwords don't match") else: model.set_user_password(session.user.name, inp.password1) flash("success", "Password changed") if function == "setmailmode": inp = web.input(mailmode=None) if inp.mailmode in ["none", "daily", "all"]: # FIXME: argh at the DB and session not being as one... model.set_user_mailmode(session.user.name, inp.mailmode) session.user.mailmode = inp.mailmode flash("success", "Mail mode set to '%s'" % inp.mailmode) else: flash("error", "Invalid mail mode") raise web.seeother("/settings")
def GET(self, name=None): user = model.get_user(name=name) if user: pages = model.get_pages(item_user=user.name) comments_on = model.get_comments(session.user.name, item_user=user.name) comments_by = model.get_comments(session.user.name, user_name=user.name) return render.user(user.name, pages, comments_on, comments_by)
def POST(self): inp = web.input(close_after=False, item_host=None, item_path=None, item_name=None, content=None, item_user=None) model.new_comment(session.user.name, inp.item_host, inp.item_path, inp.item_name, inp.content, inp.item_user) page_owner = model.get_user(name=inp.item_user) if page_owner.mailmode == "all": web.sendmail( 'Comment on This! <*****@*****.**>', page_owner.email, '[CoT] New comment on '+get_domain(inp.item_host), session.user.name+" posted a comment on "+inp.item_host+inp.item_path+"#"+inp.item_name+":"+ "\n\n"+inp.content+ "\n\n -- The Comment on This Team" ) if inp.close_after: return render.comment_thanks() else: raise web.seeother( "/comment"+ "?item_host="+web.urlquote(inp.item_host)+ "&item_path="+web.urlquote(inp.item_path)+ "&item_name="+web.urlquote(inp.item_name) )
def GET(self, id): user = model.get_user(id) userdetails = { 'address1' : user.addr1, 'address2' : user.addr2, 'city' : user.city, 'country' : user.country, 'email' : user.email, 'first_names' : user.firstname, 'last_name' : user.lastname, 'login' : user.login, 'password' : user.password, 'phone' : user.phone, 'prefix' : user.prefix, 'state' : user.state, 'zip' : user.zip } checkProxySetting() p = ProxyTransport() ## PUT IN YOUR PROXY HERE ## p.set_proxy('proxy.domain.com:8080') try: ## UNCOMMENT TO USE PROXY ## #server = xmlrpclib.Server(XMLRPC_SERVER, transport=p, verbose=1) server = xmlrpclib.Server(XMLRPC_SERVER, verbose=1) except xmlrpclib.ProtocolError, detail: print "\nError: There is a error with your url:\n\t%s" % detail sys.exit(-1)
def POST(self): # get the md5-password from database by username # compare with the two password. # if ok, generate the session. i = web.input(username='', password='') if i.username == '' or i.password == '': return render.admin.login('password or username should not be null.') #TODO to implement. user = model.get_user(i.username) if not user: return render.admin.login('no such user.') pwd = i.password + salt md5_pwd = md5.new(pwd).hexdigest() if md5_pwd != user.password: return render.admin.login('password incorrect.') web.ctx.session.loggedin = 1 # TODO: should use a more readable var. web.ctx.session.user_id = user.id web.ctx.session.username = user.name raise web.seeother('/admin')
def create_user(): data = request.get_json() new_username = data.get("newUsername") new_password = data.get("newPassword") confirmed_password = data.get("confirmedPassword") existing_user = model.get_user(new_username) if existing_user: msg = "User already exists" elif new_password == confirmed_password: msg = model.create_user(new_username, new_password) if model.get_user(new_username): pass else: msg = "Passwords do not match" return msg
def make_user(username, password): existing = model.get_user(username) if existing: print "Updating existing user" model.update_user(username, password) else: print "Creating new user" model.add_user(username, password)
