def sendRequest(name): URL = 'http://d6c7f838.ngrok.io/recognised' name = BCryptSHA256PasswordHasher().encode( name, BCryptSHA256PasswordHasher().salt()) post_fields = json.dumps({'name': str(name), 'time': str(time.time())}) requests.post(URL, data=post_fields)
def set_pass(request): data = json.loads(request.body.decode('utf-8')) users_list = json.loads(serializers.serialize('json', User.objects.all())) for i in users_list: if BCryptSHA256PasswordHasher().verify(i['fields']['username'], data['id']): user = User.objects.get(username=i['fields']['username']) user.password = BCryptSHA256PasswordHasher().encode( data['password'], BCryptSHA256PasswordHasher().salt()) user.save() return JsonResponse({'ok': 'true'})
class UserSerializer(serializers.ModelSerializer): # encoder used in project encoder = BCryptSHA256PasswordHasher() password = serializers.CharField(write_only=True) class Meta: model = User fields = ( 'id', 'username', 'groups', 'is_superuser', 'password', "first_name", "last_name", ) def create(self, validated_data): # get and encode password password = validated_data.pop('password') hashed_password = self.encoder.encode(password, salt=self.encoder.salt()) # get and assign groups groups = validated_data.pop('groups') user = User.objects.create(password=hashed_password, **validated_data) user.groups.set(groups) user.save() return user
def recognised(request): if request.method == 'POST': obj = json.loads(request.body.decode('utf-8')) name = obj['name'] time = obj['time'] users = User.objects.values('surname') for user in users: if BCryptSHA256PasswordHasher().verify(user['surname'], name): if name == Seen.name: pass else: user = User.objects.get(surname=user['surname']) seen = SeenToday() seen.name = '{} {}'.format(user.name, user.surname) seen.status = user.status seen.time = time seen.save() print('saved!') return HttpResponse('Saved!') else: print(False) # try: # if User.objects.filter(surname=name).exists(): # user = User.objects.get(surname=name) # seen = Seen() # seen.name = '{} {}'.format(user.name, user.surname) # seen.status = user.status # seen.time = time # print('{} {} has entered recently'.format(user.name, user.surname)) # seen.save() # return HttpResponse('I feel good') # except: # return HttpResponse('All is not so good') return HttpResponse('All is not so good')
def login_user_api(request): if request.method == 'POST': data = json.loads(request.body.decode('utf-8')) if User.objects.filter(username=data['username']).exists(): user = User.objects.get(username=data['username']) bcr = BCryptSHA256PasswordHasher() if not user.password.startswith( 'bcrypt_sha256') and user.password == data['password']: hashed = bcr.encode(data['username'], bcr.salt()) return JsonResponse({ 'status': 200, 'user_id': f'{hashed}', 'password': '******' }) if bcr.verify(data['password'], user.password) == True: hashed = bcr.encode(data['username'], bcr.salt()) if user.superuser == 1: return JsonResponse({ 'status': 200, 'user_id': f'{hashed}' }) else: return JsonResponse({ 'status': 200, 'user_id': f'{hashed}' }) else: return JsonResponse({ 'status': 412, 'message': 'Password not match' }) else: return JsonResponse({'status': 412, 'message': 'User not found'})
def post(self, request): username = request.data["username"] password = request.data["password"] hasher = BCrypt() salt = hasher.salt() password_encoded = hasher.encode(password, salt) data = {"username": username, "password": password_encoded} serializer = UsersSerializer(data=data) try: serializer.is_valid(raise_exception=True) serializer.save() data = "user created" return Response(data=data, status=status.HTTP_201_CREATED) except ValidationError as e: data = str(e.__dict__["detail"]["username"][0]) return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def check(request): data = json.loads(request.body.decode('utf-8')) users_list = json.loads(serializers.serialize('json', User.objects.all())) for i in users_list: if BCryptSHA256PasswordHasher().verify(i['fields']['username'], data): if i['fields']['superuser'] == 1: return JsonResponse({'status': 'admin'}) else: return JsonResponse({'status': 'user'}) return JsonResponse({'ok': 'True'})
def users(request): users_list = json.loads( serializers.serialize('json', User.objects.all(), fields=('username', 'name', 'surname', 'status', 'team', 'project'))) data = json.loads(request.body.decode('utf-8')) for i in users_list: if BCryptSHA256PasswordHasher().verify(i['fields']['username'], data): del users_list[users_list.index(i)] return JsonResponse(users_list, safe=False)
