class AdminUserResources(Resource): def options(self, id=None): return {'status':'ok'},200 policy = PasswordPolicy.from_names( length=8, uppercase=1, numbers=1, special=1 ) @jwt_required @admin_required def get(self, id=None): #method untuk request data user,filter by id, input: (user_id di url) qry = Users.query.get(id) if qry is None: return {"message":"NOT FOUND"}, 404 return [marshal(qry, Users.response_fields)], 200, {"Content-Type": "application/json"} @jwt_required @admin_required def put(self, id=None): #method untuk mengubah status aktif user,filter by id,input: (user_id di url, status di body) parser = reqparse.RequestParser() parser.add_argument("status", type=inputs.boolean, location="json", required=True) args = parser.parse_args() user = Users.query.get(id) user.status = args["status"] user.updated_at = datetime.now() db.session.commit() return marshal(user, Users.response_fields), 200, {"Content-Type": "application/json"}
def post(self): policy = PasswordPolicy.from_names(length=7) parser = reqparse.RequestParser() parser.add_argument('username', location='json', required=True) parser.add_argument('fullname', location='json', required=True) parser.add_argument('email', location='json', required=True) parser.add_argument('password', location='json', required=True) parser.add_argument('address', location='json', required=True) parser.add_argument('phone', location='json', required=True) parser.add_argument('image', location='json', required=True) args = parser.parse_args() validation = policy.test(args['password']) if validation == []: password_digest = hashlib.md5( args['password'].encode()).hexdigest() # Creating object user = Users(args['username'], args['fullname'], args['email'], password_digest, args['address'], args['phone'], args['image']) db.session.add(user) db.session.commit() app.logger.debug('DEBUG : %s', user) return marshal(user, Users.response_fields), 200, { 'Content-Type': 'application/json' }
def test(self): policy = PasswordPolicy.from_names( length=8, uppercase=2, numbers=2, special=2, nonletters=2, nonletterslc=2, entropybits=30, strength=(0.333, 30) ) passwords = { 'qazwsx': {'length', 'uppercase', 'numbers', 'special', 'nonletters', 'nonletterslc', 'entropybits', 'strength'}, 'qazwsxrfv': { 'uppercase', 'numbers', 'special', 'nonletters', 'nonletterslc', 'entropybits', 'strength'}, 'qazwsxrfvTG': { 'numbers', 'special', 'nonletters', }, 'qazwsxrfvTG94': { 'special', }, 'qazwsxrfvTG94@$': set(), } for password, expects in list(passwords.items()): self.assertEqual( {t.name() for t in policy.test(password)}, expects, 'Testing {}'.format(password) )
def put(self): claims = get_jwt_claims() parser = reqparse.RequestParser() parser.add_argument('password', location='json', required=True) parser.add_argument('first_name', location='json', required=True) parser.add_argument('last_name', location='json', required=True) parser.add_argument('email', location='json', required=True) args = parser.parse_args() policy = PasswordPolicy.from_names( length=8 ) # Validating the password policy validation = policy.test(args['password']) if validation == []: password_digest = hashlib.md5( args['password'].encode()).hexdigest() # search selected cust qry = Customer.query selected_cust = qry.filter_by(id=claims['id']).first() # edit each elemen selected_cust.password = password_digest selected_cust.email = args['email'] selected_cust.first_name = args['first_name'] selected_cust.last_name = args['last_name'] db.session.commit() app.logger.debug('DEBUG : %s', selected_cust) return {'message': 'Your profile UPDATED!', 'Detail': marshal(selected_cust, Customer.customer_fields)}, 200, {'Content-Type': 'application/json'} # password format doesnt match to policy return {'status': 'FAILED', 'message': 'PLEASE ENTER PASSWORD WITH SPECIFIC FORMAT'}, 400
def put(self): policy = PasswordPolicy.from_names( length=6 ) parser = reqparse.RequestParser() parser.add_argument('client_secret', location='json', required=True) parser.add_argument('id', location='args', required=True) args = parser.parse_args() validation = policy.test(args['client_secret']) qry = Clients.query.get(args["id"]) if qry is None: return {'status':'failed',"result":"ID Not Found"}, 404, {'Content-Type':'application/json'} if validation == []: client_secret_digest = hashlib.md5(args['client_secret'].encode()).hexdigest() qry.client_secret = client_secret_digest db.session.commit() return {"status":"success", "result":marshal(qry, Clients.response_field)}, 200, {'Content-Type':'application/json'} return {"status":"failed", "result": "Wrong Password Length"}, 400, {'Content-Type':'application/json'}
def signup_post(): first_name= request.form.get('first name') last_name = request.form.get('last name') email = request.form.get('email').lower() password = request.form.get('password') repassword = request.form.get('repassword') empty_fields = ef5count(first_name, last_name, email, password, repassword) #returns number of empty fields if empty_fields > 0: flash("Please enter a value for each field.") return redirect(url_for('auth.signup')) policy = PasswordPolicy.from_names(strength=0.30) err = policy.test(password) if len(err) > 0: flash('Password is not strong enough.') return redirect(url_for('auth.signup')) if password != repassword: flash("Passwords do not match.") return redirect(url_for('auth.signup')) user = User.query.filter_by(email=email).first() if user: flash('Email address already exists.') return redirect(url_for('auth.signup')) new_user = User(first_name=first_name, last_name=last_name, email=email, password=generate_password_hash(password, method='sha256')) db.session.add(new_user) db.session.commit() send_mail("Welcome to Tony's Stocks!", email, 'mail/welcome.html', name=first_name) flash("Account Successfully Created!") return redirect(url_for('auth.login'))
