def dashboard(email, password): try: user = users.select(users.c.email == email).execute().first() username = user.username #check that passwords match if check_password_hash(password, user.password, user.salt): #set session hash session_token = generate_password_hash( email, datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S")) stmt = update(users).where(users.c.email == email).values( session_token=session_token) connection = engine.connect() connection.execute(stmt) connection.close() resp = make_response(redirect('/')) resp.set_cookie('session_token', session_token) return resp else: error_msg = "Incorrect Password" return render_template('/index.html', error_msg=error_msg) except AttributeError: error_msg = "no user exists" return render_template('index.html', error_msg=error_msg)
def dashboard(email, password): try: user = users.select(users.c.email == email).execute().first() username = user.username #check that passwords match if check_password_hash(password, user.password, user.salt): #set session hash session_token = generate_password_hash(email, datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S")) stmt = update(users).where(users.c.email==email).values(session_token=session_token) connection = engine.connect() connection.execute(stmt) connection.close() resp = make_response(redirect('/')) resp.set_cookie('session_token', session_token); return resp; else: error_msg = "Incorrect Password" return render_template('/index.html', error_msg=error_msg) except AttributeError: error_msg = "no user exists" return render_template('index.html', error_msg=error_msg)
def validate_login(self, field): """Login validation""" user = self.get_user() if user is None: raise validators.ValidationError('Invalid user') if not check_password_hash(self.password.data.encode("utf-8"), user.password.encode('utf-8'), user.salt): raise validators.ValidationError('Invalid password')
def jwt_authenticate(email, password): user = User.query.filter_by(email=email).first() if user is None: return None auth_ok = check_password_hash(password.encode('utf-8'), user.password.encode('utf-8'), user.salt) if auth_ok: return user else: return None
def jwt_authenticate(email, password): user = User.query.filter_by(email=email).first() if user is None: return None auth_ok = check_password_hash( password.encode('utf-8'), user.password.encode('utf-8'), user.salt ) if auth_ok: return user else: return None
def login(): email = request.form['email'] password = request.form['password'] user = User.objects(email=email).first() if user is not None: password_hash = user.accounts['internal']['password_hash'] salt = user.accounts['internal']['salt'] if check_password_hash(password, password_hash, salt): session['user_id'] = user.get_id() ret = json_util.dumps({"username":user.accounts['internal']['username']}) resp = Response(response=ret, status=200, mimetype="application/json") return resp ret = json_util.dumps({"message":"Incorrect Username or Password."}) resp = Response(response=ret, status=401, mimetype="application/json") return resp
def validate_password(form, field): try: user = User.query.filter(User.email == form.email.data).one() except (MultipleResultsFound, NoResultFound): raise ValidationError("We couldn't find your email.") if user is None: raise ValidationError("We couldn't find your email.") # check the password hash! if not(check_password_hash(form.password.data, user.password_hash, user.salt)): raise ValidationError("Wrong password.") # Make the current user available # to calling code (view). form.user = user
def jwt_authenticate(email, password): """ helper function to authenticate user if credentials are correct :param email: :param password: :return: """ user = User.query.filter_by(email=email).first() if user is None: return None auth_ok = check_password_hash(password.encode('utf-8'), user.password.encode('utf-8'), user.salt) if auth_ok: return user else: return None
def validate_login(self, field): """Login validation""" users = self.get_users() if users is None: raise validators.ValidationError('Invalid user') userFound = False for u in users: if check_password_hash(self.password.data.encode("utf-8"), u.password.encode('utf-8'), u.salt): userFound = True break if not userFound: raise validators.ValidationError('Invalid password') else: self.user = u
def auth_basic(): """ Check for basic auth in header. Return a tuple as result The second value of tuple is set only when user tried basic_auth """ auth = request.authorization # only works in Basic auth if not auth: return False, '' user = UserModel.query.filter_by(email=auth.username).first() auth_ok = False if user is not None: auth_ok = check_password_hash(auth.password.encode('utf-8'), user.password.encode('utf-8'), user.salt) if not auth_ok: return False, 'Authentication failed. Wrong username or password' g.user = user return True, ''
