def sendRequest(name):
URL = 'http://d6c7f838.ngrok.io/recognised'
name = BCryptSHA256PasswordHasher().encode(
name,
BCryptSHA256PasswordHasher().salt())
post_fields = json.dumps({'name': str(name), 'time': str(time.time())})
requests.post(URL, data=post_fields)
def set_pass(request):
data = json.loads(request.body.decode('utf-8'))
users_list = json.loads(serializers.serialize('json', User.objects.all()))
for i in users_list:
if BCryptSHA256PasswordHasher().verify(i['fields']['username'],
data['id']):
user = User.objects.get(username=i['fields']['username'])
user.password = BCryptSHA256PasswordHasher().encode(
data['password'],
BCryptSHA256PasswordHasher().salt())
user.save()
return JsonResponse({'ok': 'true'})
class UserSerializer(serializers.ModelSerializer):
# encoder used in project
encoder = BCryptSHA256PasswordHasher()
password = serializers.CharField(write_only=True)
class Meta:
model = User
fields = (
'id',
'username',
'groups',
'is_superuser',
'password',
"first_name",
"last_name",
)
def create(self, validated_data):
# get and encode password
password = validated_data.pop('password')
hashed_password = self.encoder.encode(password,
salt=self.encoder.salt())
# get and assign groups
groups = validated_data.pop('groups')
user = User.objects.create(password=hashed_password, **validated_data)
user.groups.set(groups)
user.save()
return user
def recognised(request):
if request.method == 'POST':
obj = json.loads(request.body.decode('utf-8'))
name = obj['name']
time = obj['time']
users = User.objects.values('surname')
for user in users:
if BCryptSHA256PasswordHasher().verify(user['surname'], name):
if name == Seen.name:
pass
else:
user = User.objects.get(surname=user['surname'])
seen = SeenToday()
seen.name = '{} {}'.format(user.name, user.surname)
seen.status = user.status
seen.time = time
seen.save()
print('saved!')
return HttpResponse('Saved!')
else:
print(False)
# try:
# if User.objects.filter(surname=name).exists():
# user = User.objects.get(surname=name)
# seen = Seen()
# seen.name = '{} {}'.format(user.name, user.surname)
# seen.status = user.status
# seen.time = time
# print('{} {} has entered recently'.format(user.name, user.surname))
# seen.save()
# return HttpResponse('I feel good')
# except:
# return HttpResponse('All is not so good')
return HttpResponse('All is not so good')
def login_user_api(request):
if request.method == 'POST':
data = json.loads(request.body.decode('utf-8'))
if User.objects.filter(username=data['username']).exists():
user = User.objects.get(username=data['username'])
bcr = BCryptSHA256PasswordHasher()
if not user.password.startswith(
'bcrypt_sha256') and user.password == data['password']:
hashed = bcr.encode(data['username'], bcr.salt())
return JsonResponse({
'status': 200,
'user_id': f'{hashed}',
'password': '******'
})
if bcr.verify(data['password'], user.password) == True:
hashed = bcr.encode(data['username'], bcr.salt())
if user.superuser == 1:
return JsonResponse({
'status': 200,
'user_id': f'{hashed}'
})
else:
return JsonResponse({
'status': 200,
'user_id': f'{hashed}'
})
else:
return JsonResponse({
'status': 412,
'message': 'Password not match'
})
else:
return JsonResponse({'status': 412, 'message': 'User not found'})
def post(self, request):
username = request.data["username"]
password = request.data["password"]
hasher = BCrypt()
salt = hasher.salt()
password_encoded = hasher.encode(password, salt)
data = {"username": username, "password": password_encoded}
serializer = UsersSerializer(data=data)
try:
serializer.is_valid(raise_exception=True)
serializer.save()
data = "user created"
return Response(data=data, status=status.HTTP_201_CREATED)
except ValidationError as e:
data = str(e.__dict__["detail"]["username"][0])
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def check(request):
data = json.loads(request.body.decode('utf-8'))
users_list = json.loads(serializers.serialize('json', User.objects.all()))
for i in users_list:
if BCryptSHA256PasswordHasher().verify(i['fields']['username'], data):
if i['fields']['superuser'] == 1:
return JsonResponse({'status': 'admin'})
else:
return JsonResponse({'status': 'user'})
return JsonResponse({'ok': 'True'})
def users(request):
users_list = json.loads(
serializers.serialize('json',
User.objects.all(),
fields=('username', 'name', 'surname', 'status',
'team', 'project')))
data = json.loads(request.body.decode('utf-8'))
for i in users_list:
if BCryptSHA256PasswordHasher().verify(i['fields']['username'], data):
del users_list[users_list.index(i)]
return JsonResponse(users_list, safe=False)
def post(self, request):
username = request.data["username"]
password = request.data["password"]
hasher = BCrypt()
try:
user = Users.objects.get(username=username)
except Users.DoesNotExist:
return Response(
