def make_password(plaintext): """Create hash password from plaintext Arguments: plaintext {String} -- Plaintext which to be hashed Returns: String -- Hash result """ return argon2.generate_password_hash(plaintext)
def sign_up(): req = request.get_json() username = req.get('username') password = req.get('password') if not username or not password: abort(400) password_hash = argon2.generate_password_hash(password) new_user = User(username=username.lower(), password_hash=password_hash) db.session.add(new_user) db.session.commit() access_token = create_access_token(identity=username) return jsonify(access_token=access_token), 200
def password(self, password): """Hash password""" self._password = argon2.generate_password_hash(password)
def set_password(self, password): self.password_hash = argon2.generate_password_hash(password)
def set_password(self, password, initial=False): self.password_hash = argon2.generate_password_hash(password) if initial: self.password_last_updated = datetime.now()
def user_operation(): # To register a new user. if request.method == 'POST': content = None try: content = flask.request.get_json(force=True, silent=False, cache=True) except BaseException: return flask.jsonify( result='error', msg=eval("{'request': \"Wrong json format\"}")) if content.get("password") == None: password = None else: if len(content.get("password")) < 8: password = content.get("password") else: # password=hashlib.md5((content.get("password")+'athletehq').encode("utf-8")).hexdigest() password = argon2.generate_password_hash( (content.get("password")).encode("utf-8")) new_user = User(password=password, email=content.get("email"), rfidTag=content.get("RFID"), role=content.get("role"), expireTime=datetime.utcnow()) new_info = AthleteInfo(athlete=content.get("email"), genTime=datetime.utcnow()) try: new_user.save() new_info.save() except ValidationError as e: return flask.jsonify(result='error', msg=e.to_dict()) except NotUniqueError as e2: return flask.jsonify( result='error', msg=eval("{'email': \"Account already exists\"}")) return flask.jsonify(result='succeed') # To query all registered users. -->Only for testing. if request.method == 'GET': users = User.query_users() str = '' response = {} counter = 0 for user in users: counter += 1 response[counter] = userToString(user) return flask.jsonify(allUsers=response) # User update his/her account information, including change password, role, and rfidTag if request.method == 'PUT': content = None try: content = flask.request.get_json(force=True, silent=False, cache=True) except BaseException: return flask.jsonify( result='error', msg=eval("{'request': \"Wrong json format\"}")) try: email = content.get("email") password = content.get("password") except Exception: return flask.jsonify( result='error', msg='Request should contain email and password.') else: user = models.get_user().find({"email": email}) if user and user.count() != 0 and argon2.check_password_hash( user[0]["password"], password): newrfidTag = content.get("newRFID") if newrfidTag == None: newrfidTag = user[0]["rfidTag"] newPassword = content.get("newPassword") if newPassword == None: newPassword = user[0]["password"] else: if len(newPassword) < 8: return flask.jsonify( result='error', msg= "Password length must be longer than 8 characters." ) else: newPassword = argon2.generate_password_hash( (content.get("newPassword")).encode("utf-8")) newRole = content.get("newRole") if newRole == None: newRole = "" if newRole not in ["", "Not Set", "Coach", "Athlete"]: return flask.jsonify( result="error", msg= "new role must be one of 'Coach', 'Athlete','Not Set'") if (newRole == 'Athlete' or 'Not Set') and user[0]["role"] == 'Coach': return flask.jsonify( result='error', msg= 'Currently, a Coach is not allowed to change his/her role to an Athlete.' ) if newRole == '': newRole = "Not Set" try: print(newRole) models.get_user().update({"email": email}, { "$set": { "password": newPassword, "role": newRole, "rfidTag": newrfidTag } }) print(newPassword) return flask.jsonify(result='succeed') except Exception as e: return flask.jsonify(result='error', msg=e.__str__()) else: return flask.jsonify(result="error", msg="Check your email and password.") # User delete his/her account, all information and linked relationships will be deleted. if request.method == 'DELETE': content = None try: content = flask.request.get_json(force=True, silent=False, cache=True) except BaseException: return flask.jsonify( result='error', msg=eval("{'request': \"Wrong json format\"}")) try: email = content.get("email") password = content.get("password") except Exception: return flask.jsonify( result='error', msg='Request should contain email and password.') else: users = models.get_user().find({"email": email}) if users and users.count() != 0 and argon2.check_password_hash( users[0]["password"], password): user = users[0] hisCouches = models.get_athleteInfo().find({"athlete": email })[0]["coaches"] for coach in hisCouches: result = unlink(email, coach) if result == 1: continue else: return flask.jsonify(result='error', msg='Failed, try it later.') coaches = models.get_coach().find({"email": email}) for coach in coaches: hisAthletes = coach['athletes'] for athlete in hisAthletes: result = unlink(email, athlete) if result == 1: continue else: return flask.jsonify(result='error', msg='Failed, try it later.') try: models.get_athleteInfo().remove({"athlete": email}) models.get_coach().remove({"email": email}) models.get_user().remove({"email": email}) except Exception as e: return flask.jsonify(result='error', msg='Failed, try it later.') else: return flask.jsonify(result='succeed') else: return flask.jsonify(result="error", msg="Check your email and password.") return flask.jsonify(result='error', msg='Method not allowed.')