def addUser(self, email, password, join_date, verified): hashed = bcrypt.hashpw(password, bcrypt.gensalt(1)) user = User(email = email, password = hashed, join_date = join_date, verified = verified) user.put()
def main(): # Make a little password hash username = '******' password = '******' salt = bcrypt.gensalt(6) hashed = bcrypt.hashpw(password, salt) # Get db Connection, Cursor (db,cursor) = OpenCursor() # db Query to set the pw for a particular user query = ''' update users set pw_hash='{pw_hash}' where user_name='{uname}' '''.format(pw_hash=hashed,uname=username) cursor.execute(query) # Commit and close the DB Connection db.commit() db.close()
def __call__(self, form, field): # We run this validator last. If there are already errors, we don't want # to run this validator; everything else needs to be checked first, THEN # we run the expensive DB calls if form.errors: raise StopValidation() # Get db Connection, Cursor (db,cursor) = OpenCursor() # db Query to get pw_hash for this user, if the user exists query = ''' select pw_hash from users where user_name='{uname}' '''.format(uname=form.username.data) cursor.execute(query) pw_hash_dict = cursor.fetchone() # Close the DB Connection db.close() #IF we found a user, get the pw_hash. If not, validation has failed if pw_hash_dict: pw_hash = pw_hash_dict['pw_hash'] else: raise ValidationError(self.message) # Compare the DB password hash to the one the user submitted. If # they don't match, validation has failed. # This also catches the case where the DB password is blank if pw_hash and not pw_hash=='': if not bcrypt.hashpw(field.data, pw_hash) == pw_hash: raise ValidationError(self.message) else: raise ValidationError(self.message)
def _set_password(value): if not constants.PASSWORD_MIN <= len(value) <= constants.PASSWORD_MAX: raise ResponseException(constants.PASSWORD, status_int=409) return bcrypt.hashpw(value, bcrypt.gensalt())
def check_password(password, hashed): return bcrypt.hashpw(password, hashed)
def hash_password(password): return bcrypt.hashpw(password, bcrypt.gensalt(7))
def post(self, user_id): lang_map = { 'en': { 'account': 'Account Not Found', 'pass': '******', 'approved': 'User has not been approved', 'disabled': 'User has been disabled' }, 'es-mx': { 'account': 'Account Not Found', 'pass': '******', 'approved': 'User has not been approved', 'disabled': 'User has been disabled' }, 'pt-br': { 'account': 'Account Not Found', 'pass': '******', 'approved': 'User has not been approved', 'disabled': 'User has been disabled' } } locale = self.json.get('locale') map = lang_map[locale] user = User.query(User.email == self.json['email']).get() if not user: msg = map['account'] raise ResponseException(msg, no_error=True) if user.profile_pending and user.role == Role.client: if not bcrypt.hashpw(self.json['password'], user.password) == user.password: msg = map['pass'] raise ResponseException(msg, no_error=True) self.login(user) self.resp = {'redirect': '/app#/profile/create'} return self.format_resp() if not user.approved: msg = map['approved'] raise ResponseException(msg, no_error=True) if not user.status: msg = map['disabled'] raise ResponseException(msg, no_error=True) if not bcrypt.hashpw(self.json['password'], user.password) == user.password: msg = map['pass'] raise ResponseException(msg, no_error=True) client_role_string = self.json.get('role', None) if client_role_string: client_role = Role.lookup_by_name(client_role_string) if not user.profile: user.profile = Profile() self.login(user) self.resp = user.to_json() self.format_resp()