예제 #1
0
 def set_user_passphrase(self, user_id, passphrase):
     """Hash the user's passphrase and update into the database"""
     passphrase = base64.b64encode(passphrase.encode("utf-8"))
     session = self.get_session()
     salt = generate_random_salt()
     pw_hash = generate_password_hash(passphrase, salt)
     session.execute(self.__prepared_statements['update_user_passphrase_hash'], (pw_hash, salt, user_id))
예제 #2
0
def new_user(email, username, password, newfriend):

    #salt + hashing
    salt = generate_random_salt()
    app_token = generate_random_app_token()
    password = generate_password_hash(password, salt)
    session_token = generate_password_hash(
        email,
        datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S"))

    #insert user information
    user_entry = users.insert().values(username=username,
                                       email=email,
                                       password=password,
                                       salt=salt,
                                       session_token=session_token,
                                       app_token=app_token)
    connection = engine.connect()
    res = connection.execute(user_entry)
    print res.inserted_primary_key
    connection.close()

    resp = make_response(
        render_template('dashboard.html',
                        alert="Thanks for registering!",
                        username=username,
                        newfriend=newfriend))
    resp.set_cookie('session_token', session_token)
    return resp
예제 #3
0
def register():
    email = request.form['email']
    username = request.form['username']
    password = request.form['password'].encode('utf8')
    salt = generate_random_salt()
    password_hash = generate_password_hash(password, salt)

    # Check if email already exist in database
    # if account does not exist create account in database

    if User.objects(email=email).first() == None:
        user = User(email=email)
        user.accounts['internal'] = {"username":username, "password_hash":password_hash, \
                "salt":salt}
        user.save()
        ret = json_util.dumps({"message":"account created", "status":"success"})
        resp = Response(response=ret,
                        status=201,
                        mimetype="application/json")
        return resp
    else:
        ret = json_util.dumps({"message":"Email already exist in database"})
        resp = Response(response=ret,
                        status=200,
                        mimetype="application/json")
        return resp
예제 #4
0
def register():
    email = request.form['email']
    username = request.form['username']
    password = request.form['password'].encode('utf8')
    salt = generate_random_salt()
    password_hash = generate_password_hash(password, salt)

    # Check if email already exist in database
    # if account does not exist create account in database

    if User.objects(email=email).first() == None:
        user = User(email=email)
        user.accounts['internal'] = {"username":username, "password_hash":password_hash, \
                "salt":salt}
        user.save()
        ret = json_util.dumps({
            "message": "account created",
            "status": "success"
        })
        resp = Response(response=ret, status=201, mimetype="application/json")
        return resp
    else:
        ret = json_util.dumps({"message": "Email already exist in database"})
        resp = Response(response=ret, status=200, mimetype="application/json")
        return resp
예제 #5
0
 def update_user(form, reset_hash):
     user = User.query.filter_by(reset_password=reset_hash).first()
     salt = generate_random_salt()
     password = form.password.data
     user.password = generate_password_hash(password, salt)
     new_hash = random.getrandbits(128)
     user.reset_password = new_hash
     user.salt = salt
     save_to_db(user, "User updated")
예제 #6
0
 def reset_password(form, reset_hash):
     user = User.query.filter_by(reset_password=reset_hash).first()
     salt = generate_random_salt()
     password = form['new_password_again']
     user.password = generate_password_hash(password, salt)
     new_hash = random.getrandbits(128)
     user.reset_password = new_hash
     user.salt = salt
     save_to_db(user, "password resetted")
예제 #7
0
 def update_user(form, reset_hash):
     user = User.query.filter_by(reset_password=reset_hash).first()
     salt = generate_random_salt()
     password = form.password.data
     user.password = generate_password_hash(password, salt)
     new_hash = random.getrandbits(128)
     user.reset_password = new_hash
     user.salt = salt
     save_to_db(user, "User updated")
예제 #8
0
파일: model.py 프로젝트: xinglu/cstar_perf
 def set_user_passphrase(self, user_id, passphrase):
     """Hash the user's passphrase and update into the database"""
     passphrase = base64.b64encode(passphrase.encode("utf-8"))
     session = self.get_session()
     salt = generate_random_salt()
     pw_hash = generate_password_hash(passphrase, salt)
     session.execute(
         self.__prepared_statements['update_user_passphrase_hash'],
         (pw_hash, salt, user_id))
예제 #9
0
 def reset_password(form, reset_hash):
     user = User.query.filter_by(reset_password=reset_hash).first()
     salt = generate_random_salt()
     password = form['new_password_again']
     user.password = generate_password_hash(password, salt)
     new_hash = random.getrandbits(128)
     user.reset_password = new_hash
     user.salt = salt
     save_to_db(user, "password resetted")
예제 #10
0
def create_user_password(form, user):
    salt = generate_random_salt()
    password = form['new_password_again']
    user.password = generate_password_hash(password, salt)
    hash = random.getrandbits(128)
    user.reset_password = str(hash)
    user.salt = salt
    user.is_verified = True
    save_to_db(user, "User password created")
    return user
예제 #11
0
def create_user_password(form, user):
    salt = generate_random_salt()
    password = form['new_password_again']
    user.password = generate_password_hash(password, salt)
    hash = random.getrandbits(128)
    user.reset_password = str(hash)
    user.salt = salt
    user.is_verified = True
    save_to_db(user, "User password created")
    return user
 def password(self, password):
     """
     Setter for _password, saves hashed password, salt and reset_password string
     :param password:
     :return:
     """
     salt = generate_random_salt()
     self._password = generate_password_hash(password, salt)
     hash_ = random.getrandbits(128)
     self.reset_password = str(hash_)
     self.salt = salt
예제 #13
0
 def password(self, password):
     """
     Setter for _password, saves hashed password, salt and reset_password string
     :param password:
     :return:
     """
     salt = generate_random_salt()
     self._password = generate_password_hash(password, salt)
     hash_ = random.getrandbits(128)
     self.reset_password = str(hash_)
     self.salt = salt
예제 #14
0
 def create_super_admin(password):
     user = User()
     user.login = '******'
     user.nickname = 'super_admin'
     salt = generate_random_salt()
     password = password
     user.password = generate_password_hash(password, salt)
     hash = random.getrandbits(128)
     user.reset_password = str(hash)
     user.salt = salt
     user.role = 'super_admin'
     save_to_db(user, "User created")
     return user
예제 #15
0
    def create_user(form):
        user = User()
        form.populate_obj(user)
        # we hash the users password to avoid saving it as plaintext in the db,
        # remove to use plain text:
        salt = generate_random_salt()
        password = form.password.data
        user.password = generate_password_hash(password, salt)
        hash = random.getrandbits(128)
        user.reset_password = str(hash)

