def insertUser(self, name, passwd):
"""
Insert user in talbe Users. User password is hashed with salt_p.
@param name: user name
@param passwd: user password
"""
name = name.decode('utf-8')
passwd = passwd.decode('utf-8')
# generate salt using cryptographic safe pseudo-random generator
salt_p = CryptoBasics.genUserPassSalt()
# prepends salts and create hash
passwd = CryptoBasics.getUserPassHash(salt_p, passwd)
try:
self._cursor.execute("INSERT INTO Users(name, passwd, salt_p) VALUES(:name, :passwd, :salt_p)",
{"name" : name, "passwd" : passwd, "salt_p" : salt_p})
self._connection.commit()
logging.info("users with ID: %i, inserted: %s", self._cursor.lastrowid, self._cursor.rowcount)
except sqlite3.IntegrityError as e:
logging.warning(e)
except sqlite3.Error as e:
logging.exception(e)
self._connection.rollback()
raise e
def selectByNameMaster(self, name, master):
"""
Select user from database by username and password.
@param name: username
@param master: plain text password
@return: UserModel object, or None
"""
name = name.decode('utf-8')
master = master.decode('utf-8')
user = None
try:
user = self.selectByName(name)
if (not user):
logging.info("username doesn't exist, %s", name)
return None
# prepare hash
passwd = CryptoBasics.getUserPassHash(user._salt, master)
except sqlite3.Error as e:
logging.exception(e)
raise e
finally:
if (user and user._passwd == passwd):
logging.debug("user with username '%s' selected", name)
user._master = master
return user
else:
logging.info("user password not correct")
return None