def POST(self): inp = web.input(name=None, email=None, token=None) # creating a new user if inp.name and inp.email and inp.token: ex = model.get_user(name=inp.name) if ex: return render.janrain(inp.name, inp.email, inp.token, "Username taken") ex = model.get_user(email=inp.email) if ex: return render.janrain(inp.name, inp.email, inp.token, "Email already in use") model.new_user(inp.name, inp.email, token=inp.token) user = model.get_user(token=inp.token) session.user = User(user) raise web.seeother("/") # already got a user elif inp.token: data = urllib2.urlopen("https://rpxnow.com/api/v2/auth_info?apiKey=%s&token=%s" % (config.get("janrain", "apikey"), inp.token)).read() resp = json.loads(data) if resp['stat'] == "ok": prof = resp['profile'] jid = prof['identifier'] user = model.get_user(token=jid) user_mail = model.get_user(email=prof.get('email'), token='') if user: # this janrain ID is in our system model.set_user_meta_by_email(user.email, data) session.user = User(user) raise web.seeother("/") elif prof.get("email") and user_mail: # they used a new account with known email model.set_user_token_by_email(prof['email'], jid) model.set_user_meta_by_email(prof['email'], data) session.user = User(user_mail) raise web.seeother("/") else: return render.janrain(prof.get('preferredUsername', ''), prof.get('email', ''), jid) else: return "Error logging in" return "Missing token"
def POST(self): inp = web.input(name=None, email=None, password1=None, password2=None) if inp.password1 != inp.password2: return render.dashboard_new(error="Passwords don't match") if model.get_user(name=inp.name): return render.dashboard_new(error="Username taken") if model.get_user(email=inp.email): return render.dashboard_new(error="A user already has that address") model.new_user(inp.name, inp.email, inp.password1) session.user = User(model.get_user(name=inp.name, password=inp.password1)) go_to = web.cookies().get("login-redirect", "/dashboard") web.setcookie("login-redirect", "", expires=-1) raise web.seeother(go_to)
def GET(self): receive = web.input(); if receive: user = model.get_user(receive.p) data = simplejson.dumps(user.list()) print len(user) return data else: return "error request"
def list_tasks(): db = model.connect_db() tasks_from_db = model.get_tasks(db, None) user_id_list = [] for dictionary in tasks_from_db: user_id_list.append(dictionary["user_id"]) for user_id in user_id_list: users_from_db = model.get_user(db, user_id) return render_template("list_tasks.html", tasks=tasks_from_db,users=users_from_db)
def get_user_info(): model.conn_db() id = request.args.get("id") user = model.get_user(id) posts = user.get_posts() comments = user.get_comments() votes = user.get_votes() html = render_template("user.html", user=user, posts=posts, comments=comments, votes=votes) return html
def authenticate(): user = model.get_user(request.form['login']) if user: _M = request.form['m'] srp = session.pop('srp', None) if srp: K, M = srp if _M == str(M): user.authenticated = True login_user(user) return jsonify(error=False); return jsonify(error=True, message="Incorect session");
def POST(self): inp = web.input(name=None, email=None) if not inp.name and not inp.email: return render.dashboard_reset(error="Missing name or email") user = model.get_user(name=inp.name) or model.get_user(email=inp.email) if not user or user.name == "Anonymous": return render.dashboard_login(error="No user with those details") pw = generate_password() model.set_user_password(user.name, pw) web.sendmail( 'Comment on This! <*****@*****.**>', user.email, '[CoT] Password Reset', "Your new password is "+pw+ "\n\nLog in at http://www.commentonthis.net/dashboard/login"+ "\n\nSee you in a moment!"+ "\n\n -- The Comment on This Team" ) return render.dashboard_reset_sent()
def book_added_weblaunches(api_token): bookings = model._load_weblaunch_bookings() for chat_id, weblaunch_ids in bookings.iteritems(): user = model.get_user(chat_id) beer_bot = BeerBot(user['username'], user['password']) start = beer_bot.get_weblaunch_start() if not start: return for weblaunch_id in weblaunch_ids: beer_bot.create_booking(weblaunch_id=int(weblaunch_id), quantity=1) model._save_weblaunch_bookings({})