        user.salt = salt
        user.role = 'speaker'
        save_to_db(user, "User created")
        return user
예제 #16
0
    def create_user(userdata, is_verified=False):
        user = User(email=userdata[0],
                    password=userdata[1],
                    is_verified=is_verified)
        # we hash the users password to avoid saving it as plaintext in the db,
        # remove to use plain text:
        salt = generate_random_salt()
        user.password = generate_password_hash(user.password, salt)
        hash = random.getrandbits(128)
        user.reset_password = str(hash)

        user.salt = salt
        save_to_db(user, "User created")

        return user
예제 #17
0
    def create_user(form):
        user = User()
        form.populate_obj(user)
        # we hash the users password to avoid saving it as plaintext in the db,
        # remove to use plain text:
        salt = generate_random_salt()
        password = form.password.data
        user.password = generate_password_hash(password, salt)
        hash = random.getrandbits(128)
        user.reset_password = hash

        user.salt = salt
        user.role = "speaker"
        save_to_db(user, "User created")
        return user
예제 #18
0
 def create_super_admin(email, password):
     user = User()
     user.login = '******'
     user.email = email
     salt = generate_random_salt()
     password = password
     user.password = generate_password_hash(password, salt)
     hash = random.getrandbits(128)
     user.reset_password = str(hash)
     user.salt = salt
     user.is_super_admin = True
     user.is_admin = True
     user.is_verified = True
     save_to_db(user, "User created")
     return user
예제 #19
0
    def create_user(userdata, is_verified=False):
        user = User(email=userdata[0],
                    password=userdata[1],
                    is_verified=is_verified)
        # we hash the users password to avoid saving it as plaintext in the db,
        # remove to use plain text:
        salt = generate_random_salt()
        user.password = generate_password_hash(user.password, salt)
        hash = random.getrandbits(128)
        user.reset_password = str(hash)

        user.salt = salt
        save_to_db(user, "User created")

        return user
예제 #20
0
 def create_super_admin(email, password):
     user = User()
     user.login = '******'
     user.email = email
     salt = generate_random_salt()
     password = password
     user.password = generate_password_hash(password, salt)
     hash = random.getrandbits(128)
     user.reset_password = str(hash)
     user.salt = salt
     user.is_super_admin = True
     user.is_admin = True
     user.is_verified = True
     save_to_db(user, "User created")
     return user
예제 #21
0
    def password_view(self):
        if request.method == 'POST':
            user = login.current_user
            if user.password == generate_password_hash(request.form['current_password'], user.salt):
                if request.form['new_password'] == request.form['repeat_password']:
                    salt = generate_random_salt()
                    user.password = generate_password_hash(request.form['new_password'], salt)
                    user.salt = salt
                    save_to_db(user, "password changed")
                    flash('Password changed successfully.', 'success')
                else:
                    flash('The new password and the repeat don\'t match.', 'danger')
            else:
                flash('The current password is incorrect.', 'danger')

