def run(self):
log = Logger('AdminPostHandlerThread')
request_data = json.loads(self.request.request.body)
print request_data
login = LoginDBHelper()
update_status = False
final_dict = {}
admin_detail = login.get_login(self.current_user, update_flag=True)
if admin_detail is None:
final_dict['pass'] = False
final_dict['message'] = "Wrong username password combination"
else:
current_password = request_data.get('current_password')
login_success = verify_password(str(current_password),
d64(admin_detail.get('password')))
if login_success:
login_id = admin_detail.get('login_id')
new_password = request_data.get('new_password')
temp_passwd = make_verifier(str(new_password))
new_password_hash = e64(temp_passwd).strip()
update_status = login.update_login_password(login_id,
new_password_hash)
if update_status:
final_dict['pass'] = True
final_dict['message'] = "Password changed successfully"
else:
final_dict['pass'] = False
final_dict['message'] = "Wrong username password combination"
opJson = json.dumps(final_dict)
#self.request.add_header('Access-Control-Allow-Origin', '*')
self.request.set_header ('Content-Type', 'application/json')
self.request.write(opJson)
tornado.ioloop.IOLoop.instance().add_callback(self.callback)
def run(self):
# log = Logger('AdminPostHandlerThread')
request_data = json.loads(self.request.request.body)
print request_data
login = LoginDBHelper()
update_status = False
final_dict = {}
admin_detail = login.get_login(self.current_user, update_flag=True)
if admin_detail is None:
final_dict['pass'] = False
final_dict['message'] = "Wrong username password combination"
else:
current_password = request_data.get('current_password')
login_success = verify_password(str(current_password),
d64(admin_detail.get('password')))
if login_success:
login_id = admin_detail.get('login_id')
new_password = request_data.get('new_password')
temp_passwd = make_verifier(str(new_password))
new_password_hash = e64(temp_passwd).strip()
update_status = login.update_login_password(
login_id, new_password_hash)
if update_status:
final_dict['pass'] = True
final_dict['message'] = "Password changed successfully"
else:
final_dict['pass'] = False
final_dict['message'] = "Wrong username password combination"
opJson = json.dumps(final_dict)
#self.request.add_header('Access-Control-Allow-Origin', '*')
self.request.set_header('Content-Type', 'application/json')
self.request.write(opJson)
tornado.ioloop.IOLoop.instance().add_callback(self.callback)
packed = _PARAMS.pack(logN,r,p,len(salt)) + salt + hash
return packed
def unpack_verifier(verifier):
logN,r,p,salt_bytes = _PARAMS.unpack_from(verifier)
i = _PARAMS.size+salt_bytes
salt = verifier[_PARAMS.size:i]
hash = verifier[i:]
return logN,r,p,salt,hash
def make_verifier( password, logN=14, r=8, p=1, salt_bytes=16,hash_bytes=16):
salt = random(salt_bytes)
hash = scrypt.hash(password,salt,1<<logN,r,p,hash_bytes)
return pack_verifier(logN,r,p,salt,hash)
def verify_password( password, verifier ):
logN,r,p,salt,hash = unpack_verifier(verifier)
newhash = scrypt.hash(password,salt,1<<logN,r,p,len(hash))
return consteq(newhash,hash)
if __name__=="__main__":
v = make_verifier( "password" )
# print(verify_password( "password", v))
# print(verify_password( "Password", v))
ev = e64(v).strip()
print(ev)
# # store ev in database
# print( verify_password("password",d64(ev)))
def unpack_verifier(verifier):
logN, r, p, salt_bytes = _PARAMS.unpack_from(verifier)
i = _PARAMS.size + salt_bytes
salt = verifier[_PARAMS.size:i]
hash = verifier[i:]
return logN, r, p, salt, hash
def make_verifier(password, logN=14, r=8, p=1, salt_bytes=16, hash_bytes=16):
salt = random(salt_bytes)
hash_value = scrypt.hash(password, salt, 1 << logN, r, p, hash_bytes)
return pack_verifier(logN, r, p, salt, hash_value)
def verify_password(password, verifier):
logN, r, p, salt, hash_value = unpack_verifier(verifier)
newhash = scrypt.hash(password, salt, 1 << logN, r, p, len(hash_value))
return consteq(newhash, hash_value)
if __name__ == "__main__":
v = make_verifier(args.password)
ev = e64(v).strip()
