def signIn():
global user_session
_username = request.form['username']
_password = request.form['password']
_r = str(request.form['r'])
connection = mysql.connect()
cursor = connection.cursor()
query = "select salt from secure_login where MIS = '" + _username + "'"
cursor.execute(query)
data = cursor.fetchone()
if data is None:
return json.dumps({'status': 'Username does not exist'})
_password = _password + data[0]
_password = generate_hash.hash(_password)
query = "select * from secure_login where MIS = '" + _username + "' and password = '******'"
cursor.execute(query)
data = cursor.fetchone()
if data is not None:
global user_data
query = "select * from secure_data"
cursor.execute(query)
temp = {}
k = cursor.fetchone()
key = str(k[0])
#h = generate_hash.hash(str(data[3])+key)
temp['name'] = str(data[1])
temp['number'] = str(data[2])
temp['email'] = str(data[6])
temp['url'] = str(data[7])
temp['fg'] = str(data[8])
temp['mis'] = str(data[3])
temp['id'] = str(data[0])
temp['calcy_alp_gcc'] = False
temp['calcy_alp_cplus'] = False
temp['calcy_alp_java'] = False
temp['calcy_alp_py'] = False
temp['password'] = request.form['password']
resp = make_response(json.dumps({'status': '200'}))
if _r == '1':
expire_date = datetime.datetime.now()
expire_date = expire_date + datetime.timedelta(days=90)
resp.set_cookie('key',
request.cookies.get('key'),
expires=expire_date)
session[request.cookies.get('key')] = temp
#user_session['username'] = _username
return resp
else:
return json.dumps({'status': 'Incorrect Password'})
def change_pass_db():
connection = mysql.connect()
cursor = connection.cursor()
_passwd = request.form['form']
_salt = generate_random.generate_random()
_passwd = _passwd + _salt
_passwd = generate_hash.hash(_passwd)
id = request.form['id']
query = "update secure_login set password = '******' , salt = '" + _salt + "' , fg = '0' where id = '" + session[
id]['id'] + "'"
cursor.execute(query)
connection.commit()
return json.dumps({'status': '200'})
def forgot():
_mis = request.form['mis']
_email = request.form['username']
connection = mysql.connect()
cursor = connection.cursor()
query = "select id from secure_login where MIS = '" + _mis + "' and email = '" + _email + "'"
cursor.execute(query)
data = cursor.fetchone()
if data is None:
return json.dumps({'html': '404'})
_salt = generate_random.generate_random()
_pass = generate_random.generate_random()
_passwd = _pass + _salt
_passwd = generate_hash.hash(_passwd)
query = "update secure_login set salt = '" + _salt + "' , password = '******' , fg = '1' where MIS = '" + _mis + "' and email = '" + _email + "'"
cursor.execute(query)
connection.commit()
send_email.forgot(_email, _pass)
return json.dumps({'r': query})
def SignUp():
connection = mysql.connect()
cursor = connection.cursor()
_mis = request.form['mis']
_fname = request.form['f_name']
_passwd = request.form['passwd_reg']
_email = request.form['email_reg']
_phone = request.form['number_reg']
_salt = generate_random.generate_random()
_passwd = _passwd + _salt
_passwd = generate_hash.hash(_passwd)
os.makedirs(basedir + '/static/uploads/' + _mis)
os.makedirs(basedir + '/static/uploads/' + _mis + '/apps')
os.makedirs(basedir + '/static/uploads/' + _mis + '/calcy')
os.makedirs(basedir + '/static/uploads/' + _mis + '/store')
os.makedirs(basedir + '/static/uploads/' + _mis + '/share')
query = "INSERT INTO secure_login (email,password,salt,name,number,MIS) VALUES ('" + _email + "','" + _passwd + "','" + _salt + "','" + _fname + "','" + _phone + "','" + _mis + "' )"
cursor.execute(query)
connection.commit()
send_email.send_mail(_email)
return json.dumps({'status': '200'})