def set_user_passphrase(self, user_id, passphrase): """Hash the user's passphrase and update into the database""" passphrase = base64.b64encode(passphrase.encode("utf-8")) session = self.get_session() salt = generate_random_salt() pw_hash = generate_password_hash(passphrase, salt) session.execute(self.__prepared_statements['update_user_passphrase_hash'], (pw_hash, salt, user_id))
def new_user(email, username, password, newfriend): #salt + hashing salt = generate_random_salt() app_token = generate_random_app_token() password = generate_password_hash(password, salt) session_token = generate_password_hash( email, datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S")) #insert user information user_entry = users.insert().values(username=username, email=email, password=password, salt=salt, session_token=session_token, app_token=app_token) connection = engine.connect() res = connection.execute(user_entry) print res.inserted_primary_key connection.close() resp = make_response( render_template('dashboard.html', alert="Thanks for registering!", username=username, newfriend=newfriend)) resp.set_cookie('session_token', session_token) return resp
def register(): email = request.form['email'] username = request.form['username'] password = request.form['password'].encode('utf8') salt = generate_random_salt() password_hash = generate_password_hash(password, salt) # Check if email already exist in database # if account does not exist create account in database if User.objects(email=email).first() == None: user = User(email=email) user.accounts['internal'] = {"username":username, "password_hash":password_hash, \ "salt":salt} user.save() ret = json_util.dumps({"message":"account created", "status":"success"}) resp = Response(response=ret, status=201, mimetype="application/json") return resp else: ret = json_util.dumps({"message":"Email already exist in database"}) resp = Response(response=ret, status=200, mimetype="application/json") return resp
def register(): email = request.form['email'] username = request.form['username'] password = request.form['password'].encode('utf8') salt = generate_random_salt() password_hash = generate_password_hash(password, salt) # Check if email already exist in database # if account does not exist create account in database if User.objects(email=email).first() == None: user = User(email=email) user.accounts['internal'] = {"username":username, "password_hash":password_hash, \ "salt":salt} user.save() ret = json_util.dumps({ "message": "account created", "status": "success" }) resp = Response(response=ret, status=201, mimetype="application/json") return resp else: ret = json_util.dumps({"message": "Email already exist in database"}) resp = Response(response=ret, status=200, mimetype="application/json") return resp
def update_user(form, reset_hash): user = User.query.filter_by(reset_password=reset_hash).first() salt = generate_random_salt() password = form.password.data user.password = generate_password_hash(password, salt) new_hash = random.getrandbits(128) user.reset_password = new_hash user.salt = salt save_to_db(user, "User updated")
def reset_password(form, reset_hash): user = User.query.filter_by(reset_password=reset_hash).first() salt = generate_random_salt() password = form['new_password_again'] user.password = generate_password_hash(password, salt) new_hash = random.getrandbits(128) user.reset_password = new_hash user.salt = salt save_to_db(user, "password resetted")
def set_user_passphrase(self, user_id, passphrase): """Hash the user's passphrase and update into the database""" passphrase = base64.b64encode(passphrase.encode("utf-8")) session = self.get_session() salt = generate_random_salt() pw_hash = generate_password_hash(passphrase, salt) session.execute( self.__prepared_statements['update_user_passphrase_hash'], (pw_hash, salt, user_id))
def create_user_password(form, user): salt = generate_random_salt() password = form['new_password_again'] user.password = generate_password_hash(password, salt) hash = random.getrandbits(128) user.reset_password = str(hash) user.salt = salt user.is_verified = True save_to_db(user, "User password created") return user
def password(self, password): """ Setter for _password, saves hashed password, salt and reset_password string :param password: :return: """ salt = generate_random_salt() self._password = generate_password_hash(password, salt) hash_ = random.getrandbits(128) self.reset_password = str(hash_) self.salt = salt