# if not(verify_password(args.password, d64(args.hash))):
# print("Password not verified!!\n")
# sys.exit(1)
print(ev)
def run(self):
log = Logger('RegisterWorkerThread')
TAG = 'run'
print 'RegisterWorkerThread'
final_dict = {}
company = CompanyDBHelper()
admin = LoginDBHelper()
request_data = json.loads(self.request.request.body)
company_name = request_data.get('company_name')
company_email = request_data.get('company_email')
company_address = request_data.get('company_address')
company_contact = request_data.get('company_contact')
admin_name = request_data.get('admin_name')
admin_email = request_data.get('admin_email')
admin_password = request_data.get('admin_password')
company_id, duplicate_company = company.add_company(
{'name': company_name, 'email': company_email,
'contact': company_contact, 'address': company_address})
# if company_id and duplicate_company:
# ## Send mail to admin registered for this company
# pass
if company_id:
temp_hash = make_verifier(str(admin_password))
final_hash = e64(temp_hash).strip()
pass_id = admin.set_login_password(final_hash)
if pass_id:
admin_id, duplicate_admin = admin.add_admin(
{'email':admin_email, 'name': admin_name,
'login_id': pass_id, 'company_id':company_id})
if admin_id and duplicate_admin:
## Admin already registered, set pass false
final_dict['admin'] = True
final_dict['pass'] = False
elif admin_id and not duplicate_admin:
final_dict['pass'] = True
final_dict['admin'] = False
## send verification mail to this admin
admin_signup(admin_id, company_id, admin_email,
company_email)
else:
final_dict['pass'] = False
final_dict['admin'] = False
else:
final_dict['pass'] = False
final_dict['admin'] = False
else:
final_dict['pass'] = False
final_dict['admin'] = False
self.request.write(json.dumps(final_dict))
tornado.ioloop.IOLoop.instance().add_callback(self.callback)
"""
if type(password) is unicode:
password = password.encode("utf-8")
whichkdf = byte(password[0])>>5
kdf = KDFS.get(whichkdf)
if kdf is None:
raise RuntimeError("unsupported algorithm")
return kdf(password,salt,dklen)
if __name__=="__main__":
from binascii import b2a_base64 as e64
import time
from getpass import getpass
try:
while True:
pw = getpass("please enter a password:"******"NaCl",32)
elapsed = time.clock()-start
print("{0:0.3f} seconds {1}".format(elapsed,e64(dkey)))
except KeyboardInterrupt:
print("goodbye")
def run(self):
# log = Logger('RegisterWorkerThread')
# TAG = 'run'
print 'RegisterWorkerThread'
final_dict = {}
company = CompanyDBHelper()
admin = LoginDBHelper()
request_data = json.loads(self.request.request.body)
company_name = request_data.get('company_name')
company_email = request_data.get('company_email')
company_address = request_data.get('company_address')
company_contact = request_data.get('company_contact')
admin_name = request_data.get('admin_name')
admin_email = request_data.get('admin_email')
admin_password = request_data.get('admin_password')
company_id, duplicate_company = company.add_company({
'name':
company_name,
'email':
company_email,
'contact':
company_contact,
'address':
company_address
})
# if company_id and duplicate_company:
# Send mail to admin registered for this company
# pass
if company_id:
temp_hash = make_verifier(str(admin_password))
final_hash = e64(temp_hash).strip()
pass_id = admin.set_login_password(final_hash)
if pass_id:
admin_id, duplicate_admin = admin.add_admin({
'email':
admin_email,
'name':
admin_name,
'login_id':
pass_id,
'company_id':
company_id
})
if admin_id and duplicate_admin:
# Admin already registered, set pass false
final_dict['admin'] = True
final_dict['pass'] = False
elif admin_id and not duplicate_admin:
final_dict['pass'] = True
final_dict['admin'] = False
# send verification mail to this admin
admin_signup(admin_id, company_id, admin_email,
company_email)
else:
final_dict['pass'] = False
final_dict['admin'] = False
else:
final_dict['pass'] = False
final_dict['admin'] = False
else:
final_dict['pass'] = False
final_dict['admin'] = False
self.request.write(json.dumps(final_dict))
tornado.ioloop.IOLoop.instance().add_callback(self.callback)