Пример #1
0
def change_password(): #token, old_password, new_password
    token = request.headers.get('token')
    email = get_email_by_token(token)
    oldPW = request.form['oldPasswordChange']
    newPW = request.form['newPasswordChange']

    userInfo = database_helper.get_user_mail_pw(email, oldPW)
    if userInfo != None: #userInfo[0] = email, userInfo[1] = pw, userInfo[2] = salt
        oldHashedPW = getHashedPW(oldPW, userInfo[2])
        #check old PW
        if (userInfo[1] == oldHashedPW):
            newHashedPW, newSalt = hashPw(newPW)
            database_helper.change_pw(newHashedPW, newSalt, email)
            return json.dumps({"success": "true", "message": "Password changed."})
        else:
            return json.dumps({"success": "false", "message": "Incorrect password."})  

    else:
        return json.dumps({"success": "false", "message": "No user found."}) 
Пример #2
0
def sign_in(): #email, password
    email = request.form['loginUsernameInput']
    password = request.form['loginPasswordInput']
    #query user db
    userInfo = database_helper.get_user_mail_pw(email, password) #userInfo[0] = email, userInfo[1] = pw, userInfo[2] = salt

    #check is user is found in db
    if userInfo != None:
        #check if password is correct
        hashedPassword = getHashedPW(password, userInfo[2])
        if (hashedPassword == userInfo[1]):
            #get token
            token = get_unique_token()
            #add token and mail to active users list
            active_users[token] = email
            return json.dumps({"success": "true", "message": "Sign in successful.", "data": token})    
        else:
            return json.dumps({"success": "false", "message": "Invalid password."})
    else:
        return json.dumps({"success": "false", "message": "Username not found."})