def edit_password(id): json_data = request.get_json() user = Users.find_by_id(id) if user: hashed_old_password = hashlib.md5(json_data['old_password'].encode('utf-8')).hexdigest() hashed_new_password = hashlib.md5(json_data['new_password'].encode('utf-8')).hexdigest() if hashed_old_password == user.password: user.password = hashed_new_password else: return {"msg": "error, passwords isn't correct."} else: return {"msg": "usr not found"}, 404 return {"msg": "Password updated correctly."}
def __init__(self, username, email, password, phone, surename, gendre): self.username = username self.email = email self.password = hashlib.md5(password.encode('utf-8')).hexdigest() self.phone = phone self.surename = surename self.gendre = gendre
def login(): if request.method == 'POST': if not request.form['id'] or not request.form['password']: return render_template('login.html', valid_fields='Campos vacios') else: user = User.query.filter_by(id=request.form['id']).first() if user is None: return render_template('login.html', valid_fields='Usuario inexistente') else: form_password = hashlib.md5( bytes(request.form['password'], encoding='utf-8')).hexdigest() if not form_password == user.password: return render_template( 'login.html', valid_fields='Contraseña incorrecta') else: login_user(user) if user.type_user == 'Mozo': return redirect(url_for('order')) elif user.type_user == 'Cocinero': return redirect(url_for('token')) else: return render_template('login.html', valid_fields='')
def add_photo(photo_upload): filename = photo_upload.filename ext_type = filename.split('.')[-1] storage_file_name = '{}.{}'\ .format( hashlib.md5(filename.split('.')[0].encode('utf-8')).hexdigest(), ext_type ) image_path = os.path.join(os.path.abspath('static'), 'img', storage_file_name) thumbnail_path = os.path.join(os.path.abspath('static'), 'img/thumbnail', storage_file_name) pic = Image.open(photo_upload) pic.save(image_path) # original image outputsize = (200, 200) pic.thumbnail(outputsize) pic.save(thumbnail_path) # thumbnail for index page return storage_file_name
def post(self): """ Do the login to the application. Let the identification and create a jwt token with user info """ result = dict() result['token'] = '' auth = request.authorization if not auth or not auth.username or not auth.password: return result, 401 print('authorization', auth) loginUser = auth.username phrase = auth.password user = login(loginUser) if not user: return result, 401 phrase = hashlib.md5(phrase.encode()) print(phrase.hexdigest(), '==', user.phrase) if (user.phrase == phrase.hexdigest()): print("Pass verification, preparing token") token = jwt.encode( { 'id': user.idusuari, 'username': user.dsusuari, 'exp': datetime.datetime.utcnow() + datetime.timedelta(minutes=30) }, settings.SECRET_KEY) jwtToken = token.decode('UTF-8') result['token'] = jwtToken return result, 201 print("Pass failed") return result, 401
def set_passowrd(self, password): self.password = hashlib.md5(password.encode('utf-8')).hexdigest()
def password_check(self, password): if self.password == hashlib.md5(password.encode('utf-8')).hexdigest(): return True