def password_recovery_finish(recovery_hash): """ This will be called after user clicked link in email. """ try: id, email, hash_code, complete = \ row_mysql_queries.get_recovery_request_by_hash(recovery_hash) except TypeError: # db returns None flask.abort(404) if complete == 1: flask.flash('Password recovery token is expired', 'error') return flask.redirect(flask.url_for('dashboard')) odb_user = utils.neo4j_api_call('/users', {"email": email}, 'GET')[0] new_hash = str(uuid.uuid4()) # set trash password in keystone keystone_user = utils.get_keystone_user_by_username(odb_user['username']) clients.admin_clients().keystone.users.update_password(keystone_user, new_hash) # set trash password in odb utils.neo4j_api_call('/users', { 'id': odb_user['id'], 'login': odb_user['login'], 'username': odb_user['username'], 'email': odb_user['email'], 'passwordHash': utils.create_hashed_password(new_hash)}, 'PUT') # send trash password back to user msg = mail.Message('Password recovery', recipients=[odb_user['email']]) msg.body = flask.render_template('RecoveryPasswordFinishEmail/body.txt', new_pass=new_hash) utils.send_msg(msg) flask.flash('New password was sent to you', 'success') return flask.redirect(flask.url_for('dashboard'))
def _login(username, password): try: odb_user = utils.neo4j_api_call('/users', { "email": username, }, 'GET')[0] except NotFound: # NOTE(apugachev) ODB returns 404 for non-existing email, lol. return False if not (odb_user['passwordHash'] == utils.create_hashed_password(password)): return False username = odb_user['username'] # NOTE(apugachev) # odb username is Keystone user name # password is the same as Keystone password try: clients.create_unscoped(username, password) except Unauthorized: return False flask.session['user'] = ( flask.session['keystone_unscoped']['access']['user']) flask.g.is_authenticated = True flask.flash('You were logged in successfully.', 'success') user_tenants = utils.user_tenants_list( utils.get_keystone_user_by_username(username)) flask.session['tenants'] = user_tenants # NOTE(apugachev) # Principal identity name is Keystone user id principal.identity_changed.send( focus.app, identity=principal.Identity( flask.session['keystone_unscoped'][ 'access']['user']['id'])) return True
def _login(username, password): try: odb_user = utils.neo4j_api_call('/users', { "email": username, }, 'GET')[0] except NotFound: # NOTE(apugachev) ODB returns 404 for non-existing email, lol. return False if not (odb_user['passwordHash'] == utils.create_hashed_password(password)): return False username = odb_user['username'] # NOTE(apugachev) # odb username is Keystone user name # password is the same as Keystone password try: clients.create_unscoped(username, password) except Unauthorized: return False flask.session['user'] = ( flask.session['keystone_unscoped']['access']['user']) flask.g.is_authenticated = True flask.flash('You were logged in successfully.', 'success') user_tenants = utils.user_tenants_list( utils.get_keystone_user_by_username(username)) flask.session['tenants'] = user_tenants # NOTE(apugachev) # Principal identity name is Keystone user id principal.identity_changed.send( focus.app, identity=principal.Identity( flask.session['keystone_unscoped']['access']['user']['id'])) return True
def test_russian_password(self): """ Verifies if user can enter a russian, japan (unicode) password after registration """ for p in [u'фыва', u'asdf', u'君が代は 千代に 八千代に 細石の 巖と態']: self.assertEquals(type(''), type(create_hashed_password(p)))
def test_login(self): with \ mock.patch('focus.utils.neo4j_api_call')\ as neo4j_api_call, \ mock.patch('flask.current_app') as current_app,\ mock.patch('flask.g'),\ mock.patch('focus.clients.admin_clients'), \ mock.patch('flask.flash'), \ mock.patch('flaskext.principal.identity_changed'), \ mock.patch('flask.session'): current_app.config = {'KEYSTONE_CONF': {'admin_tenant_id': '1'}} neo4j_api_call.return_value = self.ODB_GET_USER_RESPONSE self.ODB_GET_USER_RESPONSE[0]['passwordHash'] = \ create_hashed_password(u'correctpassword') self.assertEqual(False, _login('testaccount', u'wrongpassword')) self.assertEqual(True, _login('testaccount', u'correctpassword')) self.ODB_GET_USER_RESPONSE[0]['passwordHash'] = \ create_hashed_password(u'хорошийпароль') self.assertEqual(True, _login('testaccount1', u'хорошийпароль'))
def test_login(self): with \ mock.patch('focus.utils.neo4j_api_call')\ as neo4j_api_call, \ mock.patch('flask.current_app') as current_app,\ mock.patch('flask.g'),\ mock.patch('focus.clients.admin_clients'), \ mock.patch('flask.flash'), \ mock.patch('flaskext.principal.identity_changed'), \ mock.patch('flask.session'): current_app.config = { 'KEYSTONE_CONF': { 'admin_tenant_id': '1'}} neo4j_api_call.return_value = self.ODB_GET_USER_RESPONSE self.ODB_GET_USER_RESPONSE[0]['passwordHash'] = \ create_hashed_password(u'correctpassword') self.assertEqual(False, _login('testaccount', u'wrongpassword')) self.assertEqual(True, _login('testaccount', u'correctpassword')) self.ODB_GET_USER_RESPONSE[0]['passwordHash'] = \ create_hashed_password(u'хорошийпароль') self.assertEqual(True, _login('testaccount1', u'хорошийпароль'))
def _register_in_ODB(username, email, password): """Register user in ODB. API 'create_user' call to ODB, then read new user from ODB and \ returns it. """ # new user utils.neo4j_api_call( '/users', { "login": "", "username": username, "email": email, "passwordHash": utils.create_hashed_password(password), }, 'POST') # return fresh user user = utils.neo4j_api_call('/users', {"email": email}, 'GET')[0] return user
def _register_in_ODB(username, email, password): """Register user in ODB. API 'create_user' call to ODB, then read new user from ODB and \ returns it. """ # new user utils.neo4j_api_call('/users', { "login": "", "username": username, "email": email, "passwordHash": utils.create_hashed_password(password), }, 'POST') # return fresh user user = utils.neo4j_api_call('/users', { "email": email }, 'GET')[0] return user
def password_recovery_finish(recovery_hash): """ This will be called after user clicked link in email. """ try: id, email, hash_code, complete = \ row_mysql_queries.get_recovery_request_by_hash(recovery_hash) except TypeError: # db returns None flask.abort(404) if complete == 1: flask.flash('Password recovery token is expired', 'error') return flask.redirect(flask.url_for('dashboard')) odb_user = utils.neo4j_api_call('/users', {"email": email}, 'GET')[0] new_hash = str(uuid.uuid4()) # set trash password in keystone keystone_user = utils.get_keystone_user_by_username(odb_user['username']) clients.admin_clients().keystone.users.update_password( keystone_user, new_hash) # set trash password in odb utils.neo4j_api_call( '/users', { 'id': odb_user['id'], 'login': odb_user['login'], 'username': odb_user['username'], 'email': odb_user['email'], 'passwordHash': utils.create_hashed_password(new_hash) }, 'PUT') # send trash password back to user msg = mail.Message('Password recovery', recipients=[odb_user['email']]) msg.body = flask.render_template('RecoveryPasswordFinishEmail/body.txt', new_pass=new_hash) utils.send_msg(msg) flask.flash('New password was sent to you', 'success') return flask.redirect(flask.url_for('dashboard'))