コード例 #1
0
ファイル: pasta.py プロジェクト: copypasta/copypasta
    def POST(self):
        global session
        error = ""
        form = loginform()
        if not form.validates():
            return render.login(form, error)
        else:

            try:
                userinfo = userdb.select('users', where='user=$form.d.username', vars=locals())

                userinfo = userinfo[0]

                password = userinfo.password
                salt = userinfo.salt

                hashed_password = hashlib.sha512(form.d.password + salt).hexdigest()

                if hashed_password == password:
                    print session.session_id
                    session.user = form.d.username
                    session.codecreated = userinfo.codecreated
                    session.loggedin = True
                    print session.session_id
                    model.set_owner(session.session_id, getuser())
                    raise web.seeother('/')
                else:
                    form = loginform()
                    error = "Login is invalid, please try again"
                    return render.login(form, error)
            except:
                form = loginform()
                error = "Login process failed"
                return render.login(form, error)
コード例 #2
0
ファイル: pasta.py プロジェクト: copypasta/copypasta
    def POST(self):
        form = signupform()
        if not form.validates():
            return render.signupform(form, "Please provide correct inputs")
        else:
            try:
                userdb.select('users', where='user=$form.d.username', vars=locals())[0]
                return render.signupform(form, "Username exists, pick a new one please")
            except:
                #create a secure password and store it
                newsalt = uuid.uuid4().hex
                hashed_password = hashlib.sha512(form.d.password + newsalt).hexdigest()

                userdb.insert('users', user=form.d.username, password=hashed_password, salt=newsalt, secretcode=str(uuid.uuid4()))

                session.user = form.d.username
                session.loggedin = True
                model.set_owner(session.session_id, getuser())
                raise web.seeother('/')