def sample_data(engine):
admin_pass = sha256_crypt.hash('admin')
user_pass = sha256_crypt.hash('user')
conn = engine.connect()
conn.execute(users.insert(), [
{'login': '******',
'password': admin_pass,
'first_name': 'admin',
'last_name': 'admin',
'birthday': datetime.strptime('01-01-1970', '%d-%m-%Y').date()
},
{'login': '******',
'password': user_pass,
'first_name': 'user',
'last_name': 'user',
'birthday': datetime.strptime('11-11-2001', '%d-%m-%Y').date()
},
])
conn.execute(permissions.insert(), [
{'users_id': 1, 'role': PermEnum.ADMIN},
{'users_id': 2, 'role': PermEnum.READONLY},
])
conn.close()
async def registration(request):
form = forms.LoginForm()
if request.method == 'POST':
location = request.app.router['index'].url_for()
response = web.HTTPFound(location=location)
form = await request.post()
login = form.get('login')
password = form.get('passwd')
login, passwd = login, sha256_crypt.hash(password)
user_obj = UsersObj(login, passwd)
async with request.app['database'].acquire() as conn:
await conn.execute(
insert(Users).values(login=user_obj.login,
passwd=user_obj.passwd))
try:
if await check_credentials(request.app['database'], login,
password):
await remember(request, response, login)
location = request.app.router['index'].url_for()
return web.HTTPFound(location=location)
raise web.HTTPUnauthorized()
except web.HTTPUnauthorized:
location = request.app.router['login'].url_for()
return web.HTTPFound(location=location)
return render_template('registration/registration.html', request,
{'form': form})
def test_user_login(self):
with closing(self.conn.cursor()) as cursor:
cursor.execute(
"CREATE TABLE users(id serial, username varchar(40), password varchar(255))"
)
cursor.execute("INSERT INTO users VALUES (1, 'tester', %s)",
[sha256_crypt.hash('testing')])
response = self.user_service.check_user_login('tester', 'testing')
self.assertEqual(response, 1)
def create_user(login: str, password: str, is_superuser: bool) -> None:
engine = sa.create_engine(settings.DATABASE.DSN)
with engine.connect() as conn:
conn.execute(
users.insert(
{
'login': login,
'passwd': sha256_crypt.hash(password),
'is_superuser': is_superuser,
}, ), )
def init_admin(self):
random_string = Util.randomString()
user = User()
user.username = '******'
user.password = sha256_crypt.hash(random_string)
print("Admin password is '%s'" % random_string)
user.firstname = 'admin'
user.lastname = 'admin'
self.write_user(user)
def register_test():
username=request.form.get('username')
password=request.form.get('password')
email=username+'@1779.com'
hashpassword=sha256_crypt.hash(str(password))
new_user=User(email=email,username=username,password=hashpassword)
db.session.add(new_user)
try:
db.session.commit()
return json.dumps({'Success':'You are now registered successfully and can log in'})
except:
db.session.rollback()
return json.dumps({'Error':'Register Failed'})
def create_user(self, username, password):
"""
Creates a gamed based on user_id
:param username: user unique identifier
:param password: users password
:return: boolean
"""
password_crypt = sha256_crypt.hash(password)
if self.user_repository.insert_user(username, password_crypt):
return True
return False
def post(self):
incoming_json = request.get_json()
errors = check_json_object(incoming_json, ["users", "services"], "Could not find {} at the incoming json object.")
if len(errors) > 0:
log("[API][RegisterHandler] Could not process the request: {}".format(errors), LogLevel.INFO, self.post)
return 0
errors += check_json_object(incoming_json['users'], ["email", "password"], "Missing {} for the user credentials")
if len(errors) > 0:
log("[API][RegisterHandler] Could not process the request: {}".format(errors), LogLevel.INFO, self.post)
return 0
errors += check_json_object(incoming_json['services'], services_credentials,
message="Missing {} for the services credentials")
if len(errors) > 0:
log("[API][RegisterHandler] Could not process the request: {}".format(errors), LogLevel.INFO, self.post)
return 0
log("[API][RegisterHandler] Registering new Client: {}".format(incoming_json['users']['email']), LogLevel.INFO, self.post)
user = Users(email=incoming_json['users']['email'],
password=sha256_crypt.hash(str(incoming_json['users']['password'])))
try:
db.insert(user)
except Exception as e:
errors = [str(e)]
finally:
if user.item_id is None:
log("[API][RegisterHandler] Could not insert the user into the database, contact the server "
"administrator: {} ".format(errors), LogLevel.INFO, self.post)
return 0
server = Server(user_id=user.item_id,
server_ip=incoming_json['services']['ip'],
server_dns=incoming_json['services']['website'])
try:
db.insert(server)
except Exception as e:
errors = [str(e)]
finally:
if server.item_id is None:
log("[API][RegisterHandler] Could not insert the server into the database, contact the server "
"administrator: {} ".format(errors), LogLevel.INFO, self.post)
return 0
