def check_password(user,
pwd,
doctype="User",
fieldname="password",
delete_tracker_cache=True):
"""Checks if user and password are correct, else raises frappe.AuthenticationError"""
result = (frappe.qb.from_(Auth).select(
Auth.name, Auth.password).where((Auth.doctype == doctype)
& (Auth.name == user)
& (Auth.fieldname == fieldname)
& (Auth.encrypted == 0)).limit(1).run(
as_dict=True))
if not result or not passlibctx.verify(pwd, result[0].password):
raise frappe.AuthenticationError(_("Incorrect User or Password"))
# lettercase agnostic
user = result[0].name
# TODO: This need to be deleted after checking side effects of it.
# We have a `LoginAttemptTracker` that can take care of tracking related cache.
if delete_tracker_cache:
delete_login_failed_cache(user)
if not passlibctx.needs_update(result[0].password):
update_password(user, pwd, doctype, fieldname)
return user
def check_password(user, pwd, doctype='User', fieldname='password'):
'''Checks if user and password are correct, else raises frappe.AuthenticationError'''
auth = frappe.db.sql("""select name, `password`, salt from `__Auth`
where doctype=%(doctype)s and name=%(name)s and fieldname=%(fieldname)s and encrypted=0
and (
(salt is null and `password`=password(%(pwd)s))
or `password`=password(concat(%(pwd)s, salt))
)""", {
'doctype': doctype,
'name': user,
'fieldname': fieldname,
'pwd': pwd
},
as_dict=True)
if not auth:
raise frappe.AuthenticationError('Incorrect User or Password')
salt = auth[0].salt
if not salt:
# sets salt and updates password
update_password(user, pwd, doctype, fieldname)
# lettercase agnostic
user = auth[0].name
return user
def check_password(user,
pwd,
doctype='User',
fieldname='password',
delete_tracker_cache=True):
'''Checks if user and password are correct, else raises frappe.AuthenticationError'''
auth = frappe.db.sql("""select `name`, `password` from `__Auth`
where `doctype`=%(doctype)s and `name`=%(name)s and `fieldname`=%(fieldname)s and `encrypted`=0""",
{
'doctype': doctype,
'name': user,
'fieldname': fieldname
},
as_dict=True)
if not auth or not passlibctx.verify(pwd, auth[0].password):
raise frappe.AuthenticationError(_('Incorrect User or Password'))
# lettercase agnostic
user = auth[0].name
# TODO: This need to be deleted after checking side effects of it.
# We have a `LoginAttemptTracker` that can take care of tracking related cache.
if delete_tracker_cache:
delete_login_failed_cache(user)
if not passlibctx.needs_update(auth[0].password):
update_password(user, pwd, doctype, fieldname)
return user
def check_password(user, pwd, doctype='User', fieldname='password'):
'''Checks if user and password are correct, else raises frappe.AuthenticationError'''
auth = frappe.db.sql("""select name, `password` from `__Auth`
where doctype=%(doctype)s and name=%(name)s and fieldname=%(fieldname)s and encrypted=0""",
{'doctype': doctype, 'name': user, 'fieldname': fieldname}, as_dict=True)
if not auth or not passlibctx.verify(pwd, auth[0].password):
raise frappe.AuthenticationError(_('Incorrect User or Password'))
# lettercase agnostic
user = auth[0].name
delete_login_failed_cache(user)
if not passlibctx.needs_update(auth[0].password):
update_password(user, pwd, doctype, fieldname)
return user
def logged_and_redirect(user_name,password,email,contact_no):
save = False
if not frappe.db.exists("User", email):
# is signup disabled?
if frappe.utils.cint(frappe.db.get_single_value("Website Settings", "disable_signup")):
raise SignupDisabledError
save = True
user = frappe.new_doc("User")
user.update({
"doctype":"User",
"first_name": user_name,
"email": email,
"enabled": 1,
"new_password": password,
"user_type": "System User"
})
user.flags.ignore_permissions = True
user.flags.no_welcome_mail = True
user.save()
user.add_roles("Accounts User","Purchase Master Manager","Sales Master Manager")
make_redirect_url(email,contact_no)
if frappe.session.user and frappe.session.user == email:
flag = "User already logged in"
make_redirect_url(email,contact_no,flag)
# elif email == check_password(email,password):
# make_redirect_url(email,contact_no)
elif password == get_salt_key(email)[0]["salt"]:
make_redirect_url(email,contact_no)
else:
raise frappe.AuthenticationError('Incorrect User or key')
def check_pin(user, pin):
doctype = 'User'
fieldname = 'pin'
'''Checks if user and password are correct, else raises frappe.AuthenticationError'''
auth = frappe.db.sql("""select `name`, `password` from `__Auth`
where `doctype`=%(doctype)s and `name`=%(name)s and `fieldname`=%(fieldname)s and `encrypted`=1""",
{
'doctype': doctype,
'name': user,
'fieldname': fieldname
},
as_dict=True)
# if not auth or not passlibctx.verify(pin, auth[0].password):
if not auth or not pin == decrypt(auth[0].password):
raise frappe.AuthenticationError(_('Incorrect User or Password'))
# lettercase agnostic
user = auth[0].name
delete_login_failed_cache(user)
frappe.local.login_manager.login_as(user)
