def post(self):
args = self.parser.parse_args()
status = "failure"
payload = jwt.decode(
request.headers.environ.get('HTTP_X_ACCESS_TOKEN'),
current_app.config['SECRET_KEY'])
user = User.query.filter_by(id=payload['id']).first()
if bcrypt.check_password_hash(user.password, args['old_password']):
if not bcrypt.check_password_hash(user.password,
args['new_password']):
if args['new_password'] == args['confirm_new_password']:
current_app.logger.info("%s has changed the password",
user.username)
user.update(password=bcrypt.generate_password_hash(
args['new_password'].encode("utf-8")).decode("utf-8"))
message = "Password is updated successfully"
status = "success"
else:
message = "New password and confirm new password are not matching for the user"
else:
message = "New password and old password should not be same"
else:
message = "Old password is not matching"
return marshal(respcls(message, status),
parentwrapper.common_response_wrapper,
skip_none=True)
def validate(self):
initial_validation = super(LoginForm, self).validate()
if not initial_validation:
return False
error_message = u'Invalid username or password.'
if current_app.config['POLYLOGYX_AUTH_METHOD'] == 'polylogyx':
self.user = User.query.filter_by(
username=self.username.data).first()
if not self.user:
from polylogyx.extensions import bcrypt
# avoid timing leaks
bcrypt.generate_password_hash(self.password.data)
self.username.errors.append(error_message)
return False
if not self.user.check_password(self.password.data):
self.username.errors.append(error_message)
return False
return True
elif current_app.config['POLYLOGYX_AUTH_METHOD'] == 'ldap':
result = ldap_manager.authenticate(self.username.data,
self.password.data)
if result.status == AuthenticationResponseStatus.fail:
self.username.errors.append(error_message)
return False
self.user = ldap_manager._save_user(result.user_dn, result.user_id,
result.user_info,
result.user_groups)
return True
elif current_app.config['POLYLOGYX_AUTH_METHOD'] is None:
return True
return False
def update_user(username, password, email):
from polylogyx.models import User
user = User.query.filter_by(username=username).first()
if not user:
raise ValueError("User with this username doesn't exists!")
# password = getpass.getpass(stream=sys.stderr)
try:
user.update(password=bcrypt.generate_password_hash(
password.encode("utf-8")).decode("utf-8"))
print("Successfully updated password for user {0}".format(
user.username))
except Exception as error:
print("Failed to create user {0} - {1}".format(username, error))
exit(1)
exit(0)
def check_password(self, value):
if not self.password:
# still do the computation
return bcrypt.generate_password_hash(value) and False
return bcrypt.check_password_hash(self.password, value)
def set_password(self, password):
self.update(
password=bcrypt.generate_password_hash(password).decode('utf-8'))
return
