def Login(request):
if request.method == 'POST':
mail = request.POST.get('email')
passwd = request.POST.get('password')
if mail == "":
messages.info(request, 'Please fillup all fields')
return redirect('/Login')
else:
data = UserDetail.objects.all().filter(Mail=mail)
if data:
check = serializers.serialize(
'json', data) #query to json data conversation
dta = check
dt = json.loads(dta) #converts string to list
name = dt[0]['fields']['FullName']
check = django_pbkdf2_sha256.verify(
passwd, dt[0]['fields']['Password'])
if UserDetail.objects.filter(Mail=mail) and check == True:
return render(request, 'MainPage/Home.html',
{'name': name})
else:
messages.info(request, 'Please Incorrect Data')
return redirect('/Login')
else:
messages.info(request, 'Incorrect')
return redirect('/Login')
return render(request, 'Login_Page.html', {})
def login(request):
if request.method == 'POST':
if request.POST['type'] == 'Logout':
request.session['email'] = None
return redirect('/')
else:
password = request.POST['password']
user = User.objects.filter(email = request.POST['email'])
if user and handler.verify(password, user[0].password) == True :
request.session['email'] = user[0].email
return redirect('/')
else :
error = "Invalid email or password ."
context = {
'error': error
}
return render(request, 'user/login.html', context)
elif request.method == 'DELETE':
request.session['email'] = None
return redirect('/')
else:
error = None
context = {
'error': error
}
return render(request, 'user/login.html', context)
def login(username: str, password: str) -> bool:
mydb = mysql.connector.connect(
host="",
user="",
password="",
database="",
)
mycursor = mydb.cursor(buffered=True)
mycursor.execute("SHOW TABLES")
mycursor.execute(
"""
SELECT
*
FROM
auth_user
WHERE
username = %(username)s
""", {'username': username})
user = mycursor.fetchone()
if user is None:
print('Incorrect username.')
return False
elif not django_pbkdf2_sha256.verify(password, user[1]):
print('Incorrect password.')
return False
print('Welcome, ' + user[5] + ' ' + user[6])
return True
def post(self, request):
try:
Username = request.data.get('Username')
Password = request.data.get('Password')
Sender_ID = request.data.get('Sender_ID')
Device_type = request.data.get('Device_type')
latitude = request.data.get('latitude')
longitude = request.data.get('longitude')
authenticate = Signup.objects.filter(Username=Username)
if authenticate:
authenticate = authenticate[0]
if handler.verify(Password, authenticate.Password):
authenticate.Sender_ID = Sender_ID
authenticate.Device_type = Device_type
authenticate.save()
id = authenticate.id
fcm = FCMDevice.objects.filter(name=id)
if fcm:
fcm = fcm[0]
fcm.registration_id = Sender_ID
fcm.type = Device_type
fcm.save()
userdata = SerSignup(authenticate)
message = {
'status': True,
'message': 'Successfully Login',
'data': userdata.data,
}
return Response(message)
else:
pass
else:
message = {
'message': 'Username or Password Does Not Match'
}
return Response(message)
else:
message = {'message': 'Username or Password Does Not Match'}
return Response(message)
except Exception as e:
message = {'status': False, 'message': str(e)}
return Response(message)
def Verify(self, to_be_veryfied):
"""This function is useful to verify if the firm is valid, returning true or false"""
try:
list = to_be_veryfied.split(".")
