def register():
"""Create a new blog user."""
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
first_name = request.form.get('first_name', '')
last_name = request.form.get('last_name', '')
db = get_db()
error = None
if not username:
error = 'Username is required!'
elif not password:
error = 'Password is required!'
elif User.query.filter_by(username=username).first() is not None:
error = 'User {} is already registered!'.format(username)
if error is None:
user = User(username=username,
first_name=first_name,
last_name=last_name)
user.set_password(password)
db.session.add(user)
db.session.commit()
return redirect(url_for('auth.login'))
flash(error)
return render_template('auth/register.html')
def register():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = RegistrationForm()
if form.validate_on_submit():
user = User(username=form.username.data, email=form.email.data)
user.set_password(form.password.data)
db.session.add(user)
db.session.commit()
flash('Congratulations, you are now a registered user!')
return redirect(url_for('auth.login'))
return render_template('auth/register.html', title='Register', form=form)
def add_user(userid, password):
user = User.query.filter(User.userid == userid).first()
if user is not None:
return
print('ユーザ"{}"追加'.format(userid))
user = User(userid=userid)
user.set_password(password)
user.enabled = True
user.admin = True
user.staff = True
db.session.add(user)
db.session.commit()
def create():
form = UsersNewForm()
if form.validate_on_submit():
user = User()
form.populate_obj(user)
user.set_password(form.password.data)
db.session.add(user)
try:
db.session.commit()
flash('User created correctly.', 'success')
return redirect(url_for('users.index'))
except:
db.session.rollback()
flash('Error generating user!', 'danger')
return render_template('users/create.pug', form=form)
def create():
form = UserNewForm()
if form.validate_on_submit():
user = User()
form.populate_obj(user)
user.set_password(form.password.data)
db.session.add(user)
try:
db.session.commit()
flash('ユーザを追加しました', 'success')
return redirect(url_for('users.index'))
except Exception as e:
db.session.rollback()
flash('ユーザ追加時にエラーが発生しました {}'.format(e), 'danger')
app.logger.exception(e)
return render_template('users/edit.pug', form=form)
def admin():
""" Admin password settings """
p1 = getpass('Enter new admin password: '******'Retype new admin password: '******'Authentication token manipulation error')
print('password unchanged')
return
user = User.query.filter_by(userid='admin').first()
if user is None:
user = User(userid='admin')
user.set_password(p1)
db.session.add(user)
try:
db.session.commit()
print('password updated successfully')
except:
print('password unchanged')
db.session.rollback()
def test_create_db(app, runner):
result = runner.invoke(args=['create-db'])
assert 'database created' in result.output
with app.app_context():
user = User(name='testing')
user.set_password('testing')
post = Post(title='testing', body='testing')
post.author = user
db.session.add_all([user, post])
db.session.commit()
users = User.query.all()
posts = Post.query.all()
assert len(users) == 1
assert len(posts) == 1
result = runner.invoke(args=['create-db', '--force'])
assert 'old database dropped' in result.output
with app.app_context():
users = User.query.all()
posts = Post.query.all()
assert len(users) == 0
assert len(posts) == 0
def populate_db(app):
with app.app_context():
if len(User.query.all()) > 0:
return
admin = User(username='******',
is_admin=True,
reset_q='The place I put that thing one time.',
reset_a=randstr(64))
admin.set_password(randstr(64))
guest = User(username='******',
reset_q='My favourite place of learning!',
reset_a='unsw')
guest.set_password('guest')
azured = User(username='******',
reset_q='All I see is...',
reset_a='*******')
azured.set_password('hunter2')
mail = Email(subject='Welcome to LMail',
body='Email we send to you will appear in this inbox!')
db.session.add(admin)
db.session.add(guest)
db.session.add(azured)
db.session.add(mail)
db.session.commit()
def register():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
error = None
if not username:
error = 'Username is required.'
elif not password:
error = 'Password is required.'
