def register(): print('SERVER/LOG: Opening registration page') if request.method == 'POST': user = request.form['username'] email = request.form['email'] pwd = request.form['password'] create_date = str(timestamp) print('SERVER/LOG: Account created by ', user, ' at ', create_date) # TODO: Server side logic to salt and encrypt password salt = Encrypt.generate_salt() session_key = Encrypt.generate_session_key() sym_key_box = Encrypt.generate_key(pwd.encode(), salt) values = (user, email, create_date, base64.b64encode(salt), base64.b64encode(session_key), base64.b64encode(sym_key_box)) db.insert_user(values) return render_template('register.html')
def test_insert_full_user(): ''' Test registration logic, including encrypted storage :param values=(user, email, createDate, salt, auth, symmetricBox): ''' user = '******' email = '*****@*****.**' createDate = '12042017' password = b'testpwd' salt = Encrypt.generate_salt() session_key = Encrypt.generate_session_key() sym_key_box = Encrypt.generate_key(password, salt) values = (user, email, createDate, str(salt), str(session_key), str(sym_key_box)) insert_statement = ( "INSERT INTO user (user, email, createDate, salt, auth, symmetricBox)" "VALUE (%s, %s, %s, %s, %s, %s)") db.insert_row(insert_statement, values)\