sign = base64.standard_b64decode(list[1]).decode()
return sha256.verify(list[0] + self.key, sign)
except:
reason = sys.exc_info()
raise SignerError("verify by {}".format(reason))
def post(self, request):
try:
id = request.data.get('id')
Full_Name = request.data.get('Full_Name', False)
oldpassword = request.data.get('oldpassword', False)
newpassword = request.data.get('newpassword', False)
Image = request.FILES.get('Image', False)
userObject = Signup.objects.get(id=id)
if handler.verify(oldpassword, userObject.Password):
if newpassword:
userObject.Password = handler.hash(newpassword)
userObject.save()
if Full_Name:
userObject.Full_Name = Full_Name
userObject.save()
if Image:
userObject.Image = Image
userObject.save()
userdata = SerSignup(userObject)
message = {
'status': True,
'message': "Edit Successfully",
'data': userdata.data
}
return Response(message)
else:
message = {
'status': False,
'message': "Your Old Password Doesn't Match",
}
return Response(message)
except Exception as e:
Message = {'status': False, 'message': str(e)}
return Response(Message)
def get_user_email_login(request):
"""
Update user details
-----
{
email:[email protected],
password:roshie,
}
"""
try:
user_id=request.data['email']
user_input_pass=request.data['password']
user=users.objects.get(email=user_id)
if password_handler.verify(user_input_pass, user.password):
success={
'data':{
'id':user.id,
'fname': user.fname,
'lname': user.lname,
'email': user.email,
'password': user.password,
'status': user.status,
'msisdn': user.msisdn,
'role': user.role,
'position_id': user.position_id,
'created_at': user.created_at,
'updated_at': user.updated_at
},
'status_code':200,
}
return Response(success)
else:
success={
'message':'Error',
'status_code':500
}
return Response(success)
except BaseException as e :
error={
'status_code':500,
'message':'error'+str(e),
'data':{
}
}
return Response(error)
def Index(request):
if request.method == 'POST':
try:
u = User.objects.get(email=request.POST['email'])
if handler.verify(request.POST['mdp']+"5645a774-6c94-4521-8c0a-4fc23ed28ff1", u.mdp):
request.session['user_id'] = u.id
request.session['user_name'] = u.nom
request.session['user_prenom'] = u.prenom
return redirect('/lists/')
else:
return render(request, 'home/index.html')
except ObjectDoesNotExist:
pass
return render(request, 'home/index.html')
def admin_authenticate(email, password):
admin = Admins.query.filter_by(email=email).one_or_none()
if not admin:
raise NotFoundError('Email not found')
if not django_pbkdf2_sha256.verify(secret=password, hash=admin.password):
raise UnauthorizedError('Invalid authorization credentials')
admin_attrs = admin.as_dict()
return {
'user': admin_attrs,
'access_token': jwt_token_helper.generate(
sub=admin._id,
exp_in_seconds=86400 * 365,
**admin_attrs,
)
}
def get_customer_email_login(request):
try:
user_id=request.data['email']
user_input_pass=request.data['password']
customer=Customers.objects.get(email=user_id)
if password_handler.verify(user_input_pass, customer.password):
success={
'data':{
'id':customer.id,
'fname': customer.fname,
'lname': customer.lname,
'email': customer.email,
'password': customer.password,
'status': customer.status,
'msisdn': customer.msisdn,
'stripe_id': customer.stripe_id,
'card_brand ': customer.card_brand,
'card_last_four': customer.card_last_four,
'trial_end_at': customer.trial_end_at,
'created_at': customer.created_at,
'updated_at': customer.updated_at
},
'status_code':200,
}
return Response(success)
else:
success={
'message':'Error',
'status_code':500
}
return Response(success)
except:
e = sys.exc_info()[0]
error={
'status_code':500,
'message':'unexpected error',
'data':{
}
}
return Response(error)
def clean(self):
emailid = self.request.POST['emailid']
password = self.request.POST['password']
user = Account.objects.filter(emailid=emailid)
if user:
user_status = user[0].status
if int(user_status) == 0:
raise forms.ValidationError(
_("Disabled Account. Please contact the administrator."))
