def update(self, db: dataset.Database): user_table: dataset.Table = db.create_table("users") user_table.upsert({ "email": self._email, "name": self._name, "password": encrypt(self._password), "aws_access_key_id": encrypt(self._aws_access_key_id), "aws_secret_key": encrypt(self._aws_secret_key), "aws_region": encrypt(self._aws_region)}, ['email'])
def validate_user_rights(self, request_data, _session_db, caller_name): valid_session_data = None session_user = None if hasattr(request_data, "session_token"): session_user = gen.validate_user_rights(_session_db, request_data.session_token, caller_name) if session_user is False: valid_session_data = login.InvalidSessionToken() logger.logKnowledge( "info", "invalid_user_session", "user:%s, caller_name:%s, request:%s" % (session_user, caller_name, request.url)) print valid_session_data, session_user if valid_session_data is None and session_user is not False: if hasattr(request_data, "request"): if hasattr(request_data.request, "password") and type( request_data.request) != consoleadmin.SaveDBServer: print "password validation" enc_pwd = encrypt(request_data.request.password) if gen.verify_password(_session_db, session_user, enc_pwd) == 0: valid_session_data = login.InvalidPassword() logger.logKnowledge( "info", "invalid_user_password", "user:%s, caller_name:%s, request:%s" % (session_user, caller_name, request.url)) return valid_session_data, session_user
def process_mobile_login(db, request, session_user_ip): login_type = request.login_type username = request.username password = request.password encrypt_password = encrypt(password) try: response = verify_login(db, username, encrypt_password) is_success = response[0] if is_success is False: return login.InvalidCredentials(None) username = response[2] verified_login = response[3] user_info = response[4] forms = response[5] user_category_id = verified_login.get('user_category_id') if is_success is False and username is None: return login.InvalidCredentials(None) if is_success: if user_category_id == 3: return mobile_user_login_respone(db, login_type, session_user_ip, user_info, forms) else: return login.InvalidCredentials(None) except Exception, e: print e
def process_verify_password(db, request, user_id): password = request.password encrypt_password = encrypt(password) response = verify_password(db, user_id, encrypt_password) if response == 0: return generalprotocol.InvalidPassword() else: return generalprotocol.VerifyPasswordSuccess()
def verify_password(db, user_id, password): ec_password = encrypt(password) q = "SELECT username from tbl_user_login_details where user_id = %s and password = %s" data_list = db.select_one(q, [user_id, ec_password]) if data_list is None: return False else: return True
def check_already_used_password(db, password, user_id): result = db.call_proc("sp_forgot_password_old_pass_check", ( encrypt(password), user_id, )) print "len(result)--", len(result) if len(result) > 0: return False else: return True
def verify_new_password(db, new_password, user_id): encrypted_password = encrypt(new_password) row = db.call_proc("sp_verify_password", ( user_id, encrypted_password, )) if (int(row[0]["count"]) <= 0): return True else: return False
def process_reset_password(db, request): user_id = validate_reset_token(db, request.reset_token) if user_id is not None: if check_already_used_password(db, encrypt(request.new_password), user_id): update_password(db, request.new_password, user_id) delete_used_token(db, request.reset_token) return clientlogin.ResetPasswordSuccess() else: return clientlogin.EnterDifferentPassword() else: return clientlogin.InvalidResetToken()
def verify_password(db, password, user_id): print password encrypted_password = encrypt(password) print encrypted_password row = db.call_proc("sp_verify_password", ( user_id, encrypted_password, )) if (int(row[0]["count"]) <= 0): return False else: return True
def process_save_logindetails(db, request, company_id): username = request.username password = request.password # duplication username validation if check_username_duplicate(db, username) is False: return clientlogin.UsernameAlreadyExists() else: encrypt_password = encrypt(password) token = request.token if save_login_details(db, token, username, encrypt_password, company_id): return clientlogin.SaveRegistrationSuccess() else: return clientlogin.InvalidSessionToken()
def update_password(db, password, user_id): result = db.call_proc_with_multiresult_set( "sp_tbl_user_login_details_update", (user_id, encrypt(password)), 1) if len(result) == 0: raise fetch_error() employee_name = result[0][0]["username"] action = "\"%s\" has updated his/her password" % (employee_name) db.save_activity(user_id, 0, action) if result: return True else: return False
def process_login(db, request, client_id, session_user_ip): login_type = request.login_type username = request.username short_name = request.short_name encrypt_password = encrypt(request.password) user_ip = session_user_ip user_id = verify_username(db, username) if user_id is None: return clientlogin.InvalidCredentials(None) else: response = verify_login(db, username, encrypt_password) print response if response is False: return invalid_credentials(db, user_id, session_user_ip) elif response == "blocked" or response == "disabled": return clientlogin.DisabledUser() else: delete_login_failure_history(db, user_id) return user_login_response(db, response, client_id, user_ip, short_name, login_type.lower())