def insertUser(self, name, passwd): """ Insert user in talbe Users. User password is hashed with salt_p. @param name: user name @param passwd: user password """ name = name.decode('utf-8') passwd = passwd.decode('utf-8') # generate salt using cryptographic safe pseudo-random generator salt_p = CryptoBasics.genUserPassSalt() # prepends salts and create hash passwd = CryptoBasics.getUserPassHash(salt_p, passwd) try: self._cursor.execute("INSERT INTO Users(name, passwd, salt_p) VALUES(:name, :passwd, :salt_p)", {"name" : name, "passwd" : passwd, "salt_p" : salt_p}) self._connection.commit() logging.info("users with ID: %i, inserted: %s", self._cursor.lastrowid, self._cursor.rowcount) except sqlite3.IntegrityError as e: logging.warning(e) except sqlite3.Error as e: logging.exception(e) self._connection.rollback() raise e
def selectByNameMaster(self, name, master): """ Select user from database by username and password. @param name: username @param master: plain text password @return: UserModel object, or None """ name = name.decode('utf-8') master = master.decode('utf-8') user = None try: user = self.selectByName(name) if (not user): logging.info("username doesn't exist, %s", name) return None # prepare hash passwd = CryptoBasics.getUserPassHash(user._salt, master) except sqlite3.Error as e: logging.exception(e) raise e finally: if (user and user._passwd == passwd): logging.debug("user with username '%s' selected", name) user._master = master return user else: logging.info("user password not correct") return None