예제 #1
0
def validate_password(password, password_hash, password_salt):
    if not (helpers.is_blank(password) or helpers.is_blank(password_hash)
            or helpers.is_blank(password_salt)):
        validate_hash = \
            binascii.hexlify(hashlib.pbkdf2_hmac("sha512", str.encode(password), str.encode(password_salt), 10000))
        return validate_hash and validate_hash == password_hash

    return False
예제 #2
0
    def __init__(self, connection_string, db_name, logger):
        self.__db_connection_string = connection_string
        self.__db_name = db_name
        self.__logger = logger

        try:
            if not helpers.is_blank(self.__db_connection_string):
                self.__client = MongoClient(self.__db_connection_string)

            if self.__client is not None and not helpers.is_blank(self.__db_name):
                self.__db = self.__client[self.__db_name]
        except Exception as e:
            if self.__logger is not None:
                self.__logger.error(e)
    def verify_token(self, token):
        if not (helpers.is_blank(token)
                or helpers.is_blank(self.__security_private_key)):
            try:
                result = jwt.decode(jwt=token,
                                    key=self.__security_private_key,
                                    verify=True,
                                    algorithms=['HS256'])
                return result is not None
            except jwt.ExpiredSignatureError as e:
                if self.__logger is not None:
                    self.__logger.error(e)
                print(e)

        return False
    def __init__(self, logging_name, logging_file):
        self.__logging_name = logging_name
        self.__logging_file = logging_file

        if not (helpers.is_blank(self.__logging_name)
                or helpers.is_blank(self.__logging_file)):

            self.__logger = logging.getLogger(self.__logging_name)
            self.__logger.setLevel(logging.DEBUG)

            ch = logging.FileHandler(self.__logging_file)
            ch.setLevel(logging.DEBUG)
            formatter = logging.Formatter(
                '%(asctime)s - %(name)s - %(levelname)s - %(message)s')
            ch.setFormatter(formatter)
            self.__logger.addHandler(ch)
예제 #5
0
def encrypted_password(password):
    if not helpers.is_blank(password):
        password_salt = uuid.uuid4().hex
        password_hash = \
            binascii.hexlify(hashlib.pbkdf2_hmac("sha512", str.encode(password), str.encode(password_salt), 10000))

        return {'salt': password_salt, 'hash': password_hash}

    return None
예제 #6
0
    def instance(cls, name, email, password, user_type):
        user_password_hash = None
        user_password_salt = None
        if not helpers.is_blank(password):
            user_security_properties = app_security.encrypted_password(
                password)
            if user_security_properties is not None:
                if 'hash' in user_security_properties and not helpers.is_blank(
                        user_security_properties['hash']):
                    user_password_hash = user_security_properties['hash']
                if 'salt' in user_security_properties and not helpers.is_blank(
                        user_security_properties['salt']):
                    user_password_salt = user_security_properties['salt']

        return cls(name=name,
                   email=email,
                   password_hash=user_password_hash,
                   password_salt=user_password_salt,
                   user_type=user_type)
    def generate_token(self, user):
        if user is not None and not helpers.is_blank(
                self.__security_private_key
        ) and self.__security_token_expiry > 0:
            return jwt.encode(payload={
                "id":
                str(user.id),
                "email":
                user.email,
                "exp":
                datetime.datetime.utcnow() +
                datetime.timedelta(seconds=self.__security_token_expiry)
            },
                              key=self.__security_private_key,
                              algorithm='HS256')

        return None
    def validate_authenticate_request(self, request):
        code = 200
        message = ""

        if request is not None:
            token = get_token_from_header(request)
            if helpers.is_blank(token):
                code = 404
                message = "Incorrect request"

            if not self.verify_token(token):
                code = 401
                message = "You are unauthorized for this operation"

        else:
            code = 404
            message = "Incorrect request"

        return {'code': code, 'message': message}