def verifyPass(password, user): if not dbLayer.userExists(user): sys.exit(exits['userNotInDb']) dbPass = dbLayer.getUser(user)['password'] if not pbkdf2_sha256.verify(password, dbPass): sys.exit(exits['userpasscombo']) return True
def verifyPass(password, user): if not dbLayer.userExists(user): sys.exit(exits['userNotInDb']) dbPass = dbLayer.getUser(user)['password'] if not pbkdf2_sha256.verify(password, dbPass): sys.exit(exits['userpasscombo']) return True
def api_admin_delete_user(self): content = request.get_json() if content: if 'user' not in content.keys(): message, code = 'user is not defined', 200 else: if not db.getUser(content['user']): message, code = 'User {} not exists'.format( content['user']), 200 else: db.deleteUser(content['user']) message, code = "User {} deleted".format( content['user']), 200 return make_response(jsonify(message=message), code)
def validateUser(self, user, password): user_obj = db.getUser(user) if not user_obj: return False # 'local_only' users bypass other auth methods. If the user is not, # we try the other auth methods first if (not "local_only" in user_obj.keys() or user_obj["local_only"] is False): for name, authType, method in self.methods: try: result = method.validateUser(user, password) if result is UNREACHABLE: continue # Skip to next if result is AUTHENTICATED: return True # Successful if (authType == "required" and result is WRONG_CREDS): return False if (authType == "sufficient" and result is WRONG_CREDS): continue except Exception as e: print("[!] Exception trying to authenticate user: %s: "%name) print("[!] -> %s"%e) # If we reach here, all methods (if any) failed to authenticate the user # so we check the user against the local database. return db.verifyUser(user, password)
def validateUser(self, user, password): user_obj = db.getUser(user) if not user_obj: return False # 'local_only' users bypass other auth methods. If the user is not, # we try the other auth methods first if (not "local_only" in user_obj.keys() or user_obj["local_only"] is False): for name, authType, method in self.methods: try: result = method.validateUser(user, password) if result is UNREACHABLE: continue # Skip to next if result is AUTHENTICATED: return True # Successful if (authType == "required" and result is WRONG_CREDS): return False if (authType == "sufficient" and result is WRONG_CREDS): continue except Exception as e: print("[!] Exception trying to authenticate user: %s: " % name) print("[!] -> %s" % e) # If we reach here, all methods (if any) failed to authenticate the user # so we check the user against the local database. return db.verifyUser(user, password)
def is_admin(self, id): user_obj = db.getUser(id) if not user_obj: return False return user_obj.get('master', False)