def init_user_info():
"""Initialize user info to db."""
name = "suwen"
password = salt_password("xxxxxx")
email = "*****@*****.**"
user = User(name=name, password=password, email=email)
user.insert()
def verify_password(cls, email, password):
record = cls.select_one(where={"email": email})
if record is None:
return False
logging.info("record: {}".format(record))
real_password = record.get("password", None)
if real_password is not None:
if utils.salt_password(password) == real_password:
return True
return False
def validate_login(db, email, password):
doc = db[COLL_USER].find_one({"email":email}, {"password":True,
"salt":True})
if doc is None:
return {"err":True, "msg":u"当前邮箱不存在"}
real_password = doc["password"]
salt = doc["salt"]
try:
salted_password = utils.salt_password(salt, password)
except:
logging.warning("invalid password")
timestamp = utils.get_cur_utc_timestamp()
db[COLL_LOG_LOGIN].insert({"password":password, "email":email,
"timestamp":timestamp})
return {"err":True, "msg":"当前密码错误"}
if salted_password != real_password:
return {"err":True, "msg":"当前密码错误"}
else:
return {"err":False}
def create_account(db, account):
account["created_at"] = utils.get_cur_utc_timestamp()
password = account["password"]
salt = account["salt"]
account["password"] = utils.salt_password(salt, password)
db[COLL_USER].insert(account, w=1)
def test_salt_password():
password1 = "123"
password2 = "123"
assert utils.salt_password(password1) == utils.salt_password(password2)
assert utils.salt_password(password1) != utils.salt_password("124")
def set_password(self, raw_password):
self.password = utils.salt_password(raw_password)