def validate_password(password, password_hash, password_salt):
if not (helpers.is_blank(password) or helpers.is_blank(password_hash)
or helpers.is_blank(password_salt)):
validate_hash = \
binascii.hexlify(hashlib.pbkdf2_hmac("sha512", str.encode(password), str.encode(password_salt), 10000))
return validate_hash and validate_hash == password_hash
return False
def __init__(self, connection_string, db_name, logger):
self.__db_connection_string = connection_string
self.__db_name = db_name
self.__logger = logger
try:
if not helpers.is_blank(self.__db_connection_string):
self.__client = MongoClient(self.__db_connection_string)
if self.__client is not None and not helpers.is_blank(self.__db_name):
self.__db = self.__client[self.__db_name]
except Exception as e:
if self.__logger is not None:
self.__logger.error(e)
def verify_token(self, token):
if not (helpers.is_blank(token)
or helpers.is_blank(self.__security_private_key)):
try:
result = jwt.decode(jwt=token,
key=self.__security_private_key,
verify=True,
algorithms=['HS256'])
return result is not None
except jwt.ExpiredSignatureError as e:
if self.__logger is not None:
self.__logger.error(e)
print(e)
return False
def __init__(self, logging_name, logging_file):
self.__logging_name = logging_name
self.__logging_file = logging_file
if not (helpers.is_blank(self.__logging_name)
or helpers.is_blank(self.__logging_file)):
self.__logger = logging.getLogger(self.__logging_name)
self.__logger.setLevel(logging.DEBUG)
ch = logging.FileHandler(self.__logging_file)
ch.setLevel(logging.DEBUG)
formatter = logging.Formatter(
'%(asctime)s - %(name)s - %(levelname)s - %(message)s')
ch.setFormatter(formatter)
self.__logger.addHandler(ch)
def encrypted_password(password):
if not helpers.is_blank(password):
password_salt = uuid.uuid4().hex
password_hash = \
binascii.hexlify(hashlib.pbkdf2_hmac("sha512", str.encode(password), str.encode(password_salt), 10000))
return {'salt': password_salt, 'hash': password_hash}
return None
def instance(cls, name, email, password, user_type):
user_password_hash = None
user_password_salt = None
if not helpers.is_blank(password):
user_security_properties = app_security.encrypted_password(
password)
if user_security_properties is not None:
if 'hash' in user_security_properties and not helpers.is_blank(
user_security_properties['hash']):
user_password_hash = user_security_properties['hash']
if 'salt' in user_security_properties and not helpers.is_blank(
user_security_properties['salt']):
user_password_salt = user_security_properties['salt']
return cls(name=name,
email=email,
password_hash=user_password_hash,
password_salt=user_password_salt,
user_type=user_type)
def generate_token(self, user):
if user is not None and not helpers.is_blank(
self.__security_private_key
) and self.__security_token_expiry > 0:
return jwt.encode(payload={
"id":
str(user.id),
"email":
user.email,
"exp":
datetime.datetime.utcnow() +
datetime.timedelta(seconds=self.__security_token_expiry)
},
key=self.__security_private_key,
algorithm='HS256')
return None
def validate_authenticate_request(self, request):
code = 200
message = ""
if request is not None:
token = get_token_from_header(request)
if helpers.is_blank(token):
code = 404
message = "Incorrect request"
if not self.verify_token(token):
code = 401
message = "You are unauthorized for this operation"
else:
code = 404
message = "Incorrect request"
return {'code': code, 'message': message}