Exemplo n.º 1
0
 def update(self, db: dataset.Database):
     user_table: dataset.Table = db.create_table("users")
     user_table.upsert({
         "email": self._email,
         "name": self._name,
         "password": encrypt(self._password),
         "aws_access_key_id": encrypt(self._aws_access_key_id),
         "aws_secret_key": encrypt(self._aws_secret_key),
         "aws_region": encrypt(self._aws_region)}, ['email'])
Exemplo n.º 2
0
    def validate_user_rights(self, request_data, _session_db, caller_name):
        valid_session_data = None
        session_user = None
        if hasattr(request_data, "session_token"):
            session_user = gen.validate_user_rights(_session_db,
                                                    request_data.session_token,
                                                    caller_name)
            if session_user is False:
                valid_session_data = login.InvalidSessionToken()
                logger.logKnowledge(
                    "info", "invalid_user_session",
                    "user:%s, caller_name:%s, request:%s" %
                    (session_user, caller_name, request.url))
        print valid_session_data, session_user

        if valid_session_data is None and session_user is not False:
            if hasattr(request_data, "request"):
                if hasattr(request_data.request, "password") and type(
                        request_data.request) != consoleadmin.SaveDBServer:
                    print "password validation"
                    enc_pwd = encrypt(request_data.request.password)
                    if gen.verify_password(_session_db, session_user,
                                           enc_pwd) == 0:
                        valid_session_data = login.InvalidPassword()
                        logger.logKnowledge(
                            "info", "invalid_user_password",
                            "user:%s, caller_name:%s, request:%s" %
                            (session_user, caller_name, request.url))
        return valid_session_data, session_user
def process_mobile_login(db, request, session_user_ip):
    login_type = request.login_type
    username = request.username
    password = request.password
    encrypt_password = encrypt(password)
    try:
        response = verify_login(db, username, encrypt_password)
        is_success = response[0]
        if is_success is False:
            return login.InvalidCredentials(None)

        username = response[2]
        verified_login = response[3]
        user_info = response[4]
        forms = response[5]

        user_category_id = verified_login.get('user_category_id')
        if is_success is False and username is None:
            return login.InvalidCredentials(None)
        if is_success:
            if user_category_id == 3:
                return mobile_user_login_respone(db, login_type,
                                                 session_user_ip, user_info,
                                                 forms)
            else:
                return login.InvalidCredentials(None)
    except Exception, e:
        print e
def process_verify_password(db, request, user_id):
    password = request.password
    encrypt_password = encrypt(password)
    response = verify_password(db, user_id, encrypt_password)
    if response == 0:
        return generalprotocol.InvalidPassword()
    else:
        return generalprotocol.VerifyPasswordSuccess()
Exemplo n.º 5
0
 def verify_password(db, user_id, password):
     ec_password = encrypt(password)
     q = "SELECT username from tbl_user_login_details where user_id = %s and password = %s"
     data_list = db.select_one(q, [user_id, ec_password])
     if data_list is None:
         return False
     else:
         return True
Exemplo n.º 6
0
def check_already_used_password(db, password, user_id):
    result = db.call_proc("sp_forgot_password_old_pass_check", (
        encrypt(password),
        user_id,
    ))
    print "len(result)--", len(result)
    if len(result) > 0:
        return False
    else:
        return True
Exemplo n.º 7
0
def verify_new_password(db, new_password, user_id):
    encrypted_password = encrypt(new_password)
    row = db.call_proc("sp_verify_password", (
        user_id,
        encrypted_password,
    ))
    if (int(row[0]["count"]) <= 0):
        return True
    else:
        return False
def process_reset_password(db, request):
    user_id = validate_reset_token(db, request.reset_token)
    if user_id is not None:
        if check_already_used_password(db, encrypt(request.new_password),
                                       user_id):
            update_password(db, request.new_password, user_id)
            delete_used_token(db, request.reset_token)
            return clientlogin.ResetPasswordSuccess()
        else:
            return clientlogin.EnterDifferentPassword()
    else:
        return clientlogin.InvalidResetToken()
Exemplo n.º 9
0
def verify_password(db, password, user_id):
    print password
    encrypted_password = encrypt(password)
    print encrypted_password
    row = db.call_proc("sp_verify_password", (
        user_id,
        encrypted_password,
    ))
    if (int(row[0]["count"]) <= 0):
        return False
    else:
        return True
def process_save_logindetails(db, request, company_id):
    username = request.username
    password = request.password
    # duplication username validation
    if check_username_duplicate(db, username) is False:
        return clientlogin.UsernameAlreadyExists()
    else:
        encrypt_password = encrypt(password)
        token = request.token
        if save_login_details(db, token, username, encrypt_password,
                              company_id):
            return clientlogin.SaveRegistrationSuccess()
        else:
            return clientlogin.InvalidSessionToken()
Exemplo n.º 11
0
def update_password(db, password, user_id):
    result = db.call_proc_with_multiresult_set(
        "sp_tbl_user_login_details_update", (user_id, encrypt(password)), 1)

    if len(result) == 0:
        raise fetch_error()

    employee_name = result[0][0]["username"]
    action = "\"%s\" has updated his/her password" % (employee_name)
    db.save_activity(user_id, 0, action)

    if result:
        return True
    else:
        return False
def process_login(db, request, client_id, session_user_ip):
    login_type = request.login_type
    username = request.username

    short_name = request.short_name
    encrypt_password = encrypt(request.password)
    user_ip = session_user_ip
    user_id = verify_username(db, username)

    if user_id is None:
        return clientlogin.InvalidCredentials(None)
    else:
        response = verify_login(db, username, encrypt_password)
        print response

    if response is False:
        return invalid_credentials(db, user_id, session_user_ip)
    elif response == "blocked" or response == "disabled":
        return clientlogin.DisabledUser()
    else:
        delete_login_failure_history(db, user_id)
        return user_login_response(db, response, client_id, user_ip,
                                   short_name, login_type.lower())