def post(self): kwargs = {} username = self.request.get('username') password = self.request.get('password') kwargs['username'] = username user = User.get_by_key_name(username) if user: h = user.password_hash_salt if not hashing.valid_pw(username, password, h): kwargs['password_error'] = "Invalid Password" else: kwargs['username_error'] = "Invalid Username" error_dict = {'username_error', 'password_error'} if error_dict & set(kwargs.keys()) != set(): self.render("login.html", **kwargs) else: # create cookie using hashed id hashed_cookie = hashing.make_secure_val(username) self.response.headers.add_header('Set-Cookie', 'username={}; ' 'Path=/'.format(hashed_cookie)) self.redirect("/welcome")
def post(self): kwargs = {} username = self.request.get('username') password = self.request.get('password') verify = self.request.get('verify') email = self.request.get('email') username_taken = User.get_by_key_name(username) valid_username = validation.valid_username(username) valid_password = validation.valid_password(password) valid_verify = (verify == password) valid_email = True if email: valid_email = validation.valid_email(email) kwargs['username'] = username kwargs['email'] = email if username_taken: kwargs['username_exists'] = "That user already exists" if not valid_username: kwargs['username_error'] = "That's not a valid username" if not valid_password: kwargs['password_error'] = "That wasn't a valid password" if not valid_verify: kwargs['verify_error'] = "Your passwords didn't match" if not valid_email: kwargs['email_error'] = "That's not a valid email" error_dict = {'username_exists', 'username_error', 'password_error', 'verify_error', 'email_error' } # check if any error messages are in kwargs if error_dict & set(kwargs.keys()) != set(): self.render("signup.html", **kwargs) else: # salt and hash password password_hash_salt = hashing.make_pw_hash(username, password) # create new user new_user = User(key_name=username, username=username, password_hash_salt=password_hash_salt, email=email ) new_user.put() # create cookie using hashed id hashed_cookie = hashing.make_secure_val(username) self.response.headers.add_header('Set-Cookie', 'username={}; ' 'Path=/'.format(hashed_cookie)) self.redirect("/welcome")
def post(self): user_username = self.request.get('username') user_password = self.request.get('password') user_verify = self.request.get('verify') user_email = self.request.get('email') username = valid_username(user_username) password = valid_password(user_password) if (user_verify != user_password): verify = None else: verify = user_verify if (user_email): email = valid_email(user_email) else: email = 'not_supplied' err_uname_ = "" err_pwd_ = "" err_ver_ = "" err_email_ = "" if not (username): err_uname_ = "That's not a valid username." if not (password): err_pwd_ = "That wasn't a valid password." if not (verify): err_ver_ = "Your passwords didn't match." if not (email): err_email_ = "That's not a valid email." if (username): username_query = db.GqlQuery( "SELECT * FROM BlogUser WHERE user_id=:1", user_username) username_used = username_query.fetch(1) if (username_used): username_new = False err_uname_ = "That user already exits" else: username_new = True if not (username and password and verify and email and username_new): self.write_form(err_uname_, err_pwd_, err_ver_, err_email_, user_username, user_email) else: this_user = BlogUser(user_id=user_username, user_pw=make_pw_hash(user_username, user_password), user_em=user_email) this_user.put() self.response.headers.add_header( 'Set-Cookie', 'user_id=%s; Path=/' % str(make_secure_val(user_username))) self.redirect("/blog/welcome")
def post(self): user_username = self.request.get('username') user_password = self.request.get('password') username_query = db.GqlQuery("SELECT * FROM WikiUser WHERE user_id=:1", user_username) this_user = username_query.fetch(1) if (this_user and valid_pw(user_username, user_password, this_user[0].user_pw)): self.response.headers.add_header('Set-Cookie','user_id=%s; Path=/' % str(make_secure_val(user_username))) self.redirect("/wiki/") else: self.write_form("Invalid login")
def post(self): user_username = self.request.get('username') user_password = self.request.get('password') user_verify = self.request.get('verify') user_email = self.request.get('email') error_username = '' dubName = list(db.GqlQuery('SELECT * FROM User WHERE username = :1', user_username)) if dubName and user_username == dubName[0].username: error_username = '******'s already been taken.' if error_username != '' or not valid_username(user_username) or not valid_password(user_password) or user_password != user_verify or not valid_email(user_email): if not valid_username(user_username) or not user_username: error_username = '******'s not a valid username.' elif error_username == 'That name\'s already been taken.': error_username = '******'s already been taken.' else: error_username = '' if not valid_password(user_password) or not user_password: error_password = '******'t a valid password.' else: error_password = '' if user_password != user_verify and error_password == '': error_verify = 'Your passwords didn\'t match.' else: error_verify = '' if not user_email or valid_email(user_email): error_email = '' else: error_email = 'That\'s not a valid email.' self.write_body(username=user_username, error_username=error_username, error_password=error_password, error_verify=error_verify, email=user_email, error_email=error_email) else: user_db = User(username=user_username, password=make_pw_hash(user_username, user_password), email=user_email) user_db.put() # Add user to database self.response.headers.add_header('Set-Cookie', 'username=%s; Path=/' % make_secure_val(str(user_username))) page = self.request.get('page') if not page: page = '/' self.redirect(page) # Set cookie and redirect to page they were previously on
def post(self): user_username = self.request.get('username') user_password = self.request.get('password') if self.request.cookies.get('username', '') != '': self.redirect('/blog/welcome') user = list(db.GqlQuery('SELECT * FROM User WHERE username = :1', user_username)) if user and valid_pw(user[0].username, user_password, user[0].password): self.response.headers.add_header('Set-Cookie', 'username=%s; Path=/' % make_secure_val(str(user_username))) self.redirect('/blog/welcome') else: error = 'Invalid Login' self.write_body(error)
def get(self): self.response.headers["Content-Type"] = 'text/plain' visits = 0 visit_cookie_str = self.request.cookies.get("visits") if visit_cookie_str: cookie_val = hashing.check_secure_val(visit_cookie_str) if cookie_val: visits = int(cookie_val) visits += 1 new_cookie_val = hashing.make_secure_val(str(visits)) self.response.headers.add_header("Set-Cookie", 'visits=%s' % new_cookie_val) if visits > 20: self.write("You are the best ever") else: self.write("You've been here %s times!" % visits)
def set_cookie(self, username=''): self.response.headers.add_header( 'Set-Cookie', str('username=%s; Path=/' % make_secure_val(username)))
def test_make_secure_val(self): h = "test|cea6b92de1c15cfdbcf333982d340d3f" assert make_secure_val("test") == h