        return self.render('/gentelella/admin/settings/pages/password.html')
예제 #22
0
def password_view(user_id):
    user = DataGetter.get_user(int(user_id))
    if request.method == 'POST':
        if user.password == generate_password_hash(request.form['current_password'], user.salt):
            if request.form['new_password'] == request.form['repeat_password']:
                salt = generate_random_salt()
                user.password = generate_password_hash(request.form['new_password'], salt)
                user.salt = salt
                save_to_db(user, "password changed")
                flash('The password of the user has been changed. Do inform him..', 'success')
            else:
                flash('The new password and the repeat don\'t match.', 'danger')
        else:
            flash('The current password is incorrect.', 'danger')

    user.admin_access = 1
    return render_template('gentelella/users/settings/pages/password.html', user=user)
예제 #23
0
def password_view():
    if request.method == 'POST':
        user = login.current_user
        if user.password == generate_password_hash(request.form['current_password'], user.salt):
            if request.form['new_password'] == request.form['repeat_password']:
                salt = generate_random_salt()
                user.password = generate_password_hash(request.form['new_password'], salt)
                user.salt = salt
                save_to_db(user, "password changed")
                record_user_login_logout('user_logout', login.current_user)
                login.logout_user()
                flash('Your password has been changed. Please login with your new password now.', 'success')
                return redirect(url_for('admin.login_view'))
            else:
                flash('The new password and the repeat don\'t match.', 'danger')
        else:
            flash('The current password is incorrect.', 'danger')

    return render_template('gentelella/users/settings/pages/password.html')
예제 #24
0
def password_view():
    if request.method == 'POST':
        user = login.current_user
        if user.password == generate_password_hash(request.form['current_password'], user.salt):
            if request.form['new_password'] == request.form['repeat_password']:
                salt = generate_random_salt()
                user.password = generate_password_hash(request.form['new_password'], salt)
                user.salt = salt
                save_to_db(user, "password changed")
                record_user_login_logout('user_logout', login.current_user)
                login.logout_user()
                flash('Your password has been changed. Please login with your new password now.', 'success')
                return redirect(url_for('admin.login_view'))
            else:
                flash('The new password and the repeat don\'t match.', 'danger')
        else:
            flash('The current password is incorrect.', 'danger')

    return render_template('gentelella/admin/settings/pages/password.html')
예제 #25
0
파일: test.py 프로젝트: MissCatLady/AlarmEZ
def new_user(email, username, password, newfriend):

	#salt + hashing
	salt = generate_random_salt()
	app_token = generate_random_app_token()
	password = generate_password_hash(password, salt)
	session_token = generate_password_hash(email, datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S"))
	
	#insert user information
	user_entry = users.insert().values(username=username, email=email, 
		password=password, salt=salt, session_token = session_token,
	    app_token=app_token)
	connection = engine.connect()
	res = connection.execute(user_entry)
	print res.inserted_primary_key
	connection.close()
	
	resp = make_response(render_template('dashboard.html', alert="Thanks for registering!", username=username, newfriend=newfriend))
	resp.set_cookie('session_token', session_token);
	return resp;
예제 #26
0
    def create_user(form):
        user = User(nickname='asdf',
                    login=form['username'],
                    email=form['email'])
        user_detail = UserDetail()

        # we hash the users password to avoid saving it as plaintext in the db,
        # remove to use plain text:
        salt = generate_random_salt()
        password = form['password']
        user.password = generate_password_hash(password, salt)
        hash = random.getrandbits(128)
        user.reset_password = str(hash)

        user.salt = salt
        user.role = 'speaker'
        save_to_db(user, "User created")

        user_detail.user_id = user.id
        save_to_db(user_detail, "User Details Added")

        return user
def create_user():

    # Enter user name
    user_name = raw_input("Enter a username: "******"Username can't be empty: ")

    # Enter password
    password = raw_input("Enter a password: "******"Password can't be empty: ")

    # generate salt that will flavour the hash
    salt = generate_random_salt()
    # generate password hash together with the salt value
    hashed_password = generate_password_hash(str(password), salt)

    # Build user document
    user_doc = {
        "username": str(user_name),
        "password": hashed_password,
        "salt": salt
    }

