def login():
"""
登录账号
params: request
return: response
"""
username = request.get_json().get('username')
password = request.get_json().get('password')
if not username or not password:
return apiResponse(204)
auth = Auth.query.filter_by(username=username).first()
if auth is None:
return apiResponse(403)
if encrypt(password) == auth.password:
token = encrypt(str(auth.id) + str(int(time.time() * 1000)))
logintoken = cache.get(token)
if logintoken is None:
cache.set(token, auth.id, 24 * 60 * 60)
res = make_response(apiResponse(200, data=token))
res.set_cookie('token', token, 24 * 60 * 60)
auth.last_time = datetime.now().strftime('%Y-%m-%d %H:%M:%S')
auth.last_ip = request.remote_addr
db.session.commit()
return res
else:
return apiResponse(403)
def changePassword(self, newPassword):
userData = utils.openData("User")
#change all accounts in the shelf file
accountData = utils.openData(self.username)
for key in accountData:
pwd = utils.decrypt(accountData[key], self.getPassword())
accountData[key] = utils.encrypt(pwd, newPassword)
accountData.close()
userData[self.username] = utils.encrypt(newPassword, newPassword, True)
self.setPassword(newPassword)
userData.close()
def addAccount(self, account, newPassword):
data = utils.openData(self.getUsername())
account.setAccountPassword(
utils.encrypt(newPassword, self.getPassword()))
data[account.getKey()] = account.getAccountPassword()
data.close()
self.accountList.append(account)
def changePassword(name, newPass):
'TODO: Test'
pwd = utils.encrypt(newPass)
conn = getConnection()
cursor = conn.cursor()
cursor.execute('''
INSERT into USERS(password) values (%s)
where username = %s ''', (pwd, name));
conn.commit()
def registerUser(name, password, email):
pwd = utils.encrypt(password)
conn = getConnection()
cursor = conn.cursor()
cursor.execute('''
INSERT INTO USERS(username, password, email)
values (%s, %s, %s)
''', (name, pwd, email))
conn.commit()
def authUser(name, password):
pwd = utils.encrypt(password)
with Cursor() as cursor:
cursor.execute("""
SELECT * FROM users
WHERE username=%s
AND password=%s
""", (name, pwd))
return cursor.fetchone()
def post(self):
context = request.get_json()
user_id = request.args.get('user')
note = context['note']
if user_id:
user = User.query.filter_by(id=user_id).first()
if user is not None:
notesobj = Notes(note=(utils.encrypt(note)), user_id=user_id)
db.session.add(notesobj)
db.session.commit()
return {"status": "success"}
else:
return {"status": "User not exist."}
else:
return {"status": "The username and password can not be blank"}
def resetpassword():
"""
重置密码
params: request
return: response
"""
authid = request.get_json().get('authid')
newpassword = request.get_json().get('newpassword')
if not authid or not newpassword:
return apiResponse(204)
auth = Auth.query.filter_by(id=authid).first()
if auth is None:
return apiResponse(405, '账号不存在!')
encrypt_newpassword = encrypt(newpassword)
auth.password = encrypt_newpassword
db.session.commit()
return apiResponse(200)
def adduser():
"""
注册账号
params: request
return: response
"""
username = request.get_json().get('username')
password = request.get_json().get('password')
is_active = request.get_json().get('is_active') or 0
if not username or not password:
return apiResponse(204)
auth = Auth.query.filter_by(username=username).first()
if auth:
return apiResponse(204, '用户已存在!')
encrypt_password = encrypt(password)
userdata = Auth(username=username,
password=encrypt_password,
is_active=(int(is_active) == 1))
db.session.add(userdata)
db.session.commit()
return apiResponse(200)
def setup():
form = ExchangeConnection(request.form)
if request.method == 'POST' and form.validate_on_submit():
exchange_connection = {
"exchange": form.exchange.data,
"bot": form.bot.data,
"api_key": form.api_key.data,
"api_secret": encrypt(form.api_secret.data)
}
try:
kraken = ccxt.kraken({
'apiKey': form.api_key.data,
'secret': form.api_secret.data,
'enableRateLimit': True,
"timeout": 100000,
'options': {
'fetchMinOrderAmounts': False
}
})
kraken.fetch_balance()
logger.info(str(exchange_connection))
logger.info(session['profile']['user_id'])
change_user_app_metadata(session['profile']['user_id'],
exchange_connection)
return redirect(url_for('public.dashboard'))
except:
return render_template(
'setup.html',
form=form,
error="Invalid " + form.exchange.data + " api credentials.",
userinfo=session['profile'],
userinfo_pretty=json.dumps(session['jwt_payload'], indent=4))
else:
return render_template('setup.html',
form=form,
error=None,
userinfo=session['profile'],
userinfo_pretty=json.dumps(
session['jwt_payload'], indent=4))
def test_encrypt_decrypt(self):
textToEncypt = "some random text"
encryptedText = utils.encrypt(textToEncypt, 'some_password')
decryted_text = utils.decrypt(encryptedText, 'some_password')
self.assertEqual(textToEncypt, decryted_text)
def test_random_salt(self):
textToEncrypt = "test random salt"
encrypted_text1 = utils.encrypt(textToEncrypt, 'some_password')
encrypted_text2 = utils.encrypt(textToEncrypt, 'some_password')
self.assertNotEqual(encrypted_text1, encrypted_text2)
def test_negative_decryption(self):
textToEncypt = "some random text"
encryptedText = utils.encrypt("Some Random Text", 'some_password')
decryted_text = utils.decrypt(encryptedText, 'some_password')
self.assertNotEqual(textToEncypt, decryted_text)
def test_double_secure(self):
textToEncypt = "this is a double secure test"
encryptedText = utils.encrypt(textToEncypt, 'some_password', True)
decryted_text = utils.decrypt(encryptedText, 'some_password', True)
self.assertEqual(textToEncypt, decryted_text)
def test_encrypt(self):
result = utils.encrypt('helloworld')
assert result
def test_encrypt(self):
result = utils.encrypt('helloworld')
assert result