예제 #1
0
def login_user():
    """User login."""

    data = json.loads(request.data)
    uname = data.get('uname')
    password = data.get('pass')

    dummy = True  # If problem with implementation, fails closed.

    if not uname:
        dummy = True
    else:
        user = User.query.filter(User.uname == uname.lower()).first()
        if user is None:
            dummy = True
        elif user.deleted:
            dummy = True
        else:
            dummy = False

    if dummy == True:  # Helps prevent side channel timing attacks.
        check_password(password)
        abort(403)
    else:
        hash_match = check_password(password, user.salt, user.pass_hash)
        if hash_match is True:
            session['id'] = auth_change(request.remote_addr,
                                        request.user_agent, user.id)
            return jsonify({'uid': user.id})
        else:
            abort(403)
예제 #2
0
파일: db.py 프로젝트: VladEs9000/CodeTurtle
def auth_acc() -> Tuple[str, bool, str]:
    os.chdir('TheFourth')
    files = os.listdir('notes')
    for i in range(3):
        try:
            auth_acc = input("Введите ваш логин от аккаунта:")
            if auth_acc in files:
                os.chdir('notes')
                os.chdir(auth_acc)
                with open("maininf.conf", 'r', encoding='utf-8') as auth_file:
                    method = auth_file.readline().rstrip().split(' ')
                for i in range(3):
                    try:
                        auth_p = input("Введите пароль для аккаунта:")
                        if security.check_password(method[1], auth_p) is True:
                            return auth_acc, True, auth_p
                        else:
                            i += 1
                        if i == 3:
                            os.chdir('..')
                            return auth_acc, False, auth_p
                    except BaseException:
                        print("Проблемы с паролем")
            else:
                i += 1
            if i == 3:
                return auth_acc, False, auth_p
        except FileNotFoundError:
            print("Не найдено такого аккаунта")
    return auth_acc, False, auth_p
예제 #3
0
def sign_in():
    params = request.get_json()

    user = models.User.query.filter_by(email=params["email"]).first()

    if user is None:
        return jsonify(error="User doesn't exist")

    if check_password(params["password"], user.password):
        return jsonify({"ok": True})
    else:
        return jsonify({"notok": True})
예제 #4
0
def login(username, password):
    """returns the dict:
    \"success\": bool,
    \"user_id\": user_id
    """