def POST(self): inp = web.input(name=None, password=None, return_to="/dashboard") if not inp.name or not inp.password: return render.dashboard_login(inp.name, "Missing name or password") user = model.get_user(name=inp.name, password=inp.password) if not user: return render.dashboard_login(inp.name, "No user with those details") session.user = User(user) go_to = web.cookies().get("login-redirect", "/dashboard") web.setcookie("login-redirect", "", expires=-1) raise web.seeother(go_to)
def handshake(): try: user = model.get_user(request.form['login']) if user: A = request.form['a'] svr = ssrp.Server(user.login, user.salt, int(user.v), int(A)); salt, B = svr.challenge() session['srp'] = (svr.K, svr.M) if salt is None or B is None: return jsonify(error=True, message="Authentication failed"); return jsonify(error=False, salt=salt, b=str(B)); return jsonify(error=True, message="Not found user"); except: exceptionType, exceptionValue, exceptionTraceback = sys.exc_info() print(exceptionType, exceptionValue) traceback.print_tb(exceptionTraceback) return jsonify(error=True, message="Internal error");
def process_login(): """Allow a user to login""" email2 = request.form.get('email') password2 = request.form.get('password') note = "" print "email and pass", email2, password2 if email2: user = model.get_user(email2, password2) #if user is correctly identified in the system if user == True: session['email'] = email2 note = "Welcome %s" %(email2) else: #bad password note = "Please make sure you correctly entered your email and password" return render_template("login.html")
def login(): auth = request.authorization username = auth.username password = auth.password password_correct = model.is_password_valid(username, password) result = {} if password_correct: user = model.get_user(username) user.is_active = True user.is_authenticated = True login_user(user) url = url_for("main_page") result["state"] = "succeeded" result["url"] = url else: result["state"] = "failed" return jsonify(result)
def POST(self): i=web.input() uname=i.uname password=i.password """Validate username and password""" userexists=model.if_user_exists(uname) if userexists: chk=model.get_user(uname) for pwd in chk: stored_hash = pwd.password print ""+stored_hash if bcrypt.hashpw(password,stored_hash) == stored_hash: session.loggedin=True session.username=uname raise web.seeother('/index') else: invalidpassword="******"container\"><h2 class=\"heading\">To Do List</h2><br><img src=\"http://cdn.mysitemyway.com/etc-mysitemyway/icons/legacy-previews/icons-256/blue-metallic-orbs-icons-business/078888-blue-metallic-orb-icon-business-thumbs-down.png\" style=\" height:100px; width:100px;\"></img><br><h3 class=\"errormessage\">Password doesn't match with the entered username!</h3><br><a href=\"/\" class=\"heading\">Try to Login again</a></div>" return render.base(invalidpassword) else: return render.login_fail()
def me(): # My details page, allows users to update their basic information. message = None log_access('me') if request.method == 'POST': model.update_user(request.form) log_access('me', 'saved form') message = "Saved." if request.form['username'] != session['user_username']: auth.remove_auth() return redirect(url_for('me')) form=model.get_user(session['user_id']) return render_template('user_edit.html', form=form, message=message, user_auth_levels=get_authorization_levels(session['user_auth_level']), form_action_url=url_for('me'), title="My Details", delete_button = False, change_password_button = True)
def GET(self): # FIXME: used by mobile session.user = User(model.get_user(name="Anonymous")) raise web.seeother("/")
def __init__(self, row): self.row = row def dict(self): d = dict(self.row) del d["writer_ip"] d["avatar"] = User(model.get_user(d["writer"])).avatar d["date_posted"] = shorten_datetime(d["date_posted"]) return d session = web.session.Session(app, web.session.DBStore(model.db, 'sessions'), initializer={ 'user': User(model.get_user(name="Anonymous")), 'flash': [] }) def flash(type, msg): session.flash.append((type, msg)) def flash_clear(): session.flash = [] render_bare = web.template.render('./templates', globals={ 'session': session,
