def create_user(self, username, password, email, \
user_type=USER_TYPES['user']):
'''
Called when a request is made to create a new user account.
@param username:
The username to associate with the new account.
@type username:
String
@param password:
The password to associate with the new account.
@type password:
String
@param email:
The email account to associate with the new account.
@type email:
String
@param user_type:
The user-type of the new account (admin, regular user, etc.).
[Default == regular user]
@type user_type:
Integer (util.config.USER_TYPES)
'''
username = sanitize(username)
password = hash(password)
if 'admin' in username:
user_type = USER_TYPES['admin']
# TODO: Validate the email address -- util.general.validate_email()
add_user_query = \
'''
INSERT OR IGNORE INTO users (user, pass, email, user_type)
VALUES ("%s", "%s", "%s", %d);
'''
print add_user_query
print username
print password
self.db.query(add_user_query % (username, password, email, user_type,))
return True
def attempt_login(self, username, password):
'''
Called when a user has attempted a username and password combination. If
the user is successfully logged in, this will return a valid user-type;
otherwise, it will return 0.
@param username:
The username being attempted.
@type username:
String
@param password:
The password that is associated with the aforementioned username.
@type password:
String
@return:
The user-type if the login succeeds; otherwise, returns 0.
@rtype:
Integer (util.config.USER_TYPES)
'''
username = sanitize(username)
password = hash(password)
find_user_query = \
'''
SELECT * FROM users WHERE user = "******" AND pass = "******";
'''
records = self.db.query(find_user_query % (username, password,))
try:
user = records[0]
user_type = user['user_type']
except IndexError:
LOGGER.warning('Invalid user/pass for user <%s>.' % username)
user_type = 0
return user_type