hash_password = user[0].password
verify_password = handler.verify(password, hash_password)
if verify_password is False:
raise forms.ValidationError(_("Invalid Password"))
else:
raise forms.ValidationError(_("Invalid Emailid"))
return self.cleaned_data
def edit_password(request):
user = request.user
db_password = user.password
old_pass = request.POST['oldpass']
new_pass = request.POST['newpass']
confirm_pass = request.POST['confirmpass']
stuff_for_front = {'error': 'Error occurred'}
if handler.verify(old_pass, db_password):
if new_pass == confirm_pass:
user.password = handler.hash(new_pass)
user.save()
return HttpResponseRedirect(reverse('type:home'))
else:
return render(request, 'registration/changePassword.html',
stuff_for_front)
else:
return render(request, 'registration/changePassword.html',
stuff_for_front)
def login(request):
if request.method == "POST":
username = request.POST['login_name']
password = request.POST['login_password']
user = Account.objects.filter(username=username)[:1]
if user:
hash_pass = user[0].password
is_password_correct = handler.verify(password, hash_pass)
if is_password_correct is False:
return redirect(home)
else:
account = Account.objects.filter(username=username)[:1]
transactions = Transaction.objects.filter(username=account[0].username).order_by('-id')
fname = account[0].first_name
lname = account[0].last_name
response = HttpResponse()
response = render(request, 'dashboard.html', {'transactions': transactions,'fname': fname, 'lname': lname})
response.set_cookie('ACCESS_TOKEN', user[0].id)
return response
return render(request, 'index.html')
def login_user(request):
"""
Create text
-----
{
username:jsdcac
password:jcmadcbnasc
}
"""
try:
user_id = request.data['username']
user_input_pass = request.data['password']
user = users.objects.get(username=user_id)
if password_handler.verify(user_input_pass, user.password):
success = {
'data': {
'user_id': user.user_id,
'full_name': user.full_name,
'username': user.username,
'email': user.email,
'depart': user.department
},
'status_code': 200,
}
return Response(success)
else:
success = {'message': 'Error', 'status_code': 500}
return Response(success)
except BaseException as e:
error = {
'status_code': 500,
'message': 'error' + str(e),
}
return Response(error)
def login_page():
login = request.form.get('login')
password = request.form.get('password')
ses = Session()
if login and password:
user = ses.query(User).filter_by(username=login).first()
if user and django_pbkdf2_sha256.verify(
password,
user.password): #check_password_hash(user.password, password):
login_user(user)
next_page = request.args.get('next')
try:
return redirect(next_page)
except:
return redirect(url_for('main'))
else:
flash('neverno')
else:
flash('zapolnite polya')
ses.close()
return render_template('login.html')
def login(self, email, password, remember):
mydb = mysql.connector.connect(
host="45.63.10.63",
user="******",
password="******",
database="scriptspinner",
port="3306"
)
mycursor = mydb.cursor(buffered=True)
mycursor.execute("""
SELECT
*
FROM
user_scriptspinneruser
WHERE
email = %(email)s
""", {
'email': email
})
user = mycursor.fetchone()
if user and django_pbkdf2_sha256.verify(password, user[1]):
self.is_logged_in = True
self.firstname = user[4]
self.lastname = user[5]
self.email = user[9]
self.paid_until = [10]
if remember:
self._remember()
return True
else:
return False
def ChangePassword(request):
suc_res = ''
err_res = ''
current = request.GET.get('currentPassword', None)
newp = request.GET.get('newPassword', None)
confirmp = request.GET.get('confirmNewPassword', None)
try:
obj = get_object_or_404(CustomUser, email=request.user)
# print(obj.password)
except:
print('NO USER FOUND')
# print(handler.verify(current, obj.password))
if handler.verify(current, obj.password):
obj.set_password(confirmp)
obj.save()
suc_res = 'Password changed successfully!'
else:
err_res = "Invalid current Password!"
msg = {'err_res': err_res, 'suc_res': suc_res}
data = {'msg': msg}
return JsonResponse(data)
# import the hash algorithm
from passlib.hash import django_pbkdf2_sha256
"""
@author Chandan Sharma
@link https://github.com/devchandansh/
@since Version 1.0.0
"""
print(
django_pbkdf2_sha256.verify(
"123",
"pbkdf2_sha256$260000$q1205pY3LBwuAqmlt1bhZx$uMu1eog5dgnTfI+YTa/dq0uxAbIC8RridPmFiqekzd0="
))
"""
==================================================================
Encryption Using Library:: passlib
Library URL: https://passlib.readthedocs.io/en/stable/
==================================================================
"""
def passlib_encryption(raw_password):
"""
Here, Encryption is Using passlib Library.