elif User.query.filter_by(username=username).first() is not None:
error = 'User {} is already registered.'.format(username)
if error is None:
user = User(username=username)
user.set_password(password)
db.session.add(user)
db.session.commit()
return redirect("/")
flash(error)
return render_template('auth/register.html')
def run(self):
print('Initialize Start')
print('Initialize Administrator')
user = User.query.filter(User.userid == 'admin').first()
if user is None:
user = User(userid='admin')
user.set_password('password')
db.session.add(user)
print('Initialize TimeRule Table')
timerule = TimeRule.query.filter(TimeRule.caption == '00:標準').first()
if timerule is None:
timerule = TimeRule(caption="00:標準", rules=default_rule)
db.session.add(timerule)
timerule = TimeRule.query.filter(TimeRule.caption == '10:職員').first()
if timerule is None:
timerule = TimeRule(caption="10:職員", rules=default_rule_staff)
db.session.add(timerule)
try:
db.session.commit()
print('Initialize End')
except Exception as e:
db.session.rollback()
print('Initialize Error {}'.format(e))
print_exc()
def populate_db(app):
with app.app_context():
if len(Trash.query.all()) > 0:
return
admin = User(username='******')
admin.set_password(randstr(64))
user = User(username='******')
user.set_password(randstr(64))
db.session.add(admin)
db.session.add(user)
db.session.commit()
post_trash(admin, 1, False, 'You Found Me!', app.config.get("FLAG"))
post_trash(
admin, 2, True, 'Get some Lorem Ipsum',
'''Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.'''
)
post_trash(
user, 3, True, 'The Conscience of a Hacker',
''' Another one got caught today, it's all over the papers. "Teenager
Arrested in Computer Crime Scandal", "Hacker Arrested after Bank Tampering"...
Damn kids. They're all alike.
But did you, in your three-piece psychology and 1950's technobrain,
ever take a look behind the eyes of the hacker? Did you ever wonder what
made him tick, what forces shaped him, what may have molded him?
I am a hacker, enter my world...
Mine is a world that begins with school... I'm smarter than most of
the other kids, this crap they teach us bores me...
Damn underachiever. They're all alike.
I'm in junior high or high school. I've listened to teachers explain
for the fifteenth time how to reduce a fraction. I understand it. "No, Ms.
Smith, I didn't show my work. I did it in my head..."
Damn kid. Probably copied it. They're all alike.
I made a discovery today. I found a computer. Wait a second, this is
cool. It does what I want it to. If it makes a mistake, it's because I
screwed it up. Not because it doesn't like me...
Or feels threatened by me...
Or thinks I'm a smart ass...
Or doesn't like teaching and shouldn't be here...
Damn kid. All he does is play games. They're all alike.
And then it happened... a door opened to a world... rushing through
the phone line like heroin through an addict's veins, an electronic pulse is
sent out, a refuge from the day-to-day incompetencies is sought... a board is
found.
"This is it... this is where I belong..."
I know everyone here... even if I've never met them, never talked to
them, may never hear from them again... I know you all...
Damn kid. Tying up the phone line again. They're all alike...
You bet your ass we're all alike... we've been spoon-fed baby food at
school when we hungered for steak... the bits of meat that you did let slip
through were pre-chewed and tasteless. We've been dominated by sadists, or
ignored by the apathetic. The few that had something to teach found us will-
ing pupils, but those few are like drops of water in the desert.
This is our world now... the world of the electron and the switch, the
beauty of the baud. We make use of a service already existing without paying
for what could be dirt-cheap if it wasn't run by profiteering gluttons, and
you call us criminals. We explore... and you call us criminals. We seek
after knowledge... and you call us criminals. We exist without skin color,
without nationality, without religious bias... and you call us criminals.
You build atomic bombs, you wage wars, you murder, cheat, and lie to us
and try to make us believe it's for our own good, yet we're the criminals.
Yes, I am a criminal. My crime is that of curiosity. My crime is
that of judging people by what they say and think, not what they look like.
My crime is that of outsmarting you, something that you will never forgive me
for.
I am a hacker, and this is my manifesto. You may stop this individual,
but you can't stop us all... after all, we're all alike.
+++The Mentor+++''')
def test_password_hashing(self):
u = User(username='******')
u.set_password('cat')
self.assertFalse(u.check_password('dog'))
self.assertTrue(u.check_password('cat'))
from getpass import getpass
from flask import current_app as app
from flaskr import db
from flaskr.models import User
username = input("Username: "******"Password: "******"Repeat password: "******"Passwords are not the same")
password = getpass("Password: "******"Repeat password: "******"Name of a photo file: ")
db.session.add(user)
try:
db.session.commit()
print("Admin added successfully!")
except:
db.session.rollback()
print("Adding failed :(")
