def change_pass(self): current_pass = request.args.get('current_pass') new_pass = request.args.get('new_pass') if current_user.authenticate(current_pass): if new_pass: db.changePassword(current_user.id , new_pass) return jsonify({"status": "password_changed"}) return jsonify({"status": "no_password"}) else: return jsonify({"status": "wrong_user_pass"})
def change_pass(self): current_pass = request.args.get('current_pass') new_pass = request.args.get('new_pass') if current_user.authenticate(current_pass): if new_pass: db.changePassword(current_user.id, new_pass) return jsonify({"status": "password_changed"}) return jsonify({"status": "no_password"}) else: return jsonify({"status": "wrong_user_pass"})
def change_pass(): current_pass = request.args.get('current_pass') new_pass = request.args.get('new_pass') if pbkdf2_sha256.verify(current_pass, current_user.password): if new_pass: new_pass = pbkdf2_sha256.encrypt(new_pass, rounds=8000, salt_size=10) db.changePassword(current_user.id , new_pass) return jsonify({"status": "password_changed"}) return jsonfiy({"status": "no_password"}) else: return jsonify({"status": "wrong_user_pass"})
def change_pass(): current_pass = request.args.get('current_pass') new_pass = request.args.get('new_pass') if pbkdf2_sha256.verify(current_pass, current_user.password): if new_pass: new_pass = pbkdf2_sha256.encrypt(new_pass, rounds=8000, salt_size=10) db.changePassword(current_user.id , new_pass) return jsonify({"status": "password_changed"}) return jsonfiy({"status": "no_password"}) else: return jsonify({"status": "wrong_user_pass"})
def validateUser(self, user, pwd): domain = self.domain if user.count("\\") == 1: # Domain added domain, user = user.split("\\") elif user.count("\\") > 1: # Wrong creds return auth.WRONG_CREDS serv = ldap3.Server(self.server, use_ssl=True) try: conn = ldap3.Connection(serv, user="******"%(domain, user), password=pwd, auto_bind=True) if self.sync: db.changePassword(user, pwd) except ldap3.core.exceptions.LDAPSocketOpenError: return auth.UNREACHABLE except ldap3.core.exceptions.LDAPBindError: return auth.WRONG_CREDS return auth.AUTHENTICATED
def validateUser(self, user, pwd): domain = self.domain if user.count("\\") == 1: # Domain added domain, user = user.split("\\") elif user.count("\\") > 1: # Wrong creds return auth.WRONG_CREDS serv = ldap3.Server(self.server, use_ssl=True) try: conn = ldap3.Connection(serv, user="******" % (domain, user), password=pwd, auto_bind=True) if self.sync: db.changePassword(user, pwd) except ldap3.core.exceptions.LDAPSocketOpenError: return auth.UNREACHABLE except ldap3.core.exceptions.LDAPBindError: return auth.WRONG_CREDS return auth.AUTHENTICATED
if dbLayer.userExists(username): sys.exit(exits['userInDb']) # set master if db is empty if dbLayer.getSize(col) > 0: masterLogin() password = promptNewPass() dbLayer.addUser(username, password) else: password = promptNewPass() dbLayer.addUser(username, password, admin=True) sys.exit("User added") elif args.c: username = args.c verifyPass(getpass.getpass("Old password:"******"Password updated") elif args.r: username = args.r if not dbLayer.userExists(username): sys.exit(exits['userNotInDb']) masterLogin() isLastAdmin(username) dbLayer.deleteUser(username) sys.exit('User removed from database') elif args.p: username = args.p if not dbLayer.userExists(username): sys.exit(exits['userNotInDb']) masterLogin() # promote
if dbLayer.userExists(username): sys.exit(exits['userInDb']) # set master if db is empty if dbLayer.getSize(col) > 0: masterLogin() password = promptNewPass() dbLayer.addUser(username, password) else: password = promptNewPass() dbLayer.addUser(username, password, admin=True) sys.exit("User added") elif args.c: username = args.c verifyPass(getpass.getpass("Old password:"******"Password updated") elif args.r: username = args.r if not dbLayer.userExists(username): sys.exit(exits['userNotInDb']) masterLogin() isLastAdmin(username) dbLayer.deleteUser(username) sys.exit('User removed from database') elif args.p: username = args.p if not dbLayer.userExists(username): sys.exit(exits['userNotInDb']) masterLogin() # promote