"""
# generate new salt, and hash a password
if raw_password:
encrypted = pbkdf2_sha256.hash(raw_password)
else:
encrypted = None
def receive(self, text_data):
text_data_json = json.loads(text_data)
message = text_data_json['message']
if message:
parsed_command = message.split(maxsplit=1)
command = parsed_command[0].lower()
try:
command_arguments = parsed_command[1:]
except IndexError:
command_arguments = []
if self.scope['user'].is_authenticated:
try:
return_message = getattr(self.engine,
command)(*command_arguments)
except AttributeError:
# engine has no attribute command
return_message = f"{command} is not a valid command! Type 'help' if you need."
elif command == 'login':
if len(message.split()) == 3:
username_to_login = message.split()[1]
plain_password_to_login = message.split()[2]
if len(User.objects.filter(
username=username_to_login)) == 1:
self.user = User.objects.get(
username=username_to_login)
dt = self.user.last_login
if django_pbkdf2_sha256.verify(plain_password_to_login,
self.user.password):
async_to_sync(auth_login)(self.scope,
user=self.user)
if dt:
return_message = (
f"Welcome back, {self.user}! \n"
f"You last logged in at {dt.strftime('%Y-%m-%d %H:%M')} (UTC)"
)
else:
return_message = (
f"Welcome to the MUD, {self.user}! \n"
f"Since it's your first time here, we'll guide you in your first steps."
)
async_to_sync(self.channel_layer.group_send)(
self.room_group_name, {
'type':
'global_message_login_required_not_me',
'message':
f"{self.user} is back to WilyWolves MUD!",
'sender_channel_name': self.channel_name
})
else:
return_message = "Wrong password! Please try 'login <username> <password> again."
else:
return_message = (
f"{username_to_login!r} is not a valid username. "
"If you are new here, please type 'new'")
else:
return_message = "To log in, please type 'login <username> <password>'."
elif command == 'new':
if len(message.split()) == 3:
username_to_create = message.split()[1]
password_to_create = message.split()[2]
hashed_password = make_password(password_to_create)
if len(User.objects.filter(
username=username_to_create)) == 0:
new_user = User(username=username_to_create,
password=hashed_password,
is_superuser=False,
is_staff=False)
new_user.save()
new_player = Player(user=new_user)
new_player.save()
return_message = (
f"User {username_to_create!r} successfully created! "
"Please type 'login' to start playing.")
else:
return_message = f"Someone is already using {username_to_create}"
else:
return_message = "To create a new user, please type 'new <username> <password>'."
else:
return_message = "You need to log in first. Please type 'login' or 'new'"
if return_message is not None:
self.send(text_data=json.dumps({'message': return_message}))
def check_password(self, password):
if len(password) >= app.config['MIN_PASSWORD_LENGTH']:
return django_pbkdf2_sha256.verify(password, self.pw_hash)
else:
return False
def check_password(user, password):
return handler.verify(password, user.password) if user else False
def check_password(cls, password, _hash):
return django_pbkdf2_sha256.verify(password, _hash)
def verify_password(self, raw_password):
return django_pbkdf2_sha256.verify(raw_password, self.password)
def validate_token(self, token):
conf = self.email + app.config['EMAIL_VERIFY_SECRET_KEY']
return sha256.verify(conf, token)
def verify_hash(password, hash):
return sha256.verify(password, hash)
def verify_hashed_password(self, raw_password, hash):
from passlib.hash import django_pbkdf2_sha256 as hasher
return hasher.verify(raw_password, hash)
reg = user_db.db_add_user(password=u_pwd1,
username=u_name,
email=u_email)
if reg < 0:
print("User name already exist, try again...")
else:
user_entity = user_db.db_get_user(u_name)
break
elif q1 == 1:
u_name = input('User name: ')
u_pwd = input('Password: '******'password']):
user_entity = password
break
else:
print("Wrong password!")
else:
print("Invalid input, 0 and 1 are accepted.")
