def adduser(username, password, email, superuser, verified): """ Adds a user to the registry. """ if not username: username = input('Username? ') if models.User.objects(name=username).first(): print('User {} already exists'.format(username)) return 1 if not password: password = input('Password? ') if input('Confirm Password? ') != password: print('passwords do not match') if not email: email = input('Email? ') if models.User.objects(email=email).first(): print('Email {} already in use'.format(email)) return 1 user = models.User(username, models.hash_password(password), email, superuser=superuser, validated=verified) user.save() print('User created.')
def post(self): session = Session() args = user_put_args.parse_args() exist = User(username=args['username'], password=hash_password(args['password'])) session.add(exist) session.commit() return exist, 201
def put(self): session = Session() args = user_update_args.parse_args() # result = session.query(User).filter_by(id=user_id).first() exist = auth.current_user() if not exist: abort(404, message="User doesn't exist, cannot update") if args['username']: exist.username = args['username'] if args['password']: exist.password = hash_password(args['password']) exist = session.merge(exist) session.add(exist) session.commit() return exist
def post(self): username = request.form.get('username') password = request.form.get('password') email = request.form.get('email') if not username or len(username) < 3 or len(username) > 24: return bad_requests('No or invalid username specified') if not password or len(password) < 6 or len(password) > 64: return bad_requests('No or invalid password specified') if not email or len(email) < 4 or len(email) > 64: return bad_requests('No or invalid email specified') user = User.objects(name=username).first() if user: return bad_request('User "{}" already exists'.format(username)) if User.objects(email=email).first(): return bad_request('Email "{}" is already in use'.format(email)) # TODO: Validate that `email` is a valid email address. if not config.accept_registrations: return bad_request('New user registrations are currently not accepted. ' 'Talk to the registry admin to manually create an account for you.') # Create the new user object. user = User(name=username, passhash=models.hash_password(password), email=email, validation_token=None, validated=False) if not config.require_email_verification: user.validated = True else: try: user.send_validation_mail() except ConnectionRefusedError as exc: app.logger.exception(exc) return service_unavailable('Verification e-mail could not be sent, ' 'the server\'s email settings may not be configured properly.') user.save() message = 'User registered successfully.' if not user.validated: message += ' Please check your inbox (and spam folder) for a verification e-mail.' if app.debug and not user.validated: message += ' DEBUG: Verify URL: {}'.format(user.get_validation_url()) return {'message': message}
async def register(request): """ Validate form, register and authenticate user with JWT token """ results = await User.all() data = await request.form() form = RegistrationForm(data) username = form.username.data email = form.email.data password = form.password.data if request.method == "POST" and form.validate(): for result in results: if email == result.email or username == result.username: user_error = "User with that email or username already exists." return templates.TemplateResponse( "accounts/register.html", { "request": request, "form": form, "user_error": user_error }, ) query = User( username=username, email=email, joined=datetime.datetime.now(), last_login=datetime.datetime.now(), login_count=1, password=hash_password(password), ) await query.save() user_query = await User.get(username=username) hashed_password = user_query.password valid_password = check_password(password, hashed_password) response = RedirectResponse(url="/", status_code=302) if valid_password: response.set_cookie("jwt", generate_jwt(user_query.username), httponly=True) response.set_cookie("admin", ADMIN, httponly=True) return response return templates.TemplateResponse("accounts/register.html", { "request": request, "form": form })
def settings(): user = User.selectBy(username=request.username).getOne(None) if not user: abort(403) errors = { 'password_error': '', 'color_error': '', 'general_error': '', } if request.method == 'POST': print 'settings!' updates = {} old_password = request.POST.get('old_password', '') new_password = request.POST.get('new_password', '') # password if old_password or new_password: if not user.check_password(old_password): errors['password_error'] = 'Incorrect password' else: updates['password'] = hash_password(new_password) # color color = request.POST.get('color', '') if color: try: if len(color) == 6 and (int(color, 16) or color == '000000'): updates['color'] = color.lower() else: errors['color_error'] = 'A 6 digit hex number is required' except ValueError: errors['color_error'] = 'Not a valid hexidecimal number' print updates if updates: user.set(**updates) return context(user=user, **errors)
def login(self): login_url = self.request.route_url("login") referrer = self.request.url if referrer == login_url: referrer = '/' # never use the login form itself as came_from came_from = self.request.params.get('came_from', referrer) message = '' username = '' password = '' form = LoginView.Form(self.request.POST) if self.request.method == 'POST' and form.validate(): username = form.username.data password = hash_password(form.password.data) if User.exist(username) and User.by_username(username).password == password: headers = remember(self.request, username) return HTTPFound(location=came_from, headers=headers) message = "Failed login" return dict( message=message, url=self.request.route_url('login'), came_from=came_from, form=form, logged_in=authenticated_userid(self.request), )
def test_password_hashing(self): u = User(username='******') u.set_password('cat') self.assertFalse(u.check_password(hash_password('dog'))) self.assertTrue(u.check_password(hash_password('cat')))
def hash_pw(username, password): return models.hash_password(password)