def addUser(self, email, password, join_date, verified):
hashed = bcrypt.hashpw(password, bcrypt.gensalt(1))
user = User(email = email,
password = hashed,
join_date = join_date,
verified = verified)
user.put()
def main():
# Make a little password hash
username = '******'
password = '******'
salt = bcrypt.gensalt(6)
hashed = bcrypt.hashpw(password, salt)
# Get db Connection, Cursor
(db,cursor) = OpenCursor()
# db Query to set the pw for a particular user
query = ''' update users
set pw_hash='{pw_hash}'
where user_name='{uname}'
'''.format(pw_hash=hashed,uname=username)
cursor.execute(query)
# Commit and close the DB Connection
db.commit()
db.close()
def __call__(self, form, field):
# We run this validator last. If there are already errors, we don't want
# to run this validator; everything else needs to be checked first, THEN
# we run the expensive DB calls
if form.errors:
raise StopValidation()
# Get db Connection, Cursor
(db,cursor) = OpenCursor()
# db Query to get pw_hash for this user, if the user exists
query = ''' select pw_hash
from users
where user_name='{uname}'
'''.format(uname=form.username.data)
cursor.execute(query)
pw_hash_dict = cursor.fetchone()
# Close the DB Connection
db.close()
#IF we found a user, get the pw_hash. If not, validation has failed
if pw_hash_dict:
pw_hash = pw_hash_dict['pw_hash']
else:
raise ValidationError(self.message)
# Compare the DB password hash to the one the user submitted. If
# they don't match, validation has failed.
# This also catches the case where the DB password is blank
if pw_hash and not pw_hash=='':
if not bcrypt.hashpw(field.data, pw_hash) == pw_hash:
raise ValidationError(self.message)
else:
raise ValidationError(self.message)
def _set_password(value):
if not constants.PASSWORD_MIN <= len(value) <= constants.PASSWORD_MAX:
raise ResponseException(constants.PASSWORD, status_int=409)
return bcrypt.hashpw(value, bcrypt.gensalt())
def check_password(password, hashed):
return bcrypt.hashpw(password, hashed)
def hash_password(password):
return bcrypt.hashpw(password, bcrypt.gensalt(7))
def post(self, user_id):
lang_map = {
'en': {
'account': 'Account Not Found',
'pass': '******',
'approved': 'User has not been approved',
'disabled': 'User has been disabled'
},
'es-mx': {
'account': 'Account Not Found',
'pass': '******',
'approved': 'User has not been approved',
'disabled': 'User has been disabled'
},
'pt-br': {
'account': 'Account Not Found',
'pass': '******',
'approved': 'User has not been approved',
'disabled': 'User has been disabled'
}
}
locale = self.json.get('locale')
map = lang_map[locale]
user = User.query(User.email == self.json['email']).get()
if not user:
msg = map['account']
raise ResponseException(msg, no_error=True)
if user.profile_pending and user.role == Role.client:
if not bcrypt.hashpw(self.json['password'], user.password) == user.password:
msg = map['pass']
raise ResponseException(msg, no_error=True)
self.login(user)
self.resp = {'redirect': '/app#/profile/create'}
return self.format_resp()
if not user.approved:
msg = map['approved']
raise ResponseException(msg, no_error=True)
if not user.status:
msg = map['disabled']
raise ResponseException(msg, no_error=True)
if not bcrypt.hashpw(self.json['password'], user.password) == user.password:
msg = map['pass']
raise ResponseException(msg, no_error=True)
client_role_string = self.json.get('role', None)
if client_role_string:
client_role = Role.lookup_by_name(client_role_string)
if not user.profile:
user.profile = Profile()
self.login(user)
self.resp = user.to_json()
self.format_resp()
