def test_upload(): userID = request.form.get("userID") password = request.form.get("password") file = extract_photo_from_request() pwd_manager = Hash() if not pwd_manager.check_password(userID, password): return Response(status=401) file_manager = FileManager() if not file or not file_manager.save_file(file): return Response(status=400) saved_files = ImageTransform.make_transformations( file_manager.last_saved_full_path) saved_files["original"] = FileManager.extract_filename( file_manager.last_saved_full_path) dbm = DataBaseManager() db_success = dbm.add_photos(userID, "Auto Uploaded", "#test_image", saved_files) if db_success: return Response(status=200) else: return Response(status=500)
def change_pwd(token): dbm = DataBaseManager() user_email = dbm.verify_token(token) field = validate.regex() password = field.validate(field.password_pattern, request.form.get("password")) password_conf = password == request.form.get("password_conf") err_msg = field.compose_error_message(password, password_conf) if user_email is None: return render_template("NewPwd.html", session=True) else: if err_msg is not None: return render_template("NewPwd.html", session=False, token=token, error=err_msg) pwd_manager = Hash() salt, hashpwd = pwd_manager.get_salt_hash(password) stored_pwd = "$" + salt + "$" + hashpwd.decode("utf-8") dbm.update_new_password(stored_pwd, user_email) return redirect(url_for('render_gallery'))
def create_session_for(username, password): pwd_manager = Hash() if pwd_manager.check_password(username, password): session['user'] = username session['authorized'] = True return True return False
def create_session_for(username, password): pwd_manager = Hash() if pwd_manager.check_password(username, password): session['user'] = username session['authorized'] = True dbm = DataBaseManager() session['type'] = dbm.get_user_type(username) return True return False
def authenticate_user(): username = request.form.get('username') password = request.form.get('password') pwd_manager = Hash() if pwd_manager.check_password(username, password): session['user'] = username session['authorized'] = True return redirect(url_for('render_gallery')) return render_template("index.html", error=True, username=username)
def create_user(): if 'authorized' in session and session['authorized'] is True: return redirect(url_for("render_gallery")) input_username = request.form.get("username") input_first_name = request.form.get("first_name") input_last_name = request.form.get("last_name") input_email = request.form.get("email") input_password = request.form.get("password") input_password_conf = request.form.get("password_conf") field = validate.regex() username = field.validate(field.user_name_pattern, input_username) first_name = field.validate(field.first_name_pattern, input_first_name) last_name = field.validate(field.last_name_pattern, input_last_name) email = field.validate(field.email_pattern, input_email) password = field.validate(field.password_pattern, input_password) password_conf = password == input_password_conf err_msg = compose_error_message(username, first_name, last_name, email, password, password_conf) if err_msg is not None: return render_template("newuser.html", error=err_msg, username=input_username, first_name=input_first_name, last_name=input_last_name, email=input_email, password=input_password, password_conf=input_password_conf) pwd_manager = Hash() salt, hashpwd = pwd_manager.get_salt_hash(password) stored_pwd = "$" + salt + "$" + hashpwd.decode("utf-8") dbm = DataBaseManager() email_already_registered = dbm.email_already_exists(email) if not email_already_registered: db_success = dbm.add_user(username, first_name, last_name, email, stored_pwd) if db_success: session['user'] = username session['authorized'] = True return redirect(url_for('render_gallery')) else: # Getting here means that either there was a database error or the username is already taken. # Since the user will have to retry anyways, we might as well say there was an error with the # chosen username err_msg = ["Username is unavailable."] return render_template("newuser.html", error=err_msg, username=input_username, first_name=input_first_name, last_name=input_last_name, email=input_email, password=input_password, password_conf=input_password_conf) else: err_msg = ["An account already exists with this Email"] return render_template("newuser.html", error=err_msg, username=username, first_name=first_name, last_name=last_name, email=email, password=password, password_conf=password_conf)