def create_super_admin(password): user = User() user.login = '******' user.nickname = 'super_admin' salt = generate_random_salt() password = password user.password = generate_password_hash(password, salt) hash = random.getrandbits(128) user.reset_password = str(hash) user.salt = salt user.role = 'super_admin' save_to_db(user, "User created") return user
def create_user(form): user = User() form.populate_obj(user) # we hash the users password to avoid saving it as plaintext in the db, # remove to use plain text: salt = generate_random_salt() password = form.password.data user.password = generate_password_hash(password, salt) hash = random.getrandbits(128) user.reset_password = str(hash) user.salt = salt user.role = 'speaker' save_to_db(user, "User created") return user
def create_user(userdata, is_verified=False): user = User(email=userdata[0], password=userdata[1], is_verified=is_verified) # we hash the users password to avoid saving it as plaintext in the db, # remove to use plain text: salt = generate_random_salt() user.password = generate_password_hash(user.password, salt) hash = random.getrandbits(128) user.reset_password = str(hash) user.salt = salt save_to_db(user, "User created") return user
def create_user(form): user = User() form.populate_obj(user) # we hash the users password to avoid saving it as plaintext in the db, # remove to use plain text: salt = generate_random_salt() password = form.password.data user.password = generate_password_hash(password, salt) hash = random.getrandbits(128) user.reset_password = hash user.salt = salt user.role = "speaker" save_to_db(user, "User created") return user
def create_super_admin(email, password): user = User() user.login = '******' user.email = email salt = generate_random_salt() password = password user.password = generate_password_hash(password, salt) hash = random.getrandbits(128) user.reset_password = str(hash) user.salt = salt user.is_super_admin = True user.is_admin = True user.is_verified = True save_to_db(user, "User created") return user
def password_view(self): if request.method == 'POST': user = login.current_user if user.password == generate_password_hash(request.form['current_password'], user.salt): if request.form['new_password'] == request.form['repeat_password']: salt = generate_random_salt() user.password = generate_password_hash(request.form['new_password'], salt) user.salt = salt save_to_db(user, "password changed") flash('Password changed successfully.', 'success') else: flash('The new password and the repeat don\'t match.', 'danger') else: flash('The current password is incorrect.', 'danger') return self.render('/gentelella/admin/settings/pages/password.html')
def password_view(user_id): user = DataGetter.get_user(int(user_id)) if request.method == 'POST': if user.password == generate_password_hash(request.form['current_password'], user.salt): if request.form['new_password'] == request.form['repeat_password']: salt = generate_random_salt() user.password = generate_password_hash(request.form['new_password'], salt) user.salt = salt save_to_db(user, "password changed") flash('The password of the user has been changed. Do inform him..', 'success') else: flash('The new password and the repeat don\'t match.', 'danger') else: flash('The current password is incorrect.', 'danger') user.admin_access = 1 return render_template('gentelella/users/settings/pages/password.html', user=user)
def password_view(): if request.method == 'POST': user = login.current_user if user.password == generate_password_hash(request.form['current_password'], user.salt): if request.form['new_password'] == request.form['repeat_password']: salt = generate_random_salt() user.password = generate_password_hash(request.form['new_password'], salt) user.salt = salt save_to_db(user, "password changed") record_user_login_logout('user_logout', login.current_user) login.logout_user() flash('Your password has been changed. Please login with your new password now.', 'success') return redirect(url_for('admin.login_view')) else: flash('The new password and the repeat don\'t match.', 'danger') else: flash('The current password is incorrect.', 'danger') return render_template('gentelella/users/settings/pages/password.html')