assert (user_entity is not None)
choice = 0
ui = UserInterface(user_entity, user_db)
while (choice >= 0):
print("=" * 80)
print(
" 1. Read news,\n 2. See stocks,\n 3. Modify personal tags, \n 4. Modify stocks. \n Any Other Key Exit"
def handle(self):
data = "salir"
hostname_postgre = 'localhost'
username_postgre = 'testgis_user'
password_postgre = '1234'
database_postgre = 'testgis_db3'
try: #corta el hilo si no se puede conectar a la base de datos
myConnection = psycopg2.connect(host=hostname_postgre,
user=username_postgre,
password=password_postgre,
dbname=database_postgre)
cur = myConnection.cursor()
login2 = self.request.recv(
10024) #recibe la primera informacion solo user y password
finallogin = json.loads(login2.decode("utf-8", errors="strict"))
print(finallogin)
print("Reportando al sistema")
print(self.request)
email = finallogin["email"]
q = "SELECT * FROM auth_user WHERE email = '%s' " % email
print("user")
print(q)
cur.execute(q)
rows = cur.fetchall() #pasa los datos a la varible
print(rows)
self.validacion = {}
try: #si el usuario no existe corta el hilos ya que rows esta vacio y va a tirar error en la asignacion
#buscamos los datos del perfir dle usuario para saber si es una cuenta individual y se puede rastrear
print("user2")
UA = "SELECT * FROM clientes_userprofile WHERE user_id = '%s' " % rows[
0][0]
cur.execute(UA)
UsuarioActual = cur.fetchall()
if (
UsuarioActual[0][11] != "Individual"
): #hace que salta el try al no ser la cuenta tipo individual
print("dentrouser")
kjc = rows[32]
hash1 = rows[0][1]
print("user5")
if len(
finallogin
) == 2: #chequea si solo hay dos elementos es porque esta logueando si hay mas es poruqe ya se logueo y esta mando info pasando directo al bucle
clave = finallogin["ppp"]
bool1 = django_pbkdf2_sha256.verify(
clave, hash1
) #chequea si el password recibido conincide con el hash de la BD
if bool1:
self.validacion["si"] = "1"
self.informacionValida = json.dumps(self.validacion)
self.request.sendall(
self.informacionValida.encode('utf-8')
) #si la se autentifica devuelve 1 sino manda 0
data = "corriendo"
datalogin = self.request.recv(
10024
) #esto guarda el segundo envio de la app con la marca de inicio o de fin
flogin = json.loads(
datalogin.decode("utf-8", errors="strict"))
print(flogin)
print("luegoLogueo")
self.doQuery(myConnection, flogin)
else:
print("Clave incorrecta")
else:
data = "corriendo"
except:
print("Usuario no existe Error")
self.request.send("0") #le mando cero de falso
data = "salir"
except:
print("unable to connect to the database o anterior")
data = "salir"
if len(finallogin) != 2:
while data != "salir":
try:
final = finallogin
if final["email"] != email:
print(
"el cliente esta mandando otro usuario diferente al cual se autentico se corta hilo"
)
data = "salir"
else:
try:
self.doQuery(myConnection, final)
except:
print("error guardar base de datos")
time.sleep(0.5)
data2 = self.request.recv(10024)
finallogin = json.loads(
data2.decode("utf-8", errors="strict"))
print(finallogin)
except:
print("cliente desconectadoo hubo error general")
data = "salir"
myConnection.close()
from passlib.hash import django_pbkdf2_sha256 hashs = 'pbkdf2_sha256$20000$3RFHVUvhZbu5$llCkkBhVqeh69KSETtH8gK5iTQVy2guwSSyTeGyguxE=' user_input = 'password' # print (django_pbkdf2_sha256.verify(user_input, hashs)) hash = 'pbkdf2_sha256$20000$3RFHVUvhZbu5$llCkkBhVqeh69KSETtH8gK5iTQVy2guwSSyTeGyguxE=' user_inputs = 'password' print(django_pbkdf2_sha256.verify(user_inputs, hash))
from passlib.hash import django_pbkdf2_sha256
hash = django_pbkdf2_sha256.hash("password")
print(hash)
correct_password = django_pbkdf2_sha256.verify('paswdasd', hash)
print(correct_password)
