def login_submit(request):
errors = {}
if request.method == 'POST':
body = json.loads(request.body)
errors = validate_login(body)
if (errors and errors['error']):
print "=========== VALIDATION ERRORS ============="
print errors
return errors
else:
hash = pbkdf2_sha256.using(rounds=8000,
salt=b"10").hash(body['password'])
print "hash : ", hash
account = Account.objects.filter(account_email=body['email'],
login_password=hash).values()
print "========== GET response ================ "
print account
if (account and len(account) > 0):
response_json = init_session(account[0])
if 'error' in response_json:
errors['error'] = response_json['error']
return getResonse(errors, 500)
print "======== SESSION INITIALIZED ============"
print response_json
return getResonse(response_json, 201)
else:
print "===== Username/Password is incorrect =========="
errors['password'] = '******'
return getResonse(errors, 403)
else:
errors['error'] = 'Internal Error'
return getResonse(errors, 500)
def update_signup(form):
print form
hash = pbkdf2_sha256.using(rounds=8000, salt=b"10").hash(form['password'])
form['password'] = hash
print "=============== SIGNUP POST REQUEST ========================="
return form
def get_hashed_client_ip(request):
if not request.headers.getlist("X-Forwarded-For"):
client_ip = request.remote_addr
else:
client_ip = request.headers.getlist("X-Forwarded-For")[0]
return pbkdf2_sha256.using(salt=b'waaroveromverheid').hash(client_ip)
from passlib.handlers.pbkdf2 import pbkdf2_sha256
from typing import AnyStr
password_hasher = pbkdf2_sha256.using(rounds=16)
def hash_password(plain_password):
# type: (AnyStr) -> AnyStr
"""Securely hash password."""
return password_hasher.hash(plain_password)
def verify_password(plain_password, hashed_password):
# type: (AnyStr) -> bool
"""Verify if plain password matches the hashed password."""
return password_hasher.verify(plain_password, hashed_password)
def generate_password_hash(password):
return pbkdf2_sha256.using(rounds=200000, salt_size=16).hash(password)
def hash_password(self, plaintext_password: str) -> str:
return pbkdf2_sha256.using(
rounds=self.hash_rounds,
salt_size=self.salt_size).hash(plaintext_password)