def add_role(self, db=None, **kwargs):
Role = self.models['system']['Role']
with DBConn.ensure_session(db) as db:
role = Role(**kwargs)
db.add(role)
db.commit()
return role
def add_user(self, login, password, db=None, role_names=None):
with DBConn.ensure_session(db) as db:
user = self._User(login=login)
user.set_password(password)
db.add(user)
roles = self.add_roles(db, role_names)
user.roles = roles
db.commit()
return user
def check_user(self, login, password, db=None):
User = self._User
with DBConn.ensure_session(db) as db:
user = db.query(User).filter(User.login == login).first()
if not user:
return
if not user.check_password(password):
return
return user
def reset_password(self, token, login, password, db=None):
with DBConn.ensure_session(db) as db:
token_hash = generate_password_hash(token, method='plain')
token = db.query(self._Token).get(token_hash)
if (token is None or not token.valid
or not token.description['purpose'] == 'password'
or token.description['login'] != login):
return False
user = db.query(self._User).get(login)
user.set_password(password)
token.use()
db.commit()
return True
def register_user(self, token, login, password, db=None):
with DBConn.ensure_session(db) as db:
token_hash = generate_password_hash(token, method='plain')
token = db.query(self._Token).get(token_hash)
if (token is None or not token.valid
or not token.description['purpose'] == 'registration'):
return None
user = self.add_user(login,
password,
role_names=token.description['roles'],
db=db)
if user is not None:
token.use()
db.commit()
return user
def _add_token(self,
name,
description,
roles=None,
uses=None,
time_limit=None,
db=None):
with DBConn.ensure_session(db) as db:
token_obj = self._Token(name=name,
infinite=uses is None,
uses=uses,
time_limit=time_limit,
description=description)
token_hash = token_obj.get_token()
db.add(token_obj)
db.commit()
return token_hash