def password_view(): if request.method == 'POST': user = login.current_user if user.password == generate_password_hash(request.form['current_password'], user.salt): if request.form['new_password'] == request.form['repeat_password']: salt = generate_random_salt() user.password = generate_password_hash(request.form['new_password'], salt) user.salt = salt save_to_db(user, "password changed") record_user_login_logout('user_logout', login.current_user) login.logout_user() flash('Your password has been changed. Please login with your new password now.', 'success') return redirect(url_for('admin.login_view')) else: flash('The new password and the repeat don\'t match.', 'danger') else: flash('The current password is incorrect.', 'danger') return render_template('gentelella/admin/settings/pages/password.html')
def new_user(email, username, password, newfriend): #salt + hashing salt = generate_random_salt() app_token = generate_random_app_token() password = generate_password_hash(password, salt) session_token = generate_password_hash(email, datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S")) #insert user information user_entry = users.insert().values(username=username, email=email, password=password, salt=salt, session_token = session_token, app_token=app_token) connection = engine.connect() res = connection.execute(user_entry) print res.inserted_primary_key connection.close() resp = make_response(render_template('dashboard.html', alert="Thanks for registering!", username=username, newfriend=newfriend)) resp.set_cookie('session_token', session_token); return resp;
def create_user(form): user = User(nickname='asdf', login=form['username'], email=form['email']) user_detail = UserDetail() # we hash the users password to avoid saving it as plaintext in the db, # remove to use plain text: salt = generate_random_salt() password = form['password'] user.password = generate_password_hash(password, salt) hash = random.getrandbits(128) user.reset_password = str(hash) user.salt = salt user.role = 'speaker' save_to_db(user, "User created") user_detail.user_id = user.id save_to_db(user_detail, "User Details Added") return user
def create_user(): # Enter user name user_name = raw_input("Enter a username: "******"Username can't be empty: ") # Enter password password = raw_input("Enter a password: "******"Password can't be empty: ") # generate salt that will flavour the hash salt = generate_random_salt() # generate password hash together with the salt value hashed_password = generate_password_hash(str(password), salt) # Build user document user_doc = { "username": str(user_name), "password": hashed_password, "salt": salt } # Now, store user credentials in MongoDB with app.app_context(): try: result = mongo_users_utils.save(user_doc) if result: print "\nUser %s has been created" % user_name else: print "\nAn error has occurred." except Exception as e: print "\nAn error occurred.\n %s" % e
def password(self, password): self.password_salt = generate_random_salt() self.password_hash = generate_password_hash(password, self.password_salt)
parser.add_argument('--host', default='0.0.0.0') parser.add_argument('--port', type=int, default=2325) parser.add_argument('--debug', dest='debug', action='store_true') parser.add_argument('--no-debug', dest='debug', action='store_false') parser.set_defaults(debug=False) args = parser.parse_args() config = load_config(args.config) if 'web' not in config: log.error('Missing [web] section in config.ini') sys.exit(1) if 'pleblist_password_salt' not in config['web']: salt = generate_random_salt() config.set('web', 'pleblist_password_salt', salt.decode('utf-8')) if 'secret_key' not in config['web']: salt = generate_random_salt() config.set('web', 'secret_key', salt.decode('utf-8')) if 'logo' not in config['web']: twitchapi = TwitchAPI() try: data = twitchapi.get(['users', config['main']['streamer']], base='https://api.twitch.tv/kraken/') log.info(data) if data: logo_raw = 'static/images/logo_{}.png'.format(config['main']['streamer']) logo_tn = 'static/images/logo_{}_tn.png'.format(config['main']['streamer']) with urllib.request.urlopen(data['logo']) as response, open(logo_raw, 'wb') as out_file:
def __init__(self, username, raw_pw, first_name='', last_name=''): self.salt = scrypt.generate_random_salt() #: You can also provide the byte length to return: salt = generate_password_salt(32) self.username = username self.set_password(raw_pw) self.first_name = first_name self.last_name = last_name
def __init__(self, password): self.timestamp = datetime.utcnow() # add some salt then cook up the hash self.salt = generate_random_salt() self.password_hash = generate_password_hash(password, self.salt)
def __init__(self, username, password): self.name = username self.salt = generate_random_salt() self.password_hash = generate_password_hash(password, self.salt)