def post(self, request): username = request.data["username"] password = request.data["password"] hasher = BCrypt() try: user = Users.objects.get(username=username) except Users.DoesNotExist: return Response( data="username does not exists", status=status.HTTP_400_BAD_REQUEST ) if hasher.verify(password, user.password): timestamp = datetime.datetime.utcnow() jwt = JwtHelper() data = { "JWT": jwt.tokenize(user=user, timestamp=timestamp), "timestamp": timestamp, } return Response(data=data, status=status.HTTP_200_OK) return Response( data="password does not match", status=status.HTTP_400_BAD_REQUEST )
def api_attendance(request): data = json.loads(request.body.decode('utf-8')) users_list = json.loads(serializers.serialize('json', User.objects.all())) for i in users_list: if BCryptSHA256PasswordHasher().verify(i['fields']['username'], data): users = json.loads( serializers.serialize("json", Seen.objects.all())) all_users = [x['fields']['name'].split(' ')[1] for x in users] once_users = list(dict.fromkeys(all_users)) obj = {} for i in once_users: obj.update({f'{i}': all_users.count(i)}) return JsonResponse(obj)
class RegisterSerializer(serializers.ModelSerializer): password = serializers.CharField(write_only=True) encoder = BCryptSHA256PasswordHasher() class Meta: model = User fields = ('username', 'password', 'email', 'first_name') def create(self, validated_data): password = validated_data.pop('password') hashed_password = self.encoder.encode(password, salt=self.encoder.salt()) user = User.objects.create(password=hashed_password, **validated_data) user.save() return user
def login_user(request): if request.method == 'POST': form = UserLogin(request.POST) if form.is_valid(): if User.objects.filter(username=request.POST['username']).exists(): user = User.objects.get(username=request.POST['username']) bcr = BCryptSHA256PasswordHasher() if bcr.verify(request.POST['password'], user.password) == True: request.session['user'] = user.username request.session.modified = True print(request.session['user']) return HttpResponseRedirect('/user/{}'.format(user.id)) else: messages.error(request, 'Incorrect password') return HttpResponseRedirect('#') else: messages.error(request, 'User not found') return HttpResponseRedirect('#') return HttpResponseRedirect('#') if request.method == 'GET': return render(request, 'login-user/index.html', {'form': UserLogin()})
def register(request): if request.method == 'GET': residents = User.objects.filter(status='resident').count() mentors = User.objects.filter(status='mentor').count() owners = User.objects.filter(status='owner').count() return render( request, 'register_user/index.html', { 'user_form': UserForm(), 'residents': residents, 'mentors': mentors, 'owners': owners }) if request.method == 'POST': f = UserForm(request.POST, request.FILES) if request.POST['password'] != request.POST['password_1']: messages.error(request, 'Passwords are not the same') return HttpResponseRedirect('#') if f.is_valid(): user = User() user.attendance = 0 user.superuser = 0 user.name = request.POST['name'] user.surname = request.POST['surname'] user.username = request.POST['username'] bcr = BCryptSHA256PasswordHasher() hashed = bcr.encode(request.POST['password'], bcr.salt()) user.password = hashed user.status = request.POST['status'] date = datetime.datetime.strptime(request.POST['date'], '%Y-%m-%d') user.birth_date = date user.email = request.POST['email'] user.specialization = request.POST['specialization'] user.team = request.POST['team'] user.project = request.POST['project'] user.profile_photo = request.FILES['profile_photo'] user.save() return HttpResponseRedirect('/{}s'.format(user.status))
def test_bcryptsha256_salt_check(self): hasher = BCryptSHA256PasswordHasher() encoded = hasher.encode("lètmein", hasher.salt()) self.assertIs(hasher.must_update(encoded), False)
import logging from django.contrib.auth.models import User from django.contrib.auth.hashers import BCryptSHA256PasswordHasher from rest_framework import serializers from rest_framework_simplejwt.serializers import TokenObtainSlidingSerializer # new from .models import BankInfo import requests import os hasher = BCryptSHA256PasswordHasher() logger = logging.getLogger('testlogger') class UserSerializer(serializers.ModelSerializer): password1 = serializers.CharField(write_only=True) password2 = serializers.CharField(write_only=True) email = serializers.EmailField() def validate(self, data): if data['password1'] != data['password2']: raise serializers.ValidationError({'password2': 'not-match'}) if User.objects.filter(username=str(data['username'])).exists(): raise serializers.ValidationError({'username': '******'}) return data def create(self, validated_data): data = { key: value
def user_info(request): data = json.loads(request.body.decode('utf-8')) users_list = json.loads(serializers.serialize('json', User.objects.all())) for i in users_list: if BCryptSHA256PasswordHasher().verify(i['fields']['username'], data): return JsonResponse(i)