    # Now, store user credentials in MongoDB
    with app.app_context():

        try:
            result = mongo_users_utils.save(user_doc)
            if result:
                print "\nUser %s has been created" % user_name
            else:
                print "\nAn error has occurred."

        except Exception as e:
            print "\nAn error occurred.\n %s" % e
예제 #28
0
파일: models.py 프로젝트: CIRCL/cve-portal
 def password(self, password):
     self.password_salt = generate_random_salt()
     self.password_hash = generate_password_hash(password, self.password_salt)
예제 #29
0
파일: app.py 프로젝트: Skyman747/pajbot
parser.add_argument('--host', default='0.0.0.0')
parser.add_argument('--port', type=int, default=2325)
parser.add_argument('--debug', dest='debug', action='store_true')
parser.add_argument('--no-debug', dest='debug', action='store_false')
parser.set_defaults(debug=False)

args = parser.parse_args()

config = load_config(args.config)

if 'web' not in config:
    log.error('Missing [web] section in config.ini')
    sys.exit(1)

if 'pleblist_password_salt' not in config['web']:
    salt = generate_random_salt()
    config.set('web', 'pleblist_password_salt', salt.decode('utf-8'))

if 'secret_key' not in config['web']:
    salt = generate_random_salt()
    config.set('web', 'secret_key', salt.decode('utf-8'))

if 'logo' not in config['web']:
    twitchapi = TwitchAPI()
    try:
        data = twitchapi.get(['users', config['main']['streamer']], base='https://api.twitch.tv/kraken/')
        log.info(data)
        if data:
            logo_raw = 'static/images/logo_{}.png'.format(config['main']['streamer'])
            logo_tn = 'static/images/logo_{}_tn.png'.format(config['main']['streamer'])
            with urllib.request.urlopen(data['logo']) as response, open(logo_raw, 'wb') as out_file:
예제 #30
0
 def __init__(self, username, raw_pw, first_name='', last_name=''):
     self.salt = scrypt.generate_random_salt() #: You can also provide the byte length to return: salt = generate_password_salt(32)
     self.username = username
     self.set_password(raw_pw)
     self.first_name = first_name
     self.last_name = last_name
예제 #31
0
    def __init__(self, password):
        self.timestamp = datetime.utcnow()

        # add some salt then cook up the hash
        self.salt = generate_random_salt()
        self.password_hash = generate_password_hash(password, self.salt)
예제 #32
0
 def password(self, password):
     self.password_salt = generate_random_salt()
     self.password_hash = generate_password_hash(password,
                                                 self.password_salt)
예제 #33
0
 def __init__(self, username, password):
     self.name = username
     self.salt = generate_random_salt()
     self.password_hash = generate_password_hash(password, self.salt)
예제 #34
0
    def set_password(self, password_string):
        self.password_salt = generate_random_salt()
        self.password_hash = generate_password_hash(password_string, self.password_salt, 1 << 15)

        db.session.commit()
예제 #35
0
parser.add_argument('--host', default='0.0.0.0')
parser.add_argument('--port', type=int, default=2325)
parser.add_argument('--debug', dest='debug', action='store_true')
parser.add_argument('--no-debug', dest='debug', action='store_false')
parser.set_defaults(debug=False)

args = parser.parse_args()

config = load_config(args.config)

if 'web' not in config:
    log.error('Missing [web] section in config.ini')
    sys.exit(1)

if 'pleblist_password_salt' not in config['web']:
    salt = generate_random_salt()
    config.set('web', 'pleblist_password_salt', salt.decode('utf-8'))

if 'secret_key' not in config['web']:
    salt = generate_random_salt()
    config.set('web', 'secret_key', salt.decode('utf-8'))

if 'logo' not in config['web']:
    twitchapi = TwitchAPI()
    try:
        data = twitchapi.get(['users', config['main']['streamer']], base='https://api.twitch.tv/kraken/')
        log.info(data)
        if data:
            logo_raw = 'static/images/logo_{}.png'.format(config['main']['streamer'])
            logo_tn = 'static/images/logo_{}_tn.png'.format(config['main']['streamer'])
            with urllib.request.urlopen(data['logo']) as response, open(logo_raw, 'wb') as out_file:
예제 #36
0
파일: __init__.py 프로젝트: T-Brawl/pajbot
def init(args):
    import configparser
    import datetime
    import logging
    import subprocess
    import sys

    from flask import request
    from flask import session
    from flask.ext.scrypt import generate_random_salt

