def _add_one_user(db: directives.PeeweeSession, username: hug.types.text, password: hug.types.text = None, role: hug.types.one_of(UserRoles.user_roles()) = UserRoles.USER, coupons: hug.types.number = 10): with db.atomic(): name = username.lower() salt = get_random_string(2) secret_password = password or get_random_string(12) hashed_password = hash_pw(name, salt, secret_password) user = User.create(user_name=name, role=role, salt=salt, password=hashed_password, coupons=coupons) user.save() return {"name": user.user_name, "password": secret_password}
def patch_user(db: PeeweeSession, body: hug.types.json, user: hug.directives.user): old_user_password = body["old_user_password"] new_user_password = body["new_user_password"] new_user_password_confirm = body["new_user_password_confirm"] if new_user_password != new_user_password_confirm: raise hug.HTTPBadRequest with db.atomic(): try: if user.password != hash_pw(user.user_name, user.salt, old_user_password): raise hug.HTTPBadRequest salt = get_random_string(2) secret_password = new_user_password hashed_password = hash_pw(user.user_name, salt, secret_password) user.salt = salt user.password = hashed_password user.save() log.info(f"updated {user.user_name}'s pw.") return "updated" except DoesNotExist as e: raise hug.HTTPBadRequest except ValueError as e: raise hug.HTTPBadRequest
def change_user_pw(db: directives.PeeweeSession, username: hug.types.text, password: hug.types.text, for_real: hug.types.smart_boolean = False): if not for_real: print( f"this would change {username}'s pw to {password}. Run with --for_real if you're sure.") sys.exit(1) with db.atomic(): name = username.lower() salt = get_random_string(2) secret_password = password hashed_password = hash_pw(name, salt, secret_password) user = User.get(User.user_name == username) user.salt = salt user.password = hashed_password user.save() print(f"{user.user_name}'s pw successfully changed.")
def verify_user(user_name, user_password, context: PeeweeContext): name = normalize_user(user_name) with context.db.atomic(): try: user = User.get(User.user_name == name) salt = user.salt hashed = hash_pw(name, salt, user_password) if hashed == user.password: return user log.warning("invalid credentials for user: %s", user_name) return False except DoesNotExist: log.warning("user not found: %s", user_name) return False except DatabaseError: log.exception("unknown error logging in: %s", user_name) return False
def put_user(db: PeeweeSession, newUserName: hug.types.text, newUserPassword: hug.types.text, newUserPasswordConfirm: hug.types.text): if newUserPassword != newUserPasswordConfirm: raise hug.HTTPBadRequest with db.atomic(): try: name = newUserName.lower() salt = get_random_string(2) secret_password = newUserPassword hashed_password = hash_pw(name, salt, secret_password) user = User.create(user_name=name, role=UserRoles.USER, salt=salt, password=hashed_password, coupons=10) user.save() return { "username": user.user_name } except IntegrityError: raise hug.HTTPConflict('User already exists.')