Exemplo n.º 1
0
 def __init__(self, login_name, mobile, login_pwd, inst_id, referral_code,
              nickname):
     self.login_name = login_name  # or utils.genereate_random_string(20, 20)
     self.mobile = mobile
     self.nickname = nickname
     self.salt = utils.genereate_random_string(8, 32)
     self.login_pwd = utils.encrypt_password(
         utils.decrypt_password(login_pwd), self.salt)
     self.inst_id = inst_id
     self.referral_code = referral_code
     self.try_login_times = 0
Exemplo n.º 2
0
def change_pwd():
    form = ChangePwdForm()
    if form.validate_on_submit():
        # 验证码
        session['vcode:count'] += 1
        if session['vcode:count'] >= 5 or form.captcha.data != session['vcode']:
            return jsonify(errors.error_handler(errors.ERROR_INVALID_VCODE))

        # 用户
        user = Userinfo.query.with_for_update().get(
            flask_login.current_user.userid)
        if user is None:
            return jsonify(errors.error_handler(errors.ERROR_INVALID_SESSION))

        #ciphertext = hashlib.md5(utils.tobytes(user.login_pwd + form.captcha.data)).hexdigest()
        #logger.info(ciphertext)
        #if ciphertext != form.login_pwd.data:
        #    logger.info(form.login_name.data + '原密码错误')
        #    return jsonify(errors.error_handler(errors.ERROR_USER_AUTH))

        ciphertext = utils.encrypt_password(
            utils.decrypt_password(form.login_pwd.data), user.salt)
        logger.info(ciphertext)
        if ciphertext != user.login_pwd:
            logger.info(user.login_name + '原密码错误')
            return jsonify(errors.error_handler(errors.ERROR_PASSWORD))

        user.login_pwd = utils.encrypt_password(
            utils.decrypt_password(form.new_login_pwd.data), user.salt)
        db.session.commit()

        return jsonify({'errcode': 0})
    else:
        for field in form:
            if field.errors:
                logger.info(field)
                logger.info(field.errors)
                for error in field.errors:
                    logger.info(error)

    return jsonify(errors.error_handler(errors.ERROR_INVALID_FORM_DATA))
Exemplo n.º 3
0
 def login(self, username, password):
     '''
     login via user name
     '''
     en_password = encrypt_password(password)
     user = self.db().find_one({
         User.USER_NAME: username,
         User.PASSWORD: en_password
     })
     if user is None:
         return
     user[User.ID] = str(user[User.ID])
     return user
Exemplo n.º 4
0
    def register(self, user):
        '''
        register a new user
        '''

        if self.db().find_one({User.USER_NAME: user[User.USER_NAME]}) is None:
            user[User.PASSWORD] = encrypt_password(user[User.PASSWORD])
            if 'role' not in user:
                user[User.ROLE] = 'member'
            if 'interest' not in user:
                user[User.INTEREST] = []
            user_id = self.db().save(user)
            user[User.ID] = str(user_id)
            return user
        else:
            return
Exemplo n.º 5
0
def login():
    form = LoginForm()

    if form.validate_on_submit():
        session['vcode:count'] += 1
        if session['vcode:count'] >= 5 or form.captcha.data != session['vcode']:
            return jsonify(errors.error_handler(errors.ERROR_INVALID_VCODE))

        user = Userinfo.query.with_for_update().filter_by(
            login_name=form.login_name.data).first()
        if user is None:
            user = Userinfo.query.with_for_update().filter_by(
                mobile=form.login_name.data).first()
            if user is None:
                logger.info(form.login_name.data + '用户不存在')
                return jsonify(errors.error_handler(errors.ERROR_USER_AUTH))

        #if len(user.login_pwd) == 32:
        #    ciphertext = hashlib.md5(utils.tobytes(user.login_pwd + form.captcha.data)).hexdigest()
        #    logger.info(ciphertext)
        #    if ciphertext != form.login_pwd.data:
        #        logger.info(form.login_name.data + '登录密码错误')
        #        return jsonify(errors.error_handler(errors.ERROR_USER_AUTH))
        #else:
        ciphertext = utils.encrypt_password(
            utils.decrypt_password(form.login_pwd.data), user.salt)
        logger.info(ciphertext)
        if ciphertext != user.login_pwd:
            logger.info(form.login_name.data + '登录密码错误')
            return jsonify(errors.error_handler(errors.ERROR_USER_AUTH))

        user.try_login_times = user.try_login_times + 1
        db.session.flush()
        db.session.commit()

        # 存储会话
        flask_login.login_user(user)

        return jsonify({'errcode': 0, 'data': {'userid': user.userid}})
    else:
        for field in form:
            if field.errors:
                logger.info(field)
                for error in field.errors:
                    logger.info(error)

        return jsonify(errors.error_handler(errors.ERROR_INVALID_FORM_DATA))
Exemplo n.º 6
0
    def change_password(self, ctx, step, request_data, response_data):
        if not self.test_value(ctx, step["test"]):
            return 0

        params = step["param_list"].split(",")
        params_len = len(params)

        userid = request_data.get("userid")
        login_pwd = request_data.get("login_pwd")

        if login_pwd:
            salt = utils.genereate_random_string(8, 32)
            ciphertext = utils.encrypt_password(login_pwd, salt)
            ctx.conn.execute(
                "update userinfo set login_pwd=:login_pwd, salt=:salt where userid=:userid",
                [ciphertext, salt, userid])

        return 0
Exemplo n.º 7
0
from app.validator import User
from app.utils import encrypt_password
from app.service import UserService

if __name__ == "__main__":
    __user_service = UserService()
    user = {}
    user[User.FIRST_NAME] = 'kumar'
    user[User.LAST_NAME] = 'mrigendra'
    user[User.USER_NAME] = 'kumar'
    user[User.PASSWORD] = encrypt_password("1234")
    user[User.INTEREST] = ["Internet", "Science", "Music", "Logic"]
    __user_service.db().save(user)
    print "User created successfully"
Exemplo n.º 8
0
 def test_encrypt_password(self):
     password = '******'
     self.assertNotEqual(encrypt_password(password), password)
Exemplo n.º 9
0
 def test_verify_password(self):
     password = '******'
     encrypted_password = encrypt_password(password)
     self.assertTrue(verify_password(password, encrypted_password))