    import pajbot.web.common
    import pajbot.web.routes
    from pajbot.bot import Bot
    from pajbot.managers.db import DBManager
    from pajbot.managers.redis import RedisManager
    from pajbot.managers.time import TimeManager
    from pajbot.models.module import ModuleManager
    from pajbot.models.sock import SocketClientManager
    from pajbot.streamhelper import StreamHelper
    from pajbot.tbutil import load_config
    from pajbot.web.models import errors
    from pajbot.web.utils import download_logo

    log = logging.getLogger(__name__)

    log.info('XD')

    config = configparser.ConfigParser()

    config = load_config(args.config)
    config.read('webconfig.ini')

    if 'web' not in config:
        log.error('Missing [web] section in config.ini')
        sys.exit(1)

    if 'pleblist_password_salt' not in config['web']:
        salt = generate_random_salt()
        config.set('web', 'pleblist_password_salt', salt.decode('utf-8'))

    if 'secret_key' not in config['web']:
        salt = generate_random_salt()
        config.set('web', 'secret_key', salt.decode('utf-8'))

    if 'logo' not in config['web']:
        res = download_logo(config['main']['streamer'])
        if res:
            config.set('web', 'logo', 'set')

    StreamHelper.init_web(config['main']['streamer'])

    redis_options = {}
    if 'redis' in config:
        redis_options = config._sections['redis']

    RedisManager.init(**redis_options)

    with open(args.config, 'w') as configfile:
        config.write(configfile)

    app.bot_modules = config['web'].get('modules', '').split()
    app.bot_commands_list = []
    app.bot_config = config
    app.secret_key = config['web']['secret_key']

    if 'sock' in config and 'sock_file' in config['sock']:
        SocketClientManager.init(config['sock']['sock_file'])

    DBManager.init(config['main']['db'])
    TimeManager.init_timezone(config['main'].get('timezone', 'UTC'))

    app.module_manager = ModuleManager(None).load()

    pajbot.web.routes.admin.init(app)
    pajbot.web.routes.api.init(app)
    pajbot.web.routes.base.init(app)

    pajbot.web.common.filters.init(app)
    pajbot.web.common.assets.init(app)
    pajbot.web.common.tasks.init(app)
    pajbot.web.common.menu.init(app)

    app.register_blueprint(pajbot.web.routes.clr.page)

    errors.init(app)
    pajbot.web.routes.clr.config = config

    version = Bot.version
    last_commit = ''
    commit_number = 0
    try:
        current_branch = subprocess.check_output(['git', 'rev-parse', '--abbrev-ref', 'HEAD']).decode('utf8').strip()
        latest_commit = subprocess.check_output(['git', 'rev-parse', 'HEAD']).decode('utf8').strip()[:8]
        commit_number = subprocess.check_output(['git', 'rev-list', 'HEAD', '--count']).decode('utf8').strip()
        last_commit = subprocess.check_output(['git', 'log', '-1', '--format=%cd']).decode('utf8').strip()
        version = '{0} DEV ({1}, {2}, commit {3})'.format(version, current_branch, latest_commit, commit_number)
    except:
        pass

    default_variables = {
            'version': version,
            'last_commit': last_commit,
            'commit_number': commit_number,
            'bot': {
                'name': config['main']['nickname'],
                },
            'site': {
                'domain': config['web']['domain'],
                'deck_tab_images': config.getboolean('web', 'deck_tab_images'),
                'websocket': {
                    'host': config['websocket'].get('host', config['web']['domain']),
                    'port': config['websocket']['port'],
                    'ssl': config.getboolean('websocket', 'ssl')
                    }
                },
            'streamer': {
                'name': config['web']['streamer_name'],
                'full_name': config['main']['streamer']
                },
            'modules': app.bot_modules,
            'request': request,
            'session': session,
            'google_analytics': config['web'].get('google_analytics', None),
            }

    if 'streamtip' in config:
        default_variables['streamtip_data'] = {
                'client_id': config['streamtip']['client_id'],
                'redirect_uri': config['streamtip']['redirect_uri'],
                }
    else:
        default_variables['streamtip_data'] = {
                'client_id': 'MISSING',
                'redirect_uri': 'MISSING',
                }

    if 'twitchalerts' in config:
        default_variables['twitchalerts_data'] = {
                'client_id': config['twitchalerts']['client_id'],
                'redirect_uri': config['twitchalerts']['redirect_uri'],
                }
    else:
        default_variables['twitchalerts_data'] = {
                'client_id': 'MISSING',
                'redirect_uri': 'MISSING',
                }

    @app.context_processor
    def current_time():
        current_time = {}
        current_time['current_time'] = datetime.datetime.now()
        return current_time

    @app.context_processor
    def inject_default_variables():
        return default_variables