    if user_exist(username):
        user_password = db.get_password_db(username)
        if user_password:
            login_success = sec.check_password(password, user_password[0],
                                               user_password[1])
            if login_success:
                return {
                    "success": True,
                    "user_id": db.get_userid_db(username)[0]
                }
    return {"success": False}
예제 #5
0
def login(request):
    try: 
        validate(instance=request.json, schema=login_schema)
        user = DBSession.query(User).filter(User.email == request.json['email']).first()
        if user:
            if check_password(user.password, request.json['password']):
                request.response.status = 200
                return {
                    'id' : user.id,
                    'group' : user.group,
                    'token' : request.create_jwt_token(user.id)
                }
    except:
        request.response.status = 400
        return {'msg' : MESSAGES['request']}
    request.response.status = 403
    return {'msg' :  MESSAGES['login']}
예제 #6
0
def login():
    username = request.form.get('username')
    password = request.form.get('password')
    validate = validate_login(username, password)
    if validate is True:
        username, password = username.strip(), decrypt_password(password)
        customer = Customer.query.filter_by(username=username).all()
        if len(customer) == 1:
            pwhash = username + password
            pwd = customer[0].password
            if check_password(pwd, pwhash):
                cookie = generate_cookie(username, password)
                if add_cookie(cookie, {username: password}):
                    return render_200(cookie)
                return render_400(_('login failed'))
            return render_400(_('The password invalid'))
        return render_400(_('The username invalid'))
    return validate
예제 #7
0
파일: db.py 프로젝트: vermutsk/Laborator
def authentication() -> str:
    try:
        flag = 0
        way = os.getcwd()
        bd_way = os.path.join(way, 'bd.txt')
        flag = start_file(bd_way)
        if flag == 3:
            print("Создайте аккаунт")
            access = ''
            return access
        while flag < 3:
            login = input("\nВведите логин\n")
            flag += 1
            with open(bd_way, 'r', encoding='utf-8') as bd_file:
                for line in bd_file:
                    line = line.rstrip('\n')
                    login1, hash_salt, access = line.split('|')
                    if login == login1:
                        i = 0
                        while i != 3:
                            password = input("Введите пароль\n")
                            if sec.check_password(hash_salt, password):
                                print("Успешно")
                                i = 2
                                sec.security_sys_files(bd_way)
                                return access
                            else:
                                print("Неверный пароль")
                                i += 1
                            if i == 3:
                                print("Слишком много попыток")
            if login != login1:
                print("Данный пользователь не найден")
            if flag == 3:
                print("Слишком много попыток")
    except FileNotFoundError:
        sec.security_sys_files(bd_way)
        print("Создайте аккаунт")
    except Exception:
        sec.security_sys_files(bd_way)
        print("Ошибка")
    assert False
예제 #8
0
파일: db.py 프로젝트: VladEs9000/CodeTurtle
def delete_acc() -> bool:
    os.chdir('TheFourth')
    files = os.listdir('notes')
    for j in range(3):
        try:
            delete_login = input("Введите логин аккаунта который удаляете:")
            if delete_login in files:
                break
            else:
                j += 1
            if j == 3:
                os.chdir('..')
                return False
        except FileNotFoundError:
            print("Не найдено такого аккаунта")
    os.chdir('notes')
    os.chdir(delete_login)
    with open("maininf.conf", 'r', encoding='utf-8') as delete_file:
        method = delete_file.readline().rstrip().split(' ')
        for i in range(3):
            try:
                delete_pass = input("Введите пароль для данного аккаунта:")
                if security.check_password(method[1], delete_pass) is True:
                    check = True
                    break
                else:
                    i += 1
                if i == 3:
                    os.chdir('..')
                    os.chdir('..')
                    os.chdir('..')
                    return False
            except BaseException:
                print("Проблемы с паролем")
    if check is True:
        os.chdir('..')
        shutil.rmtree(delete_login)
        os.chdir('..')
        os.chdir('..')
        return True
    return False
 def check_password(self, password):
     return check_password(password, self.password)
예제 #10
0
 def check_pw(self, pw, hashed_pw):
     return check_password(pw, hashed_pw)
예제 #11
0
def is_password_valid(_login, user_password):
    hashed_password = fetch_user(_login).password
    return check_password(hashed_password, user_password)
예제 #12
0
파일: db.py 프로젝트: VladEs9000/CodeTurtle
def change_password() -> bool:
    os.chdir('TheFourth')
    files = os.listdir('notes')
    for j in range(3):
        try:
            change_login = input("Введите логин аккаунта который изменяете:")
            if change_login in files:
                break
            else:
                j += 1
            if j == 3:
                os.chdir('..')
                return False
        except FileNotFoundError:
            print("Не найдено такого аккаунта")
    os.chdir('notes')
    os.chdir(change_login)
    with open("maininf.conf", 'r', encoding='utf-8') as change_file:
        method = change_file.readline().rstrip().split(' ')
        for i in range(3):
            try:
                change_pass = input("Введите пароль для данного аккаунта:")
                if security.check_password(method[1], change_pass) is True:
                    check = True
                    break
                else:
                    i += 1
                if i == 3:
                    os.chdir('..')
                    os.chdir('..')
                    os.chdir('..')
                    return False
            except BaseException:
                print("Проблемы с паролем")
    if check is True:
        for i in range(3):
            try:
                new_pass = input("Введите ваш новый пароль(без пробелов):")
                if ' ' in new_pass:
                    i += 1
                elif len(new_pass) < 1:
                    i += 1
                elif len(new_pass) > 30:
                    i += 1
                else:
                    choise = True
                    break
                if i == 3:
                    os.chdir('..')
                    os.chdir('..')
                    os.chdir('..')
                    return False
            except BaseException:
                print("Проблемы с паролем")
        if choise is True:
            with open('encodeinf.conf', 'rb') as encode_file:
                encode_key = encode_file.read()
            master_key = security.master_key(change_pass)
            new_master_key = security.master_key(new_pass)
            new_encode_key = security.decrypt(encode_key, master_key)
            new_encode_key = security.encrypt(new_encode_key, new_master_key)
            mainf = open("maininf.conf", 'w')
            mainf.write(change_login + ' ' + security.hash_password(new_pass))
            mainf.close()
            encodefile = open("encodeinf.conf", 'wb')
            encodefile.write(new_encode_key)
            encodefile.close()
            os.chdir('..')
            os.chdir('..')
            os.chdir('..')
            return True
    return False
예제 #13
0
파일: service.py 프로젝트: Romniva/profile
def sign(login, password):
    db_password = repository.get_password(login)
    return security.check_password(password, db_password)