class Auth:#{ login_dao = None; def __init__(self): self.login_dao = Login_dao() def get_hashed_username(self, username): salt=self.login_dao.get_salt(username) return hashlib.sha1(username+salt).hexdigest() def verify(self, username, passcode): salt=self.login_dao.get_salt(username) passcode=hashlib.sha256(passcode+salt).hexdigest() verification_result=self.login_dao.is_valid_user(username, passcode) if(verification_result): return self.get_hashed_username(username) return "False"
class Auth: #{ login_dao = None def __init__(self): self.login_dao = Login_dao() def get_hashed_username(self, username): salt = self.login_dao.get_salt(username) return hashlib.sha1(username + salt).hexdigest() def verify(self, username, passcode): salt = self.login_dao.get_salt(username) passcode = hashlib.sha256(passcode + salt).hexdigest() verification_result = self.login_dao.is_valid_user(username, passcode) if (verification_result): return self.get_hashed_username(username) return "False"
from auth_service import Auth from user_stock_value_dao import User_stock_value_dao from user_portfolio_dao import User_portfolio_dao print "Content-Type: text/html\r\n\r\n" form = cgi.FieldStorage() username = str(form.getvalue("username")) passcode = str(form.getvalue("passcode")) first_name = str(form.getvalue("first_name")) last_name = str(form.getvalue("last_name")) profile = Profile(username, passcode, first_name, last_name); login_dao=Login_dao() try: login_dao.create_user(profile) #Verifying to see if the injection was successfuly if(Auth().verify(username,passcode)=="False"): print json.dumps({"status":"Fail"}) else: User_portfolio_dao().insert(username,0,0,0) User_stock_value_dao().insert(username,0,0) print json.dumps({"status": "Success"}) except: print json.dumps({"status":"Fail"})
#!/usr/bin/python import cgi, LINK_HEADERS, sys, json sys.path.insert(0, str(LINK_HEADERS.DATABASE_LINK)) from database_class import DB sys.path.insert(0, str(LINK_HEADERS.MODELS_LINK)) from profile_model import Profile sys.path.insert(0, str(LINK_HEADERS.DAO_LINK)) sys.path.insert(0, str(LINK_HEADERS.SERVICE_LINK)) from login_dao import Login_dao from auth_service import Auth print "Content-Type: text/html\r\n\r\n" form = cgi.FieldStorage() username = str(form.getvalue("username")) passcode = str(form.getvalue("passcode")) first_name = str(form.getvalue("first_name")) last_name = str(form.getvalue("last_name")) profile = Profile(username, passcode, first_name, last_name) if (Auth().verify(username, passcode) == "False"): #If authorization failed, we do not update the user info print json.dumps({"status": "Fail"}) else: #update information Login_dao().update_user(profile) print json.dumps({"status": "Success"})
def __init__(self): self.login_dao = Login_dao()
sys.path.insert(0, str(LINK_HEADERS.SERVICE_LINK)) from login_dao import Login_dao from auth_service import Auth from user_stock_value_dao import User_stock_value_dao from user_portfolio_dao import User_portfolio_dao print "Content-Type: text/html\r\n\r\n" form = cgi.FieldStorage() username = str(form.getvalue("username")) passcode = str(form.getvalue("passcode")) first_name = str(form.getvalue("first_name")) last_name = str(form.getvalue("last_name")) profile = Profile(username, passcode, first_name, last_name) login_dao = Login_dao() try: login_dao.create_user(profile) #Verifying to see if the injection was successfuly if (Auth().verify(username, passcode) == "False"): print json.dumps({"status": "Fail"}) else: User_portfolio_dao().insert(username, 0, 0, 0) User_stock_value_dao().insert(username, 0, 0) print json.dumps({"status": "Success"}) except: print json.dumps({"status": "Fail"})
#!/usr/bin/python import sys, LINK_HEADERS from decimal import * sys.path.insert(0, str(LINK_HEADERS.DAO_LINK)) from transaction_dao import Transaction_dao from user_portfolio_dao import User_portfolio_dao from user_stock_value_dao import User_stock_value_dao from company_dao import Company_dao from login_dao import Login_dao cdao = Company_dao() tdao = Transaction_dao() ldao = Login_dao() usvdao = User_stock_value_dao() updao = User_portfolio_dao() def update_profit_in_transaction(company_stock): user_list = ldao.get_user_list() if user_list: for i in range(len(user_list)): user_stocks = tdao.select_all_active(user_list[i].get_user()) if user_stocks: for j in range(len(user_stocks)): for k in range(len(company_stock)): if user_stocks[j].get_stock( ) == company_stock[k].get_symbol(): current_price = company_stock[k].get_ask() purchase_price = user_stocks[j].get_price()
#!/usr/bin/python import cgi, LINK_HEADERS, sys, json sys.path.insert(0, str(LINK_HEADERS.DATABASE_LINK)) from database_class import DB sys.path.insert(0, str(LINK_HEADERS.MODELS_LINK)) from profile_model import Profile sys.path.insert(0, str(LINK_HEADERS.DAO_LINK)) sys.path.insert(0, str(LINK_HEADERS.SERVICE_LINK)) from login_dao import Login_dao from auth_service import Auth print "Content-Type: text/html\r\n\r\n" form = cgi.FieldStorage() username = str(form.getvalue("username")) old_passcode = str(form.getvalue("old_passcode")) new_passcode = str(form.getvalue("new_passcode")) verify_passcode = str(form.getvalue("verify_passcode")) profile = Profile(username, new_passcode, "", "") profile.prepare() if (Auth().verify(username, old_passcode) == "False"): print json.dumps({"status": "Fail"}) else: Login_dao().update_passcode(profile) print json.dumps({"status": "Success"})