user_services = create_services_object(user_id=user.item_id, incoming_json=incoming_json,
server_id=server.item_id)
try:
db.insert(user_services)
except Exception as e:
errors = [str(e)]
finally:
if user_services.item_id is None:
log("[API][RegisterHandler] Could not insert the services into the database, contact the server "
"administrator: {} ".format(errors), LogLevel.INFO, self.post)
return 0
return 1
def register():
form = RegisterForm(request.form)
if request.method == 'POST' and form.validate():
name = form.name.data
email = form.email.data
username = form.username.data
password = sha256_crypt.hash(str(form.password.data))
if users_db.add_user(name, email, username, password):
flash('You are now registered and can log in', 'success')
else:
flash('Error adding user to database', 'error')
return redirect(url_for('login'))
return render_template('register.html', form=form)
def index():
"""This function returns the default registration page"""
error = None
if request.method == "POST":
entered_name = request.form['username']
entered_pw = request.form['pwd']
if check_pw(entered_pw):
hashed_pw = sha256_crypt.hash(entered_pw)
with open('passfile.txt', "a") as f:
f.writelines(hashed_pw + "\n")
f.close()
with open('usernames.txt', "a") as f:
f.writelines(entered_name + "\n")
f.close()
session['user'] = entered_name
return redirect((url_for('welcome')))
error = "You could not be registered"
return render_template('register.html', error=error)
async def create(self, request):
await check_permission(request, 'admin')
data = await get_data(request)
if data['login'] and data['password']:
data = dict(data)
data['password'] = sha256_crypt.hash(data['password'])
async with request.app.db_engine.acquire() as conn:
try:
cursor = await conn.execute(
db.users.insert().values(**data))
response = {'message': 'success'}
status = 201
except Exception as e:
response = {'error': str(e)}
status = 400
return web.json_response(response, status=status)
def login():
auth = request.form.to_dict()
if not auth or not auth['id'] or not auth['password']:
return fail_response({'message': 'Could not verify'}, 401)
user = User.query.filter_by(id=auth['id']).first()
if not user:
return fail_response({'message': 'Could not verify'}, 401)
if user.verify(auth['password']):
token = Token(token=sha256_crypt.hash(str(urandom(64))),
user_id=user.id)
db.session.add(token)
db.session.commit()
user = user.to_dict()
user['token'] = token.token
return success_response(user)
return fail_response({'message': 'Could not verify'}, 401)
def register():
form = RegisterForm(request.form)
if request.method == "POST" and form.validate():
name = form.name.data
surname = form.surname.data
email = form.email.data
password = sha256_crypt.hash(form.password.data)
cursor = mysql.connection.cursor()
emailSorgu = "Select * from Users Where Email=%s"
result = cursor.execute(emailSorgu, (email, ))
if result > 0:
flash("Bu e-posta adresi daha önce kullanılmış.", "danger")
return redirect(url_for("register"))
sorgu = "INSERT INTO users (Name,Surname,Email,Password,IsAdmin) values(%s,%s,%s,%s,0)"
cursor.execute(sorgu, (name, surname, email, password))
mysql.connection.commit()
cursor.close()
flash("Kaydınız başarıyla gerçekleşti.", "success")
return redirect(url_for("login"))
else:
return render_template("register.html", form=form)
def register():
utils.record_requests(app.config['INSTANCE_ID'])
if current_user.is_authenticated:
return redirect(url_for('dashboard'))
registerform=RegistrationForm(request.form)
if request.method == 'POST' and registerform.validate():
email=registerform.email.data
username=registerform.username.data
password=sha256_crypt.hash(str(registerform.password.data))
#into db
new_user=User(email=email,username=username,password=password)
db.session.add(new_user)
try:
db.session.commit()
print('-----already into database-----')
flash('You are now registered successfully and can log in', 'success')
return redirect(url_for('login'))
#redirect(url_for('home'))
except :
db.session.rollback()
print('-----rollback-----')
return render_template('register.html',form=registerform)
def changepwd():
"""This function returns the change password page"""
message = ''
if request.method == "POST":
newpwd = request.form.get('newPassword')
oldpwd = request.form.get('password')
#Confirm passwords match
if newpwd.lower() != oldpwd.lower():
message = "Passwords do not match.. Please try again"
print(request.remote_addr)
app.logger.error("(" + request.remote_addr + ")" + message)
elif is_common(newpwd):
message = "password is comonly used. Try again"
elif not check_pw(newpwd):
message = "Password does not meet complexity standards"
else:
hashed_pw = sha256_crypt.hash(newpwd)
with open('passfile.txt', "a") as f:
f.writelines(hashed_pw + "\n")
f.close()
return render_template('welcome.html')
return render_template('changepwd.html', message=message)
def post(self):
