def get_user_by_email_and_password(cls, email, password, check_is_enable=True):
a = cls.get_user_by_email(email, check_is_enable)
if a is None:
return None
if bcrypt.hashpw(password, a.password) != a.password:
return None
return a
def validate_bcrypt(submittedPass, hash):
'''
get the salt value from the hash (it's the value after the comma)
'''
hashed2 = bcrypt.hashpw(submittedPass, hash)
if hashed2 == hash:
return True
else:
return False
def validate_secure_pw(pw, h, n_salt):
aux = '$2a$%02d$' % n_salt + h
try:
if bcrypt.hashpw(pw, aux) == aux:
return True
else:
return False
except:
return False
def get_user(cls, account, password, is_enable=True):
a = cls.query(
cls.account == account,
cls.is_enable == is_enable).get()
if a is None:
return None
if bcrypt.hashpw(password, a.password) != a.password:
return None
return a
def validate_secure_pw(pw,h,n_salt=2):
version_append='$2a$%02d$' % n_salt + h
try:
if bcrypt.hashpw(pw, version_append)==version_append:
return True
else:
return None
except:
return None
def create_account(cls, name, account, password, avatar=None, email=None):
n = cls()
n.name = name
n.account = account
n.password = bcrypt.hashpw(password, bcrypt.gensalt())
n.avatar = avatar
if email:
n.email = email
n.put()
return n
def validate_secure_cookie(h,n_salt=2):
if h:
cookie_val=h.split('.')[-1]
h=h[:-len(cookie_val)-1]
version_append='$2a$%02d$' % n_salt + h
try:
if bcrypt.hashpw(cookie_val, version_append)==version_append:
return cookie_val
else:
return None
except:
return None
else:
return None
def make_pw_hash(name, pw, salt = bcrypt.gensalt(5)):
h = bcrypt.hashpw(str(name + pw + salt), salt)
return '%s|%s' % (salt, h)
def secure_cookie(cookie_val,n_salt=2):
try:
bcr_hash= bcrypt.hashpw(cookie_val, bcrypt.gensalt(n_salt)).split('$')[-1]+ '.'+cookie_val
return bcr_hash
except:
return None
def check_password(self,cpass): return hashpw(cpass, self.password) == self.password;
def bycrypt_password_with_old_password(self):
if self.old_password != self.new_password:
self.password = u'' + bcrypt.hashpw(u'' + self.new_password, bcrypt.gensalt())
self.put()
def make_bcrypt_hash(password):
'''
checks the authenticity of the submitted password against a hash
'''
return bcrypt.hashpw(password, bcrypt.gensalt(2))
def hash_pwd(self, pwd): self.pwd = bcrypt.hashpw(pwd, bcrypt.gensalt(1))
def is_same_password(password, hashed):
return bcrypt.hashpw(password, hashed) == hashed
def check_password(self, check):
if bcrypt.hashpw(check, self.password) != self.password:
return False
return True
def hashText(text, iters = 2):
'''Returns a hexhash of the text using bcrypt for n iterations'''
# I don't actually know how reliable python bcrypt is
# But compiled version is not an option with GAE
return bcrypt.hashpw(text, bcrypt.gensalt(iters)).encode('hex')
def bycrypt_password(self):
self.password = u'' + bcrypt.hashpw(u'' + self.password, bcrypt.gensalt())
self.put()
def make_pw_hash(name, password):
hashed = bcrypt.hashpw(name + password, bcrypt.gensalt())
return hashed
def make_pw_hash(name, password):
hashed = bcrypt.hashpw(name + password, bcrypt.gensalt())
return hashed
def valid_pw(name, password, hashed):
return bcrypt.hashpw(name + password, hashed) == hashed
def hash(cls, password):
return bcrypt.hashpw(password, bcrypt.gensalt())
def hash_password(password):
return bcrypt.hashpw(password, bcrypt.gensalt())
def checkHash(text, hexhash):
'''Checks if text matches hexhash'''
h = hexhash.decode('hex')
return bcrypt.hashpw(text, h) == h
def pwd_auth(self, pwd): if bcrypt.hashpw(pwd, self.pwd) == self.pwd: return True
def secure_pw(pw, n_salt=1):
return bcrypt.hashpw(pw, bcrypt.gensalt(n_salt)).split('$')[-1]
def valid_pw(name, password, hashed):
return bcrypt.hashpw(name + password, hashed) == hashed
def secure_pw(pw,n_salt=2):
try:
return bcrypt.hashpw(pw, bcrypt.gensalt(n_salt)).split('$')[-1]
except:
return None
def verify(cls, password, hashed):
if bcrypt.hashpw(password, hashed) == hashed:
return True
else:
return False
def encrpytPassword(self,password): return hashpw(password, gensalt());
