def process_login(self, req, res): email = req.params['email'] print(email) password = req.params['password'] LOG.info("login from %s", req.params['email']) session = req.context['session'] try: user_db = session.query(User).filter(User.email == email).one() LOG.info("User from db:%s", user_db) if verify_password(password, user_db.password.encode('utf-8')): res.status = falcon.HTTP_200 res.body = self.to_json(user_db.to_dict()) else: res.status = falcon.HTTP_401 res.body = self.to_json({ 'meta': { 'code': 401, 'message': 'password not match' } }) except NoResultFound: res.status = falcon.HTTP_404 res.body = self.to_json({ 'meta': { 'code': 404, 'message': 'user not exists' } })
def on_post(self, req, res): db_session = req.context['db.session'] redixdb = req.context['redixdb'] user_req = req.context['data'] email = None if user_req: email = user_req['email'] password = user_req['password'] try: # verifying user credentials user_db = User.find_by_email(db_session, email) user_id = user_db.id user_name = user_db.username roles = [i.name for i in user_db.permissions] if verify_password(password, user_db.password.encode('utf-8')): user_data = user_db.to_dict() for item in ["password", "created", "modified"]: del user_data[item] user_data["roles"] = roles #creating token timed_token = generate_timed_token(user_data) token = encrypt_token(timed_token) redixdb.set_hashkey(token, user_id) res.set_header('token', token) user_data["success"] = True self.on_success(res, user_data) else: raise PasswordNotMatch() except NoResultFound: raise UserNotExistsError('User email: %s' % email)
def authenticate_user(email: EmailStr, password: str): user = get_user_by_email(email=email) if not user: return False if not verify_password(password, user.hashed_password): logger.info("Incorrect Password for username: {}".format(email)) return False return user
def process_login(self, req, res): data = req.context['data'] email = data['email'] password = data['password'] session = req.context['session'] try: user_db = User.find_by_email(session, email) if verify_password(password, user_db.password.encode('utf-8')): self.on_success(res, user_db.to_dict()) else: raise PasswordNotMatch() except NoResultFound: raise UserNotExistsError('User email: %s' % email)
def process_login(self, req, res): data = req.context["data"] email = data["email"] password = data["password"] session = req.context["session"] try: user_db = User.find_by_email(session, email) if verify_password(password, user_db.password.encode("utf-8")): self.on_success(res, user_db.to_dict()) else: raise PasswordNotMatch() except NoResultFound: raise UserNotExistsError("User email: %s" % email)
def process_login(self, req, res): email = req.params['email'] password = req.params['password'] session = req.context['session'] try: user_db = User.find_by_email(session, email) if verify_password(password, user_db.password.encode('utf-8')): self.on_success(res, user_db.to_dict()) else: raise PasswordNotMatch() except NoResultFound: raise UserNotExistsError('User email: %s' % email)
def post(self): data = request.get_json() or {} username = data.get("username") password = data.get("password") if not username or not password: return invalid_api_usage("No username or password provided", 400) if not verify_password(username, password): return invalid_api_usage("Invalid username or password", 400) user = User.query.filter( or_(User.username == username, User.email == username)).first() token = Token.query.filter_by(user=user.uid).first() if token: return {"token": token.value} token = Token(user.uid) db.session.add(token) db.session.commit() return {"token": token.value}
def on_post(self, req, res): unauthorized_title = 'Unauthorized' unauthorized_description = 'Invalid credentials' email = req.context['data']['email'] password = req.context['data']['password'] user = self.find_user_by_email(email) if user is None: raise falcon.HTTPUnauthorized(unauthorized_title, unauthorized_description) valid_password = verify_password(password, user.pop('password')) if not valid_password: raise falcon.HTTPUnauthorized(unauthorized_title, unauthorized_description) req.context['result'] = {'token': generate_token(user)} res.status = falcon.HTTP_OK
def on_post(self, req, res): session = req.context['session'] data = json.loads(req.bounded_stream.read().decode()) result = LoginSchema().load(data) if result.errors: res.status = falcon.HTTP_BAD_REQUEST res.body = self.to_json({'errors': result.errors}) else: usr = session.query(User).filter_by(email=data['email']).one() if usr: if verify_password(data['password'], usr.password): u = {"id": usr.id, "name": "%s %s" % (usr.fn, usr.ln)} wt = jwt.encode(u, SECRET_KEY, algorithm='HS256') res.status = falcon.HTTP_200 res.body = self.to_json({'jwt': wt.decode('utf-8')}) else: res.status = falcon.HTTP_401 res.body = self.to_json('Bad password.') else: res.status = falcon.HTTP_NOT_FOUND res.body = self.to_json('User not found.')
def on_post(self, req, res): unauthorized_title = "Unauthorized" unauthorized_description = "Invalid credentials" email = req.context["data"]["email"] password = req.context["data"]["password"] self.cursor.callproc("sp_lookup_user_by_email", [email]) result = self.cursor.fetchone() if result is None: raise falcon.HTTPUnauthorized(unauthorized_title, unauthorized_description) result = result[0] valid_password = verify_password(password, result.pop("password")) if not valid_password: raise falcon.HTTPUnauthorized(unauthorized_title, unauthorized_description) res.status = falcon.HTTP_200 res.body = json.dumps({"token": generate_token(result)})
def on_post(self, req, res): unauthorized_title = 'Unauthorized' unauthorized_description = 'Invalid credentials' email = req.context['data']['email'] password = req.context['data']['password'] self.cursor.callproc('sp_lookup_user_by_email', [email, ]) result = self.cursor.fetchone() if result is None: raise falcon.HTTPUnauthorized(unauthorized_title, unauthorized_description) result = result[0] valid_password = verify_password(password, result.pop('password')) if not valid_password: raise falcon.HTTPUnauthorized(unauthorized_title, unauthorized_description) res.status = falcon.HTTP_200 res.body = json.dumps({ 'token': generate_token(result) })
def test_verify_password(self): teacher = models_teacher.Teacher.objects.get(id=teacher_id) is_same = utils_auth.verify_password("foobar", teacher.hashed_password) pp.pprint(is_same)