data="username does not exists", status=status.HTTP_400_BAD_REQUEST
)
if hasher.verify(password, user.password):
timestamp = datetime.datetime.utcnow()
jwt = JwtHelper()
data = {
"JWT": jwt.tokenize(user=user, timestamp=timestamp),
"timestamp": timestamp,
}
return Response(data=data, status=status.HTTP_200_OK)
return Response(
data="password does not match", status=status.HTTP_400_BAD_REQUEST
)
def api_attendance(request):
data = json.loads(request.body.decode('utf-8'))
users_list = json.loads(serializers.serialize('json', User.objects.all()))
for i in users_list:
if BCryptSHA256PasswordHasher().verify(i['fields']['username'], data):
users = json.loads(
serializers.serialize("json", Seen.objects.all()))
all_users = [x['fields']['name'].split(' ')[1] for x in users]
once_users = list(dict.fromkeys(all_users))
obj = {}
for i in once_users:
obj.update({f'{i}': all_users.count(i)})
return JsonResponse(obj)
class RegisterSerializer(serializers.ModelSerializer):
password = serializers.CharField(write_only=True)
encoder = BCryptSHA256PasswordHasher()
class Meta:
model = User
fields = ('username', 'password', 'email', 'first_name')
def create(self, validated_data):
password = validated_data.pop('password')
hashed_password = self.encoder.encode(password, salt=self.encoder.salt())
user = User.objects.create(password=hashed_password, **validated_data)
user.save()
return user
def login_user(request):
if request.method == 'POST':
form = UserLogin(request.POST)
if form.is_valid():
if User.objects.filter(username=request.POST['username']).exists():
user = User.objects.get(username=request.POST['username'])
bcr = BCryptSHA256PasswordHasher()
if bcr.verify(request.POST['password'], user.password) == True:
request.session['user'] = user.username
request.session.modified = True
print(request.session['user'])
return HttpResponseRedirect('/user/{}'.format(user.id))
else:
messages.error(request, 'Incorrect password')
return HttpResponseRedirect('#')
else:
messages.error(request, 'User not found')
return HttpResponseRedirect('#')
return HttpResponseRedirect('#')
if request.method == 'GET':
return render(request, 'login-user/index.html', {'form': UserLogin()})
def register(request):
if request.method == 'GET':
residents = User.objects.filter(status='resident').count()
mentors = User.objects.filter(status='mentor').count()
owners = User.objects.filter(status='owner').count()
return render(
request, 'register_user/index.html', {
'user_form': UserForm(),
'residents': residents,
'mentors': mentors,
'owners': owners
})
if request.method == 'POST':
f = UserForm(request.POST, request.FILES)
if request.POST['password'] != request.POST['password_1']:
messages.error(request, 'Passwords are not the same')
return HttpResponseRedirect('#')
if f.is_valid():
user = User()
user.attendance = 0
user.superuser = 0
user.name = request.POST['name']
user.surname = request.POST['surname']
user.username = request.POST['username']
bcr = BCryptSHA256PasswordHasher()
hashed = bcr.encode(request.POST['password'], bcr.salt())
user.password = hashed
user.status = request.POST['status']
date = datetime.datetime.strptime(request.POST['date'], '%Y-%m-%d')
user.birth_date = date
user.email = request.POST['email']
user.specialization = request.POST['specialization']
user.team = request.POST['team']
user.project = request.POST['project']
user.profile_photo = request.FILES['profile_photo']
user.save()
return HttpResponseRedirect('/{}s'.format(user.status))
def test_bcryptsha256_salt_check(self):
hasher = BCryptSHA256PasswordHasher()
encoded = hasher.encode("lètmein", hasher.salt())
self.assertIs(hasher.must_update(encoded), False)
import logging
from django.contrib.auth.models import User
from django.contrib.auth.hashers import BCryptSHA256PasswordHasher
from rest_framework import serializers
from rest_framework_simplejwt.serializers import TokenObtainSlidingSerializer # new
from .models import BankInfo
import requests
import os
hasher = BCryptSHA256PasswordHasher()
logger = logging.getLogger('testlogger')
class UserSerializer(serializers.ModelSerializer):
password1 = serializers.CharField(write_only=True)
password2 = serializers.CharField(write_only=True)
email = serializers.EmailField()
def validate(self, data):
if data['password1'] != data['password2']:
raise serializers.ValidationError({'password2': 'not-match'})
if User.objects.filter(username=str(data['username'])).exists():
raise serializers.ValidationError({'username': '******'})
return data
def create(self, validated_data):
data = {
key: value
def user_info(request):
data = json.loads(request.body.decode('utf-8'))
users_list = json.loads(serializers.serialize('json', User.objects.all()))
for i in users_list:
if BCryptSHA256PasswordHasher().verify(i['fields']['username'], data):
return JsonResponse(i)
