Exemplo n.º 1
0
 def insertUser(self, name, passwd):
     """
         Insert user in talbe Users. User password is hashed with salt_p.
         @param name: user name
         @param passwd: user password
     """
     name = name.decode('utf-8')
     passwd = passwd.decode('utf-8')
     # generate salt using cryptographic safe pseudo-random generator
     salt_p = CryptoBasics.genUserPassSalt()
     
     # prepends salts and create hash
     passwd = CryptoBasics.getUserPassHash(salt_p, passwd)
     
     try:
         self._cursor.execute("INSERT INTO Users(name, passwd, salt_p) VALUES(:name, :passwd, :salt_p)",
                               {"name" : name, "passwd" : passwd, "salt_p" : salt_p})
         self._connection.commit()
         logging.info("users with ID: %i, inserted: %s", self._cursor.lastrowid, self._cursor.rowcount)
     except sqlite3.IntegrityError as e:
         logging.warning(e)
     except sqlite3.Error as e:
         logging.exception(e)
         
         self._connection.rollback()
         raise e
Exemplo n.º 2
0
    def selectByNameMaster(self, name, master):
        """
            Select user from database by username and password.
            
            @param name: username
            @param master: plain text password
            
            @return: UserModel object, or None
        """
        name = name.decode('utf-8')
        master = master.decode('utf-8')
        user = None
        try:
            user = self.selectByName(name)
            
            if (not user):
                logging.info("username doesn't exist, %s", name)
                
                return None
            
            # prepare hash
            passwd = CryptoBasics.getUserPassHash(user._salt, master)
        except sqlite3.Error as e:
            logging.exception(e)
            
            raise e
        finally:
            if (user and user._passwd == passwd):
                logging.debug("user with username '%s' selected", name)
                
                user._master = master
                
                return user
            else:
                logging.info("user password not correct")

                return None