def set_password(self, password_string): self.password_salt = generate_random_salt() self.password_hash = generate_password_hash(password_string, self.password_salt, 1 << 15) db.session.commit()
def init(args): import configparser import datetime import logging import subprocess import sys from flask import request from flask import session from flask.ext.scrypt import generate_random_salt import pajbot.web.common import pajbot.web.routes from pajbot.bot import Bot from pajbot.managers.db import DBManager from pajbot.managers.redis import RedisManager from pajbot.managers.time import TimeManager from pajbot.models.module import ModuleManager from pajbot.models.sock import SocketClientManager from pajbot.streamhelper import StreamHelper from pajbot.tbutil import load_config from pajbot.web.models import errors from pajbot.web.utils import download_logo log = logging.getLogger(__name__) log.info('XD') config = configparser.ConfigParser() config = load_config(args.config) config.read('webconfig.ini') if 'web' not in config: log.error('Missing [web] section in config.ini') sys.exit(1) if 'pleblist_password_salt' not in config['web']: salt = generate_random_salt() config.set('web', 'pleblist_password_salt', salt.decode('utf-8')) if 'secret_key' not in config['web']: salt = generate_random_salt() config.set('web', 'secret_key', salt.decode('utf-8')) if 'logo' not in config['web']: res = download_logo(config['main']['streamer']) if res: config.set('web', 'logo', 'set') StreamHelper.init_web(config['main']['streamer']) redis_options = {} if 'redis' in config: redis_options = config._sections['redis'] RedisManager.init(**redis_options) with open(args.config, 'w') as configfile: config.write(configfile) app.bot_modules = config['web'].get('modules', '').split() app.bot_commands_list = [] app.bot_config = config app.secret_key = config['web']['secret_key'] if 'sock' in config and 'sock_file' in config['sock']: SocketClientManager.init(config['sock']['sock_file']) DBManager.init(config['main']['db']) TimeManager.init_timezone(config['main'].get('timezone', 'UTC')) app.module_manager = ModuleManager(None).load() pajbot.web.routes.admin.init(app) pajbot.web.routes.api.init(app) pajbot.web.routes.base.init(app) pajbot.web.common.filters.init(app) pajbot.web.common.assets.init(app) pajbot.web.common.tasks.init(app) pajbot.web.common.menu.init(app) app.register_blueprint(pajbot.web.routes.clr.page) errors.init(app) pajbot.web.routes.clr.config = config version = Bot.version last_commit = '' commit_number = 0 try: current_branch = subprocess.check_output(['git', 'rev-parse', '--abbrev-ref', 'HEAD']).decode('utf8').strip() latest_commit = subprocess.check_output(['git', 'rev-parse', 'HEAD']).decode('utf8').strip()[:8] commit_number = subprocess.check_output(['git', 'rev-list', 'HEAD', '--count']).decode('utf8').strip() last_commit = subprocess.check_output(['git', 'log', '-1', '--format=%cd']).decode('utf8').strip() version = '{0} DEV ({1}, {2}, commit {3})'.format(version, current_branch, latest_commit, commit_number) except: pass default_variables = { 'version': version, 'last_commit': last_commit, 'commit_number': commit_number, 'bot': { 'name': config['main']['nickname'], }, 'site': { 'domain': config['web']['domain'], 'deck_tab_images': config.getboolean('web', 'deck_tab_images'), 'websocket': { 'host': config['websocket'].get('host', config['web']['domain']), 'port': config['websocket']['port'], 'ssl': config.getboolean('websocket', 'ssl') } }, 'streamer': { 'name': config['web']['streamer_name'], 'full_name': config['main']['streamer'] }, 'modules': app.bot_modules, 'request': request, 'session': session, 'google_analytics': config['web'].get('google_analytics', None), } if 'streamtip' in config: default_variables['streamtip_data'] = { 'client_id': config['streamtip']['client_id'], 'redirect_uri': config['streamtip']['redirect_uri'], } else: default_variables['streamtip_data'] = { 'client_id': 'MISSING', 'redirect_uri': 'MISSING', } if 'twitchalerts' in config: default_variables['twitchalerts_data'] = { 'client_id': config['twitchalerts']['client_id'], 'redirect_uri': config['twitchalerts']['redirect_uri'], } else: default_variables['twitchalerts_data'] = { 'client_id': 'MISSING', 'redirect_uri': 'MISSING', } @app.context_processor def current_time(): current_time = {} current_time['current_time'] = datetime.datetime.now() return current_time @app.context_processor def inject_default_variables(): return default_variables