Exemplo n.º 1
0
 def send_20():
     if request.method == 'POST':
         user,priv = proc_jwt(request.cookies.get('jwt'))
         if (priv == 'JWTError'):
             return 'Unauthorized', 401, {'Content-Type': 'text/html'}
         u_name = request.form['username']
         oripass = request.form['oripass']
         newpass = request.form['newpass']
         if ((user != u_name) and (priv != "admin")):
             return 'Privilage Error', 400, {'Content-Type': 'text/html'}
         if (dbman.verify_user(u_name,oripass) != "Success."):
             return 'Original password wrong', 400, {'Content-Type': 'text/html'}
         if (dbman.change_user_pass(u_name,newpass) == "Success."):
             respond = make_response("Success.")
             if (u_name == user): #revoke jwt
                 respond = make_response('Relogin.')
                 respond.set_cookie('jwt', '')
             return respond
     return 'Bad Request', 400, {'Content-Type': 'text/html'}
Exemplo n.º 2
0
def m_valid_login(username,password):
    res = dbman.verify_user(username,password)
    if (res == "Success."):
        return True
    return res