# Step 1 is to get posted data by the user
# postedData = request.get_json()
# # Get the data
# firstname = postedData["firstname"]
# lastname = postedData["lastname"]
# email = postedData["email"]
# phone = postedData["fromPhone"]
# username = postedData["username"]
# password = postedData["password"]
args = argParser.parse_args()
firstname = args.get("firstname")
lastname = args.get("lastname")
email = args.get("email")
phone = args.get("fromPhone")
username = args.get("username")
password = args.get("password")
network = getNetworkName(phone)
hashed_pw = sha256_crypt.hash(password)
users = UsersRegisteration(firstname,
lastname,
email,
phone,
username,
hashed_pw,
network,
balance=0.0,
debt=0.0)
if UserExist(phone):
return jsonify(
generateReturnDictionary(400, "Username/Phone Already Exists",
"FAILURE"))
# Store username,pw, phone, network into the database
try:
mongo.db.Register.insert_one({
"FirstName": users.firstname,
"LastName": users.lastname,
"Email": users.email,
"Phone": users.phone,
"Network": users.network,
"Username": users.username,
"Password": users.hashed_pw,
"Balance": users.balance,
"Debt": users.debt,
"DateCreated": date_time(),
"DateUpdated": date_time(),
"apiKeys": generateApiKeys()
})
retJson = {
"code": 201,
"msg": "You successfully signed up for mobile money wallet",
"status": "SUCCESS"
}
return jsonify(retJson)
except Exception as e:
retJson = {
"code": 409,
"msg":
"There was an error while trying to create your account -> , try again!",
"status": "FAILURE: {0}".format(e.message)
}
return jsonify(retJson)
def crypt_password(password):
return sha256_crypt.hash(str(password))
def register_student():
form = StudentForm(request.form)
year = ['1', '2', '3']
study_type = ['Bachelor', 'Master', 'Phd']
group = [
'A1', 'A2', 'A3', 'A4', 'A5', 'A6', 'A7', 'B1', 'B2', 'B3', 'B4', 'B5',
'B6', 'B7', 'E1', 'E2', 'E3', 'X1', 'X2', 'X3'
]
isRegistered = False
if form.validate():
if len(form.username.data) < 4 or len(form.username.data) > 20:
return render_template(
"register_student.html",
form=form,
error_format_username="******"
)
exist_student = studenti.query.filter_by(
name=form.username.data).first()
exist_nr_matricol = studenti.query.filter_by(
nr_matricol=sha256_crypt.hash(form.nr_matricol.data)).first()
if exist_student:
return render_template("register_student.html",
form=form,
error_msg="\n Enter another name!")
elif len(form.email.data) == 0:
return render_template("register_student.html",
form=form,
email_len="\n Enter an email address!")
elif email_validation(form.email.data) is False:
return render_template(
"register_student.html",
form=form,
email_invalid="\n Enter a correct email address!")
elif exist_nr_matricol:
return render_template(
"register_student.html",
form=form,
nr_matricol_error="\n This nr_matricol is already registered!")
elif len(form.nr_matricol.data) != 16:
return render_template(
"register_student.html",
form=form,
error_format_nr_matricol="Nr_matricol must have 16 characters!"
)
elif len(form.password.data) == 0:
return render_template("register_student.html",
form=form,
password_len="\n Enter a password!")
elif len(form.password.data) < 8:
return render_template(
"register_student.html",
form=form,
password_characters=
"\n Enter a password with at least 8 characters!")
elif form.password.data != form.confirm.data:
return render_template("register_student.html",
form=form,
password_match="\n Passwords must match!")
else:
student_entry = studenti(email=sha256_crypt.hash(form.email.data),
name=form.username.data,
nr_matricol=sha256_crypt.hash(
form.nr_matricol.data),
type=form.type.data,
year=form.year.data,
group=form.group.data)
student_entry.set_password(form.password.data)
db.session.add(student_entry)
db.session.commit()
isRegistered = True
# Send email confirmation to the new registered account
send_email(name=form.username.data, email=form.email.data)
return redirect(
url_for('login_student',
name=form.username.data,
isRegistered=isRegistered))
return render_template('register_student.html',
form=form,
year=year,
type=study_type,
group=group)
app.register_blueprint(user_bp, url_prefix='/user')
app.register_blueprint(admin_bp, url_prefix='/admin')
api = Api(app)
db = SQLAlchemy(app)
from .util.models import Users, Trucks, Ratings, Preferences, GraphData
db.create_all()
admin = Users.query.filter_by(username='******').first(
) # Checks if the admin account exists creates one if it
# doesn't.
if admin is None:
e = Users(username="******",
password=sha256_crypt.hash("password"),
email="*****@*****.**",
notifications=False,
perms=True)
db.session.add(e)
db.session.commit()
update_database()
email_clients()
@app.route('/', methods=['GET', 'POST'])
def index():
trucks = get_trucks()
form = RatingForm(meta={'csrf': False})
return f.render_template("pages/index.html", Trucks=trucks, form=form)
def hash_password(password: str) -> str:
return sha256_crypt.hash(password)