def set_password(password, user):
pwfields = Bunch()
pwfields.algorithm = "pbkdf2"
pwfields.hashfunc = "sha256"
#hashfunc = getattr(hashlib, pwfields.hashfunc)
# Encoding it to base64 makes storing it in json much easier
pwfields.salt = base64.b64encode(os.urandom(32))
# https://forums.lastpass.com/viewtopic.php?t=84104
pwfields.iterations = 100000
pwfields.keylength = 32
pwfields.created_ts = timestamp()
# One more check on password length
assert len(password) >= 6, "Password shouldn't be so short here"
logger.debug("pwfields:", vars(pwfields))
logger.debug("locals:", locals())
enc_password = Password(password, pwfields.salt, pwfields.iterations,
pwfields.keylength, pwfields.hashfunc)
pwfields.password = enc_password.password
pwfields.encrypt_time = enc_password.encrypt_time
user.password = json.dumps(
pwfields.__dict__,
sort_keys=True,
)
def set_password(password, user):
pwfields = Bunch()
pwfields.algorithm = "pbkdf2"
pwfields.hashfunc = "sha256"
#hashfunc = getattr(hashlib, pwfields.hashfunc)
# Encoding it to base64 makes storing it in json much easier
pwfields.salt = base64.b64encode(os.urandom(32))
# https://forums.lastpass.com/viewtopic.php?t=84104
pwfields.iterations = 100000
pwfields.keylength = 32
pwfields.created_ts = timestamp()
# One more check on password length
assert len(password) >= 6, "Password shouldn't be so short here"
logger.debug("pwfields:", vars(pwfields))
logger.debug("locals:", locals())
enc_password = Password(password,
pwfields.salt,
pwfields.iterations,
pwfields.keylength,
pwfields.hashfunc)
pwfields.password = enc_password.password
pwfields.encrypt_time = enc_password.encrypt_time
user.password = json.dumps(pwfields.__dict__,
sort_keys=True,
)
def get_attributes(self):
"""Finds which extra attributes apply to this dataset"""
# Get attribute names and distinct values for each attribute
results = g.db.execute(
'''
SELECT DISTINCT CaseAttribute.Id, CaseAttribute.Name, CaseAttributeXRefNew.Value
FROM CaseAttribute, CaseAttributeXRefNew
WHERE CaseAttributeXRefNew.CaseAttributeId = CaseAttribute.Id
AND CaseAttributeXRefNew.InbredSetId = %s
ORDER BY lower(CaseAttribute.Name)''',
(str(self.dataset.group.id), ))
self.attributes = {}
for attr, values in itertools.groupby(results.fetchall(), lambda row:
(row.Id, row.Name)):
key, name = attr
self.attributes[key] = Bunch()
self.attributes[key].name = name
self.attributes[key].distinct_values = [
item.Value for item in values
]
self.attributes[key].distinct_values = natural_sort(
self.attributes[key].distinct_values)
all_numbers = True
for value in self.attributes[key].distinct_values:
try:
val_as_float = float(value)
except:
all_numbers = False
if all_numbers:
self.attributes[key].alignment = "right"
else:
self.attributes[key].alignment = "left"
def password_reset_step2():
"""Handle confirmation E-mail for password reset"""
logger.debug("in password_reset request.url is:", request.url)
errors = []
user_id = request.form['user_encode']
logger.debug("locals are:", locals())
user = Bunch()
password = request.form['password']
set_password(password, user)
es = get_elasticsearch_connection()
es.update(index="users",
doc_type="local",
id=user_id,
body={"doc": {
"password": user.__dict__.get("password")
}})
flash("Password changed successfully. You can now sign in.", "alert-info")
response = make_response(redirect(url_for('login')))
return response
def __init__(self, kw):
self.thank_you_mode = False
self.errors = []
self.user = Bunch()
self.user.email_address = kw.get('email_address', '').strip()
if not (5 <= len(self.user.email_address) <= 50):
self.errors.append(
'Email Address needs to be between 5 and 50 characters.')
self.user.full_name = kw.get('full_name', '').strip()
if not (5 <= len(self.user.full_name) <= 50):
self.errors.append(
'Full Name needs to be between 5 and 50 characters.')
self.user.organization = kw.get('organization', '').strip()
if self.user.organization and not (5 <= len(self.user.organization) <=
50):
self.errors.append(
'Organization needs to be empty or between 5 and 50 characters.'