def __init__(self, row): self.row = row def dict(self): d = dict(self.row) del d["writer_ip"] d["avatar"] = User(model.get_user(d["writer"])).avatar d["date_posted"] = shorten_datetime(d["date_posted"]) return d if web.config.get('_session') is None: import rediswebpy #session = DefaultingSession(app, rediswebpy.RedisStore(prefix='session:rhrn:'), { session = DefaultingSession(app, rediswebpy.RedisStore(), { 'user': User(model.get_user(name="Anonymous")), 'flash': [], }) web.config._session = session else: session = web.config._session def flash(type, msg): session.flash.append((type, msg)) def flash_clear(): session.flash = [] render_bare = web.template.render('../templates', globals={ 'session': session, 'shorten_url': shorten_url,
def create_beerbot(chat_id): from beer import BeerBot user = model.get_user(chat_id) return BeerBot(user['username'], user['password'])
def get_user_creds(): user_id = session.get("user_id") password = model.get_user(user_id).password credentials = {"username": user_id, "password": password} return jsonify(credentials)
def get(cls, id): userData = model.get_user(id) if not userData: return None return User(userData[0], userData[1])
def load_user(user_id): user = model.get_user(user_id) return user
def registration(first_msg_obj, conn): # Check structure of first_msg_obj expected = ["reg"] real = sorted(list(first_msg_obj.keys())) if expected != real: print("Invalid message structure") put_message(conn, '{"error": "Invalid message structure"}') return parted_obj = first_msg_obj["reg"] # Check structure of parted_obj expected = ["iv", "part1", "part2"] real = sorted(list(parted_obj.keys())) if expected != real: print("Invalid message structure") put_message(conn, '{"error": "Invalid message structure"}') return # Decrypt part1 globalized.debug("about to decrypt part1") part1_b64 = parted_obj["part1"] tup, error = part1_parts(part1_b64) if error: put_message(conn, error) return ts, username, secret_key, secret_key_b64 = tup ts_int = None try: ts_int = int(ts) except ValueError: print("timestamp is not int") put_message(conn, '{"error": "timestamp is not int"}') return globalized.debug("about to check time and username") now = int(time.time()) if not (now - 2 * 60 < ts_int < now + 1 * 60): print("timestamp out of acceptable range") put_message(conn, '{"error": "timestamp out of acceptable range"}') return user = model.get_user(username) if user: print("username already exists") put_message(conn, '{"error": "username already exists"}') return # Get iv iv_b64 = parted_obj["iv"] iv, error = iv_from_b64(iv_b64) if error: put_message(conn, error) return # Decrypt part2 globalized.debug("about to decrypt part2") part2_b64 = parted_obj["part2"] tup, error = part2_parts(part2_b64, secret_key, iv) if error: put_message(conn, error) return certificate, signature = tup # Verify signature to_hash = (ts + username + secret_key_b64).encode() pub_key = certificate.public_key() try: pub_key.verify(signature, to_hash, padding.PKCS1v15(), hashes.SHA256()) except InvalidSignature: print("Invalid signature of part1") put_message(conn, '{"error": "Signature of part1 was invalid"}') return DH_parameters = dh.generate_parameters(5, 2048) DH_private = DH_parameters.generate_private_key() DH_public = DH_private.public_key() A = DH_public.public_numbers().y numbers = DH_parameters.parameter_numbers() g = numbers.g N = numbers.p to_sign = (ts + str(g) + str(N) + str(A)).encode() signature = sign_to_b64(to_sign) content_dic = { "ts": ts, "g": str(g), "N": str(N), "A": str(A), "signature": signature } content_bytes = json.dumps(content_dic).encode() iv2 = os.urandom(16) enc_content_b64 = aes_encrypt_to_b64(content_bytes, secret_key, iv2) msg_2_dic = { "content": enc_content_b64, "iv": base64.b64encode(iv2).decode() } msg_2 = json.dumps(msg_2_dic) + "\n" put_message(conn, msg_2) # Receive 3rd message message = None try: message = get_message(conn) except Exception as e: print(f"problem receiving 3rd message: {e}") put_message(conn, '{"error": "invalid 3rd message"}') return globalized.debug("checking parts of 3rd message") parts, error = parts_3rd_message(message, secret_key, pub_key) if error: put_message(conn, error) return B, new_username, new_ts = parts if new_username != username: print("username in 3rd message doesn't match") put_message(conn, '''{"error": "username doesn't match"}''') return if new_ts != ts: print("ts in 3rd message doesn't match") put_message(conn, '''{"error": "ts doesn't match"}''') return peer_public_numbers = dh.DHPublicNumbers(int(B), numbers) peer_public_key = peer_public_numbers.public_key() secret = DH_private.exchange(peer_public_key) # Store username, secret and certificate bytes res = model.add_user(username, secret, certificate.public_bytes(serialization.Encoding.DER)) # Send 4th message globalized.debug("preparing 4th message") resp = "OK" if res else "NO" to_sign = (ts + resp).encode() signature = sign_to_b64(to_sign) content_dic = {"ts": ts, "resp": resp, "signature": signature} content_bytes = json.dumps(content_dic).encode() iv4 = os.urandom(16) enc_content_b64 = aes_encrypt_to_b64(content_bytes, secret_key, iv4) msg_4_dic = { "content": enc_content_b64, "iv": base64.b64encode(iv4).decode() } msg_4 = json.dumps(msg_4_dic) + "\n" put_message(conn, msg_4)
def POST(self): session.user = User(model.get_user(name="Anonymous")) raise web.seeother("/")
def create_goal(): if 'user_id' not in session: return "you must log in to create a goal" user_id = session["user_id"] user = get_user(user_id) return render_template('create_goal.html', user=user)
def dict(self): d = dict(self.row) del d["writer_ip"] d["avatar"] = User(model.get_user(d["writer"])).avatar d["date_posted"] = shorten_datetime(d["date_posted"]) return d
def update_profile(): username = None user = None if 'username' in session: username = session['username'] user = model.get_user(username) logging.debug("update_profile: Trying (%s)" % (username)) if user.username == "administrator": flash("Profile updating has been disabled for user admin.", 'error') return render_template('profile.html', current_user=user) update = { "username": user.username, "ts": str(int(time()))} new_name = request.form['name'] if not new_name: new_name = user.name else: update["name"] = new_name new_about = request.form['about'] if new_about != user.about and \ not (new_about == 'None' and not user.about): # specific case when there is no about and it is not added one update["about"] = new_about new_photo = request.files['photo'] if not new_photo: new_photo_filename = user.photo else: if not new_photo.filename.endswith(app.config['IMAGE_EXTENSIONS']): flash("Wrong file format. Only images allowed", 'error') return render_template('profile.html', current_user=user) new_photo_filename = ''.join(random.choices(string.ascii_lowercase + string.digits, k=8)) + '_' + secure_filename(new_photo.filename) new_photo.save(app.config['photos_folder'] + new_photo_filename) logging.debug("update_profile: filename (%s)" % new_photo_filename) logging.debug("update_profile: file (%s)" % new_photo) update["photo"] = new_photo_filename current_password = request.form['currentpassword'] new_password = request.form['newpassword'] update_hash: str iv = urandom(16) try: if not new_password: new_password = current_password update_hash = model.digest_text_to_b64(json.dumps(update, separators=(',', ':'))) iv = None else: update['password'] = new_password # hash needs to be calculated before password encryption update_hash = model.digest_text_to_b64(json.dumps(update, separators=(',', ':'))) b_64_pass = model.cipher_aes_to_b64(new_password.encode(), iv) update['password'] = b_64_pass except Exception as e: logging.debug("update_profile: Found exception(%s)" % e) return error("Error: Could not update the profile") if not bcrypt.checkpw(current_password.encode(), user.password.encode()): flash("Current password does not match registered password.", 'error') return render_template('profile.html', current_user=user) # check if there was indeed an update to the user if len(update.keys()) == 2: flash("Please perform an update to your profile.", 'error') return render_template('profile.html', current_user=user) try: model.create_authorization(username, update, update_hash, iv) except Exception as e: logging.debug("update_profile: Found exception(%s)" % e) return error("Error: Could not update the profile") logging.debug("update_profile: Succesful (%s)" % (username)) if user: flash("Waiting for authorization to update user %s profile" % username,) return render_template('profile.html', current_user=user)
def show_user(): model.connect_to_db() idnum = request.args.get("id") u = model.get_user(idnum) return render_template("show_user.html", user=u)
def user_name_chk(user_name): check = model.get_user(user_name) #returns row if check is None: return -1 #user not found else: return 1 #user_name exists
def auth_request(first_msg_obj): # Check structure of first_msg_obj expected = ["auth"] real = sorted(list(first_msg_obj.keys())) if expected != real: print("Invalid message structure") return None, '{"error": "Invalid message structure"}' parts = first_msg_obj["auth"] # Check structure of parts expected = ["content", "iv", "username"] real = sorted(list(parts.keys())) if expected != real: print("Invalid message structure") return None, '{"error": "Invalid message structure"}' # Get username username = parts["username"] if type(username) != str: print("Username isn't str") return None, '''{"error": "Username isn't str"}''' # Get user user = model.get_user(username) if not user: print("username not registered") return None, '{"error": "username not registered"}' _, shared_secret, der_cert = user certificate = None try: certificate = x509.load_der_x509_certificate(der_cert) except Exception as e: print(f"Error with loading cert: {e}") return None, '{"error": "Could not load cert"}' # Get iv iv_b64 = parts["iv"] iv, error = iv_from_b64(iv_b64) if error: return None, error secret_key = sha256(shared_secret) content_b64 = parts["content"] content, error = decrypt_aes_b64_to_dic(content_b64, secret_key, iv) if error: return None, error # check structure of content expected = ["hash", "resp", "signature", "ts"] real = sorted(list(content.keys())) if expected != real: print("Invalid content structure") return None, '{"error": "Invalid content structure"}' ts = content["ts"] ts_int = None try: ts_int = int(ts) except ValueError: print("timestamp is not int") return None, '{"error": "timestamp is not int"}' now = int(time.time()) if not (now - 2 * 60 < ts_int < now + 1 * 60): print("timestamp out of acceptable range") return None, '{"error": "timestamp out of acceptable range"}' update_hash = content["hash"] if type(update_hash) != str: print("hash isn't str") return None, '''{"error": "hash isn't str"}''' resp = content["resp"] signature_b64 = content["signature"] signature = None try: signature = base64.b64decode(signature_b64) except Exception as e: print(f"invalid base64 for signature: {e}") return None, '{"error": "base64 of signature was invalid"}' # Verify signature to_sign = (str(ts) + resp + update_hash).encode() pub_key = certificate.public_key() try: pub_key.verify(signature, to_sign, asymmetric.padding.PKCS1v15(), hashes.SHA256()) except InvalidSignature: print("Invalid signature") return None, '{"error": "Signature was invalid"}' return (username, ts, secret_key, update_hash, resp), None
def setting(id): """Render Circlet status and current Circlet attribute""" return render_template('settings.html', user=get_user(id))
def POST(self): data = web.data() user = json.loads(data)['username'] s = model.get_user(user) return s