def login(): email = request.form['email'] password = request.form['password'] user = User.objects(email=email).first() if user is not None: password_hash = user.accounts['internal']['password_hash'] salt = user.accounts['internal']['salt'] if check_password_hash(password, password_hash, salt): session['user_id'] = user.get_id() ret = json_util.dumps( {"username": user.accounts['internal']['username']}) resp = Response(response=ret, status=200, mimetype="application/json") return resp ret = json_util.dumps({"message": "Incorrect Username or Password."}) resp = Response(response=ret, status=401, mimetype="application/json") return resp
def jwt_authenticate(email, password): """ helper function to authenticate user if credentials are correct :param email: :param password: :return: """ user = User.query.filter_by(email=email).first() if user is None: return None auth_ok = check_password_hash( password.encode('utf-8'), user.password.encode('utf-8'), user.salt ) if auth_ok: return user else: return None
def auth_basic(): """ Check for basic auth in header. Return a tuple as result The second value of tuple is set only when user tried basic_auth """ auth = request.authorization # only works in Basic auth if not auth: return (False, '') user = UserModel.query.filter_by(email=auth.username).first() auth_ok = False if user is not None: auth_ok = check_password_hash( auth.password.encode('utf-8'), user.password.encode('utf-8'), user.salt) if not auth_ok: return (False, 'Authentication failed. Wrong username or password') g.user = user return (True, '')
def login(): error = None form = AdminForm(request.form) username = form.username.data password = form.password.data user_doc = mongo.db.users.find_one({"username": username}) if user_doc is None: error = "Korisnik ne postoji" elif password == "" or not check_password_hash(password, user_doc["password"], user_doc["salt"]): error = "Pogrešna lozinka" else: session['logged_in'] = True session['username'] = username current_app.logger.info('User %s is logged in' % username) return redirect(url_for('main.index'))
def login(): error = None form = AdminForm(request.form) username = form.username.data password = form.password.data user_doc = mongo.db.users.find_one({"username": username}) if user_doc is None: error = "Korisnik ne postoji" elif password == "" or not check_password_hash( password, user_doc["password"], user_doc["salt"]): error = "Pogrešna lozinka" else: session['logged_in'] = True session['username'] = username current_app.logger.info('User %s is logged in' % username) return redirect(url_for('main.index'))
def login(): form = model_form(User, exclude=("salt", "email"))(request.form) # <- two hours wasted right here! if form.validate_on_submit(): try: user = User.objects.get(username=form.username.data) except User.DoesNotExist as e: flash(("Login Error", "User not found or wrong password"), "danger") except User.MultipleObjectsReturned as e: flash(("DB Error", str(e)), "danger") else: password = form.password.data if check_password_hash(password, user.password.encode(), user.salt.encode()): flash("You are now logged in", "success") return redirect('/') else: flash(("Login Error", "User not found or wrong password"), "danger") if form.errors: flash(form.errors, "danger") form.password.data="" return render_template("login.html", form=form)
def login(): form = model_form(User, exclude=("salt", "email"))( request.form) # <- two hours wasted right here! if form.validate_on_submit(): try: user = User.objects.get(username=form.username.data) except User.DoesNotExist as e: flash(("Login Error", "User not found or wrong password"), "danger") except User.MultipleObjectsReturned as e: flash(("DB Error", str(e)), "danger") else: password = form.password.data if check_password_hash(password, user.password.encode(), user.salt.encode()): flash("You are now logged in", "success") return redirect('/') else: flash(("Login Error", "User not found or wrong password"), "danger") if form.errors: flash(form.errors, "danger") form.password.data = "" return render_template("login.html", form=form)
def verify_password(self, password): return check_password_hash(password, self.password_hash, self.password_salt)
def validate_user_passphrase(self, user_id, passphrase): passphrase = base64.b64encode(passphrase.encode("utf-8")) res = self.get_user_passphrase_hash(user_id) pw_hash, salt = res return check_password_hash(passphrase, pw_hash, salt)
def check_password(self, password): return check_password_hash(password, self.password_hash, self.password_salt, 1 << 15)
def check_password(self, password, hash, salt): return check_password_hash(password, hash, salt)
def verify_password(self, password): return check_password_hash(str(password), str(self.password_hash), str(self.password_salt))
def check_password(self, raw_pw): return scrypt.check_password_hash(raw_pw, self.password_hash, self.salt)
def verify_password(self, password): return check_password_hash(password, self.password_hash, self.salt)