)
password = str(kw.get('password', ''))
if not (6 <= len(password)):
self.errors.append('Password needs to be at least 6 characters.')
if kw.get('password_confirm') != password:
self.errors.append("Passwords don't match.")
if self.errors:
return
logger.debug("No errors!")
set_password(password, self.user)
self.user.registration_info = json.dumps(basic_info(), sort_keys=True)
self.new_user = model.User(**self.user.__dict__)
db_session.add(self.new_user)
try:
db_session.commit()
except sqlalchemy.exc.IntegrityError:
# This exception is thrown if the email address is already in the database
# To do: Perhaps put a link to sign in using an existing account here
self.errors.append(
"An account with this email address already exists. "
"Click the button above to sign in using an existing account.")
return
logger.debug("Adding verification email to queue")
#self.send_email_verification()
VerificationEmail(self.new_user)
logger.debug("Added verification email to queue")
self.thank_you_mode = True
def __init__(self, kw):
self.thank_you_mode = False
self.errors = []
self.user = Bunch()
es = kw.get('es_connection', None)
if not es:
self.errors.append("Missing connection object")
self.user.email_address = kw.get('email_address',
'').encode("utf-8").strip()
if not (5 <= len(self.user.email_address) <= 50):
self.errors.append(
'Email Address needs to be between 5 and 50 characters.')
else:
email_exists = get_user_by_unique_column(es, "email_address",
self.user.email_address)
if email_exists:
self.errors.append('User already exists with that email')
self.user.full_name = kw.get('full_name', '').encode("utf-8").strip()
if not (5 <= len(self.user.full_name) <= 50):
self.errors.append(
'Full Name needs to be between 5 and 50 characters.')
self.user.organization = kw.get('organization',
'').encode("utf-8").strip()
if self.user.organization and not (5 <= len(self.user.organization) <=
50):
self.errors.append(
'Organization needs to be empty or between 5 and 50 characters.'
)
password = str(kw.get('password', ''))
if not (6 <= len(password)):
self.errors.append('Password needs to be at least 6 characters.')
if kw.get('password_confirm') != password:
self.errors.append("Passwords don't match.")
if self.errors:
return
logger.debug("No errors!")
set_password(password, self.user)
self.user.user_id = str(uuid.uuid4())
self.user.confirmed = 1
self.user.registration_info = json.dumps(basic_info(), sort_keys=True)
save_user(es, self.user.__dict__, self.user.user_id)
def password_reset_step2():
"""Handle confirmation E-mail for password reset"""
logger.debug("in password_reset request.url is:", request.url)
errors = []
user_id = request.form['user_encode']
logger.debug("locals are:", locals())
user = Bunch()
password = request.form['password']
set_password(password, user)
set_user_attribute(user_id, "password", user.__dict__.get("password"))
flash("Password changed successfully. You can now sign in.", "alert-info")
response = make_response(redirect(url_for('login')))
return response
def get_attributes(self):
"""Finds which extra attributes apply to this dataset"""
# Get attribute names and distinct values for each attribute
results = g.db.execute(
'''
SELECT DISTINCT CaseAttribute.Id, CaseAttribute.Name, CaseAttributeXRef.Value
FROM CaseAttribute, CaseAttributeXRef
WHERE CaseAttributeXRef.CaseAttributeId = CaseAttribute.Id
AND CaseAttributeXRef.ProbeSetFreezeId = %s
ORDER BY CaseAttribute.Name''',
(str(self.dataset.id), ))
self.attributes = {}
for attr, values in itertools.groupby(results.fetchall(), lambda row:
(row.Id, row.Name)):
key, name = attr
print("radish: %s - %s" % (key, name))
self.attributes[key] = Bunch()
self.attributes[key].name = name
self.attributes[key].distinct_values = [
item.Value for item in values
]
self.attributes[key].distinct_values.sort(key=natural_sort_key)
