def process_login(self, req, res):
email = req.params['email']
print(email)
password = req.params['password']
LOG.info("login from %s", req.params['email'])
session = req.context['session']
try:
user_db = session.query(User).filter(User.email == email).one()
LOG.info("User from db:%s", user_db)
if verify_password(password, user_db.password.encode('utf-8')):
res.status = falcon.HTTP_200
res.body = self.to_json(user_db.to_dict())
else:
res.status = falcon.HTTP_401
res.body = self.to_json({
'meta': {
'code': 401,
'message': 'password not match'
}
})
except NoResultFound:
res.status = falcon.HTTP_404
res.body = self.to_json({
'meta': {
'code': 404,
'message': 'user not exists'
}
})
def on_post(self, req, res):
db_session = req.context['db.session']
redixdb = req.context['redixdb']
user_req = req.context['data']
email = None
if user_req:
email = user_req['email']
password = user_req['password']
try:
# verifying user credentials
user_db = User.find_by_email(db_session, email)
user_id = user_db.id
user_name = user_db.username
roles = [i.name for i in user_db.permissions]
if verify_password(password, user_db.password.encode('utf-8')):
user_data = user_db.to_dict()
for item in ["password", "created", "modified"]:
del user_data[item]
user_data["roles"] = roles
#creating token
timed_token = generate_timed_token(user_data)
token = encrypt_token(timed_token)
redixdb.set_hashkey(token, user_id)
res.set_header('token', token)
user_data["success"] = True
self.on_success(res, user_data)
else:
raise PasswordNotMatch()
except NoResultFound:
raise UserNotExistsError('User email: %s' % email)
def authenticate_user(email: EmailStr, password: str):
user = get_user_by_email(email=email)
if not user:
return False
if not verify_password(password, user.hashed_password):
logger.info("Incorrect Password for username: {}".format(email))
return False
return user
def process_login(self, req, res):
data = req.context['data']
email = data['email']
password = data['password']
session = req.context['session']
try:
user_db = User.find_by_email(session, email)
if verify_password(password, user_db.password.encode('utf-8')):
self.on_success(res, user_db.to_dict())
else:
raise PasswordNotMatch()
except NoResultFound:
raise UserNotExistsError('User email: %s' % email)
def process_login(self, req, res):
data = req.context["data"]
email = data["email"]
password = data["password"]
session = req.context["session"]
try:
user_db = User.find_by_email(session, email)
if verify_password(password, user_db.password.encode("utf-8")):
self.on_success(res, user_db.to_dict())
else:
raise PasswordNotMatch()
except NoResultFound:
raise UserNotExistsError("User email: %s" % email)
def process_login(self, req, res):
email = req.params['email']
password = req.params['password']
session = req.context['session']
try:
user_db = User.find_by_email(session, email)
if verify_password(password, user_db.password.encode('utf-8')):
self.on_success(res, user_db.to_dict())
else:
raise PasswordNotMatch()
except NoResultFound:
raise UserNotExistsError('User email: %s' % email)
def post(self):
data = request.get_json() or {}
username = data.get("username")
password = data.get("password")
if not username or not password:
return invalid_api_usage("No username or password provided", 400)
if not verify_password(username, password):
return invalid_api_usage("Invalid username or password", 400)
user = User.query.filter(
or_(User.username == username, User.email == username)).first()
token = Token.query.filter_by(user=user.uid).first()
if token:
return {"token": token.value}
token = Token(user.uid)
db.session.add(token)
db.session.commit()
return {"token": token.value}
def on_post(self, req, res):
unauthorized_title = 'Unauthorized'
unauthorized_description = 'Invalid credentials'
email = req.context['data']['email']
password = req.context['data']['password']
user = self.find_user_by_email(email)
if user is None:
raise falcon.HTTPUnauthorized(unauthorized_title, unauthorized_description)
valid_password = verify_password(password, user.pop('password'))
if not valid_password:
raise falcon.HTTPUnauthorized(unauthorized_title, unauthorized_description)
req.context['result'] = {'token': generate_token(user)}
res.status = falcon.HTTP_OK
def on_post(self, req, res):
unauthorized_title = 'Unauthorized'
unauthorized_description = 'Invalid credentials'
email = req.context['data']['email']
password = req.context['data']['password']
user = self.find_user_by_email(email)
if user is None:
raise falcon.HTTPUnauthorized(unauthorized_title,
unauthorized_description)
valid_password = verify_password(password, user.pop('password'))
if not valid_password:
raise falcon.HTTPUnauthorized(unauthorized_title,
unauthorized_description)
req.context['result'] = {'token': generate_token(user)}
res.status = falcon.HTTP_OK
def on_post(self, req, res):
session = req.context['session']
data = json.loads(req.bounded_stream.read().decode())
result = LoginSchema().load(data)
if result.errors:
res.status = falcon.HTTP_BAD_REQUEST
res.body = self.to_json({'errors': result.errors})
else:
usr = session.query(User).filter_by(email=data['email']).one()
if usr:
if verify_password(data['password'], usr.password):
u = {"id": usr.id, "name": "%s %s" % (usr.fn, usr.ln)}
wt = jwt.encode(u, SECRET_KEY, algorithm='HS256')
res.status = falcon.HTTP_200
res.body = self.to_json({'jwt': wt.decode('utf-8')})
else:
res.status = falcon.HTTP_401
res.body = self.to_json('Bad password.')
else:
res.status = falcon.HTTP_NOT_FOUND
res.body = self.to_json('User not found.')
def on_post(self, req, res):
unauthorized_title = "Unauthorized"
unauthorized_description = "Invalid credentials"
email = req.context["data"]["email"]
password = req.context["data"]["password"]
self.cursor.callproc("sp_lookup_user_by_email", [email])
result = self.cursor.fetchone()
if result is None:
raise falcon.HTTPUnauthorized(unauthorized_title, unauthorized_description)
result = result[0]
valid_password = verify_password(password, result.pop("password"))
if not valid_password:
raise falcon.HTTPUnauthorized(unauthorized_title, unauthorized_description)
res.status = falcon.HTTP_200
res.body = json.dumps({"token": generate_token(result)})
def on_post(self, req, res):
unauthorized_title = 'Unauthorized'
unauthorized_description = 'Invalid credentials'
email = req.context['data']['email']
password = req.context['data']['password']
self.cursor.callproc('sp_lookup_user_by_email', [email, ])
result = self.cursor.fetchone()
if result is None:
raise falcon.HTTPUnauthorized(unauthorized_title, unauthorized_description)
result = result[0]
valid_password = verify_password(password, result.pop('password'))
if not valid_password:
raise falcon.HTTPUnauthorized(unauthorized_title, unauthorized_description)
res.status = falcon.HTTP_200
res.body = json.dumps({
'token': generate_token(result)
})
def test_verify_password(self):
teacher = models_teacher.Teacher.objects.get(id=teacher_id)
is_same = utils_auth.verify_password("foobar", teacher.hashed_password)
pp.pprint(is_same)
