def validate_password(password, password_hash, password_salt): if not (helpers.is_blank(password) or helpers.is_blank(password_hash) or helpers.is_blank(password_salt)): validate_hash = \ binascii.hexlify(hashlib.pbkdf2_hmac("sha512", str.encode(password), str.encode(password_salt), 10000)) return validate_hash and validate_hash == password_hash return False
def __init__(self, connection_string, db_name, logger): self.__db_connection_string = connection_string self.__db_name = db_name self.__logger = logger try: if not helpers.is_blank(self.__db_connection_string): self.__client = MongoClient(self.__db_connection_string) if self.__client is not None and not helpers.is_blank(self.__db_name): self.__db = self.__client[self.__db_name] except Exception as e: if self.__logger is not None: self.__logger.error(e)
def verify_token(self, token): if not (helpers.is_blank(token) or helpers.is_blank(self.__security_private_key)): try: result = jwt.decode(jwt=token, key=self.__security_private_key, verify=True, algorithms=['HS256']) return result is not None except jwt.ExpiredSignatureError as e: if self.__logger is not None: self.__logger.error(e) print(e) return False
def __init__(self, logging_name, logging_file): self.__logging_name = logging_name self.__logging_file = logging_file if not (helpers.is_blank(self.__logging_name) or helpers.is_blank(self.__logging_file)): self.__logger = logging.getLogger(self.__logging_name) self.__logger.setLevel(logging.DEBUG) ch = logging.FileHandler(self.__logging_file) ch.setLevel(logging.DEBUG) formatter = logging.Formatter( '%(asctime)s - %(name)s - %(levelname)s - %(message)s') ch.setFormatter(formatter) self.__logger.addHandler(ch)
def encrypted_password(password): if not helpers.is_blank(password): password_salt = uuid.uuid4().hex password_hash = \ binascii.hexlify(hashlib.pbkdf2_hmac("sha512", str.encode(password), str.encode(password_salt), 10000)) return {'salt': password_salt, 'hash': password_hash} return None
def instance(cls, name, email, password, user_type): user_password_hash = None user_password_salt = None if not helpers.is_blank(password): user_security_properties = app_security.encrypted_password( password) if user_security_properties is not None: if 'hash' in user_security_properties and not helpers.is_blank( user_security_properties['hash']): user_password_hash = user_security_properties['hash'] if 'salt' in user_security_properties and not helpers.is_blank( user_security_properties['salt']): user_password_salt = user_security_properties['salt'] return cls(name=name, email=email, password_hash=user_password_hash, password_salt=user_password_salt, user_type=user_type)
def generate_token(self, user): if user is not None and not helpers.is_blank( self.__security_private_key ) and self.__security_token_expiry > 0: return jwt.encode(payload={ "id": str(user.id), "email": user.email, "exp": datetime.datetime.utcnow() + datetime.timedelta(seconds=self.__security_token_expiry) }, key=self.__security_private_key, algorithm='HS256') return None
def validate_authenticate_request(self, request): code = 200 message = "" if request is not None: token = get_token_from_header(request) if helpers.is_blank(token): code = 404 message = "Incorrect request" if not self.verify_token(token): code = 401 message = "You are unauthorized for this operation" else: code = 404 message = "Incorrect request" return {'code': code, 'message': message}