async def authenticate(self, username: str, password: str) -> Optional[UserInDB]:
user = await self.get_by_username(username)
if user is None:
return
if not verify_password(password, user.password):
return
return user
async def authenticate(email: str, password: str):
user = get_by_email(email=email)
if not user:
return None
if not verify_password(password, user.hashed_password):
return None
return user
def authenticate(self, *, username: str, password: str):
user = self.get(username=username)
if not user:
return None
if not verify_password(password, user.hashed_password):
return None
return user
def authenticate(db_session, *, email: str, password: str) -> Optional[User]:
user = get_by_email(db_session, email=email)
if not user:
return None
if not verify_password(password, user.hashed_password):
return None
return user
def authenticate(self, db: Session, *, email: str, password: str) -> Optional[AdminUser]:
user = self.get_by_email(db, email=email)
if not user:
return None
if not verify_password(password, user.hashed_password):
return None
return user
def authenticate(db: Session, email: str, password: str):
user = get_by_email(db, email=email)
if not user:
return None
if not verify_password(password, user.password):
return None
return user
def authenticate(self, email: str, password: str) -> Optional[User]:
user = self.get_by_email(email)
if not user:
return None
if not verify_password(password, user.hashed_password):
return None
return user
def view_login():
utils = Utils()
msg = ''
if request.method == 'POST':
username = request.form.get('username', None)
password = request.form.get('password', None)
if rds.is_ip_blocked(request.remote_addr):
return render_template('login.html',
err='Your IP has been blocked.')
if verify_password(username, password):
session['session'] = username
return redirect('/')
else:
return render_template('login.html',
err='Incorrect username or password. \
After 5 attempts, you will get blocked.'
)
if not utils.is_version_latest():
msg = 'New Version is Available'
return render_template('login.html', msg=msg)
def mutate(parent, info, username, password):
user = db.query(User).filter_by(username=username).first()
if user is None or not verify_password(password, user.password):
errors = [{"error": "Can't validate username or password"}]
return SignInUser(errors=errors, success=False)
token = create_jwt_token(data={"sub": user.username, "id": user.id})
return SignInUser(token=token, success=True)
async def authenticate_user(db: AsyncIOMotorDatabase, username: str,
password: str) -> UserInDB:
user = await get_user(db, username)
if not user:
return None
if not verify_password(password, user.hashed_password):
return None
return user
async def authenticate_user(username: str, password: str):
logging.info(">>> " + __name__ + ":authenticate_user")
user = await get_user(username)
if not user:
return False
if not verify_password(password, user.hashed_password):
return False
return user
def authenticate(self, db_session: Session, *, username: str,
password: str) -> Optional[User]:
user = self.get_by_username(db_session, username=username)
if not user:
return None
if not verify_password(password, user.hashed_password):
return None
return user
async def admin_login(
auth: Auth,
db: Session = Depends(deps.get_db)
):
user = db.query(Admin).filter(Admin.username == auth.username).first()
if not user or not security.verify_password(auth.password, user.password_hash):
return Response404(msg="用户名或密码错误")
token = Token(token=f"Bearer {create_access_token(user.id)}")
return Response200(data=token)
async def login(login: Login,
users: UserRepository = Depends(get_user_repository)):
user = await users.get_by_email(login.email)
if user is None or not verify_password(login.password,
user.hashed_password):
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED,
detail="Incorrect username or password")
return Token(access_token=create_access_token({"sub": user.email}),
token_type="Bearer")
def test_update_user(db: Session) -> None:
password = random_lower_string()
email = random_email()
user_in = UserCreate(email=email, password=password, is_superuser=True)
user = crud.user.create(db, obj_in=user_in)
new_password = random_lower_string()
user_in_update = UserUpdate(password=new_password, is_superuser=True)
crud.user.update(db, db_obj=user, obj_in=user_in_update)
user_2 = crud.user.get(db, id=user.id)
assert user_2
assert user.email == user_2.email
assert verify_password(new_password, user_2.hashed_password)
def authenticate(
db: Session, *, username: Optional[str] = None,
password: str, email: Optional[str] = None
):
user = get_by_username(
db, username=username
) if username else get_by_email(db, email)
if not user:
return None
if not verify_password(password, user.password):
return None
return user
async def authenticate(self, db: AsyncIOMotorClient,
login_data: UserLogin):
md5_password = login_data.password
password = DeAesCrypt(md5_password, login_data.verify_key,
'pkcs7').decrypt_aes
if not password:
return None
user_info = await self.get_by_username(db,
username=login_data.username)
if not user_info:
return None
if not verify_password(password, user_info['password']):
return None
return user_info
async def authenticate_user(password: str,
username: str = None,
email: str = None) -> dict or None:
""" Authenticate user """
user = await _get_user(username=username, email=email)
if user is None:
raise HTTPException(status_code=404, detail='User does not exist')
else:
if verify_password(plain_password=password,
hashed_password=user['hashed_password']):
return user
else:
raise HTTPException(status_code=404, detail='invalid password')
def authenticate(db: Session,
*,
username: Optional[str] = None,
password: str,
email: Optional[str] = None):
user = user_service.get_by_field(
db, field='username',
value=username) if username else user_service.get_by_field(
db, field='email', value=email)
if not user:
return None
if not verify_password(password, user.password):
return None
return user
def login(form_data: OAuth2PasswordRequestForm):
user_name = form_data.username
password = form_data.password
user_exists = find_user_by_user_name(user_name)
if not user_exists:
return {"detail": "User does not exists"}, 404
password_matched = verify_password(password, user_exists["password"])
if not password_matched:
return {"detail": "Incorrect credential combination"}, 401
encoded_jwt, expire = create_access_token(data=TokenPayload(
user_id=user_exists["id"]).dict())
return LoginResp(access_token=encoded_jwt.decode("utf-8"),
token_type="bearer"), 200
def put(self, new_data):
"""Password Change [PROTECTED]
Args:
old_passowrd (str): [The current password]
new_password (int): [The new password]
"""
current_user = get_jwt_identity()
user = user_crud.get(current_user)
if not user:
abort(404, message="User not Found")
verified = verify_password(new_data['old_password'],
user.hashed_password)
if not verified:
abort(401, message='Wrong old Password')
data = {'password': new_data['new_password']}
user_crud.update(user, data)
return {'msg': 'Password Changed'}
async def resolve_login(_, info, **kwargs):
user = await find_user_by_email(kwargs["email"])
if not user:
return {"error": "User with that email not found"}
password_matched = verify_password(kwargs["password"], user["password"])
if not password_matched:
return {"error": "Incorrect credentials combination."}
encoded_jwt, expire = create_access_token(data={
"user_id": str(user["id"]),
"group": user["group"]
})
added_token_in_db = await add_token_in_db(
user_id=str(user["id"]), token=encoded_jwt.decode("utf-8"))
return {
"token": {
"access_token": encoded_jwt.decode("utf-8"),
"token_type": "bearer"
}
}
def change_password_by_token(self, db: Session, response: Response, *,
decode_token: dict,
obj_in: schema_user.UserChangePasswordIn):
"""
通过 token 设置初始/修改 密码
:param decode_token: 解析之后的 token
:param old_password: 原始密码(如果用户未设置初始密码,则不用填)
:param new_password: 新密码
:return: 状态码, 用户信息, 提示信息
"""
# --------- 获取当前用户信息 ----------- #
db_user, message = self.jwt_token_auth(db,
response,
decode_token=decode_token)
if not db_user:
return None, message
# ---------- 修改密码 ------------ #
if db_user.hashed_password: # 判断用户是否设置过初始密码
if not security.verify_password(obj_in.old_password,
db_user.hashed_password): # 校验原始密码
message = "原始密码不正确"
response.status_code = status.HTTP_401_UNAUTHORIZED
return None, message
hashed_new_password = security.get_password_hash(obj_in.new_password)
db_user_obj = crud_user.update_password_by_id(
db, id=db_user.id, hashed_password=hashed_new_password)
if not db_user_obj:
message = "密码修改失败"
response.status_code = status.HTTP_500_INTERNAL_SERVER_ERROR
logger.error(message)
else:
message = "密码修改成功"
response.status_code = status.HTTP_200_OK
redis_client.set(db_user.id, "", ex=1)
return db_user_obj, message
def test_verify_password():
assert verify_password(MOCK_PASSWORD, MOCK_PASSWORD_HASH) == True
def check_password(self, password: str):
return verify_password(self.salt + password, self.hashed_password)
def signin(self, db: Session, request: Request, response: Response, *,
obj_in: schema_user.UserPasswordSigninIn):
"""
通过密码登录
:param account: 手机号/邮箱/用户名
:param password: 密码
:return: token, 提示信息
"""
# -------- 判断输入账号 手机号/邮箱/用户名 ------- #
if re.match(RE_PHONE, obj_in.account): # 手机
db_user = crud_user.get_user_by_phone(db, phone=obj_in.account)
elif re.match(RE_EMAIL, obj_in.account): # 邮箱
db_user = crud_user.get_user_by_email(db, email=obj_in.account)
else: # 用户名
db_user = crud_user.get_user_by_username(db,
username=obj_in.account)
# --------- 判断账号是否注册过 ---------- #
if not db_user:
message = f"账号 {obj_in.account} 未注册"
response.status_code = status.HTTP_404_NOT_FOUND
elif db_user.status == 1:
message = f"账号 {obj_in.account} 已被禁用"
response.status_code = status.HTTP_403_FORBIDDEN
else:
# ------ 判断用户是否设置初始密码 ------ #
if not db_user.hashed_password:
message = f"账号 {obj_in.account} 还未设置初始密码"
response.status_code = status.HTTP_401_UNAUTHORIZED
return None, message
# --------- 密码进行比对 ----------- #
if not security.verify_password(obj_in.password,
db_user.hashed_password):
message = f"用户 {obj_in.account} 密码不正确"
response.status_code = status.HTTP_401_UNAUTHORIZED
logger.error(message)
else:
# -------- # 登录token 存储了userid 和 authorityid ------- #
access_token_expires = timedelta(
minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
token = security.create_access_token(
db_user.id,
db_user.authorityid,
expires_delta=access_token_expires)
redis_client.set(db_user.id,
token,
ex=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
# -------- 登录成功之后向数据库添加一条登录日志信息 -------- #
ip = request.client.host # 用户ip
db_signin_log = crud_user.add_signin_log(db,
userid=db_user.id,
ip=ip)
if not db_signin_log:
message = f"用户 {obj_in.account} 登录失败"
response.status_code = status.HTTP_401_UNAUTHORIZED
else:
message = f"用户 {obj_in.account} 登录成功"
response.status_code = status.HTTP_200_OK
return token, message
logger.error(message)
return None, message
