def register(username: str, password: str, privilege_level: int) -> bool:
"""
Registers a new user.
Checks, if the user already exists and only registers a new one, if
the username isn't already taken.
:param username: The new user's username
:param password: The new user's password
:param privilege_level: The new user's privilege level
:return: Whether the new user was registered or not
"""
password_salt = os.urandom(512)
password_hashed = argon2.argon2_hash(password, password_salt)
del password
if users.get(username) is not None:
return False
user = users.create(username, password_hashed, password_salt)
with persistance():
user.privilege_level = privilege_level
user_token = os.urandom(64).hex()
while user_cache.exists(user_token):
user_token = os.urandom(64).hex()
pub('user_authenticated', user_token, username, user.privilege_level, config.get('user_ttl'))
return True
def authenticate(username: str, password: str) -> str:
"""
This method is used to authenticate a user using their credentials.
If the authentication process is successful, a user token is generated
and published to the user_cache. The user token is also returned by this method
so that it can be passed to the client as a response.
If the user couldn't be authenticated, an empty string is returned.
:param username: The user's username
:param password: The user's password
:return: The user's token
"""
user = users.get(username)
if user is None:
del password
return ""
hash_result = argon2.argon2_hash(password, user.password_salt)
del password
if hash_result == user.password_hash:
user_token = os.urandom(64).hex()
while user_cache.exists(user_token):
user_token = os.urandom(64).hex()
pub('user_authenticated', user_token, username, user.privilege_level, config.get('user_ttl'))
return user_token
return ""
def playlists_remove(playlist_id=0):
# TODO: Make more beautiful
if not user_cache.exists(g.user_token):
return json.dumps({'success': False, 'reason': Response.UNAUTHORIZED})
if user_cache.whois(g.user_token) != playlists.get(playlist_id).username:
return json.dumps({'success': False, 'reason': Response.UNAUTHORIZED})
return json.dumps({'success': playlists.remove(playlist_id)})
def playlists_create(name=None):
if not user_cache.exists(g.user_token):
return json.dumps({'success': False, 'reason': Response.UNAUTHORIZED})
return json.dumps({
'success':
True,
'result':
PlaylistEncoder().default(
playlists.create(user_cache.whois(g.user_token), name))
})