def createAdminUser(username, pw, fn, ln, cursor, cnx): if (mySQL_userDB.isUsernameTaken(username, cursor, cnx)): return "taken error" policy = PasswordPolicy.from_names( length=8, # min length: 8 uppercase=1, # need min. 2 uppercase letters numbers=1 # need min. 2 digits ) isEnough = policy.test(pw) if len(isEnough) != 0: return "weak password" pwd_context = CryptContext(schemes=["pbkdf2_sha256"], default="pbkdf2_sha256", pbkdf2_sha256__default_rounds=30000) formatInsert = ("INSERT INTO adminTable " "(username, password,fname," "lname,creationDate) " "VALUES (%s, %s,%s, %s,%s)" ) #NOTE: use %s even with numbers #their care team is not assigned at creation, so N/A insertContent = (username, pwd_context.hash(pw), fn, ln, str(date.today().strftime("%B %d, %Y"))) cursor.execute(formatInsert, insertContent) cnx.commit() return "success"
def post(self): parser = reqparse.RequestParser() parser.add_argument('username', location='json', required=True) parser.add_argument('password', location='json', required=True) parser.add_argument('first_name', location='json', required=True) parser.add_argument('last_name', location='json', required=True) parser.add_argument('email', location='json', required=True) args = parser.parse_args() # Setup the policy policy = PasswordPolicy.from_names( length=8 ) # Validating the password policy validation = policy.test(args['password']) if validation == []: password_digest = hashlib.md5( args['password'].encode()).hexdigest() # Creating object new_cust = Customer(username=args['username'], password=password_digest, first_name=args['first_name'], last_name=args['last_name'], email=args['email']) db.session.add(new_cust) db.session.commit() app.logger.debug('DEBUG : %s', new_cust) return {'message': 'New Customer Created!!!', 'Detail': marshal(new_cust, Customer.customer_fields)}, 200, {'Content-Type': 'application/json'} return {'status': 'FAILED', 'message': 'PLEASE ENTER PASSWORD WITH SPECIFIC FORMAT'}, 400
def validate_password(password: str) -> bool: """ Validates the password again a password policy. Args: password ( str, required ): password to verify. Returns: valid ( bool ): True if the password meets validity requirements. """ policy = PasswordPolicy.from_names( strength=0.20, entropybits=10, length=6, ) if not password: return False tested_pass = policy.password(password) result = tested_pass.test() if len(result) > 0: print( colored( 'Password not strong enough. Try increasing the length of the password or the password complexity' )) return False password_verification = getpass.getpass("Retype your password: "******"Passwords do not match") return False return True
def test(self): policy = PasswordPolicy.from_names( length=8, uppercase=2, numbers=2, special=2, nonletters=2, nonletterslc=2, entropybits=30, strength=(0.333, 30) ) passwords = { 'qazwsx': {'length', 'uppercase', 'numbers', 'special', 'nonletters', 'nonletterslc', 'entropybits', 'strength'}, 'qazwsxrfv': { 'uppercase', 'numbers', 'special', 'nonletters', 'nonletterslc', 'entropybits', 'strength'}, 'qazwsxrfvTG': { 'numbers', 'special', 'nonletters', }, 'qazwsxrfvTG94': { 'special', }, 'qazwsxrfvTG94@$': set(), } for password, expects in passwords.items(): self.assertEqual( {t.name() for t in policy.test(password)}, expects, 'Testing {}'.format(password) )
def post(self): policy = PasswordPolicy.from_names( length=6 ) parser = reqparse.RequestParser() parser.add_argument('client_id', location='json', required=True) parser.add_argument('client_secret', location='json', required=True) args = parser.parse_args() validation = policy.test(args['client_secret']) if validation == []: client_secret_digest = hashlib.md5(args['client_secret'].encode()).hexdigest() client = Clients(datetime.datetime.now(), args['client_id'], client_secret_digest, 0) try: db.session.add(client) db.session.commit() except Exception as e: return {"status":"failed", "result": "Client Already Exist"}, 400, {'Content-Type':'application/json'} app.logger.debug('DEBUG : %s ', client ) return {"status":"success", "result":marshal(client, Clients.response_field)}, 200, {'Content-Type':'application/json'} return {"status":"failed", "result": "Wrong Password Length"}, 400, {'Content-Type':'application/json'}
class CreateUserResources(Resource): def options(self, id=None): return {'status':'ok'}, 200 policy = PasswordPolicy.from_names( length=6, uppercase=1, numbers=1, special=1 ) def post(self): parser = reqparse.RequestParser() parser.add_argument("username", location="json", required=True) parser.add_argument("password", location="json", required=True) parser.add_argument("nama_lengkap", location="json", required=True) parser.add_argument("email", location="json", required=True) parser.add_argument("no_hp", location="json", required=True) args = parser.parse_args() validation = self.policy.test(args["password"]) if validation == []: pwd_digest = hashlib.md5(args["password"].encode()).hexdigest() if Users.query.filter_by(username=args["username"]).all() != []: return {"status": "FAILED", "message": "Username already exists"}, 400, {"Content-Type": "application/json"} if Users.query.filter_by(email=args["email"]).all() != []: return {"status": "FAILED", "message": "Email already exists"}, 400, {"Content-Type": "application/json"} user = Users(args["username"], pwd_digest, args["nama_lengkap"], args["email"], args["no_hp"]) db.session.add(user) db.session.commit() return marshal(user, Users.response_fields), 200, {"Content-Type": "application/json"} return {"status": "FAILED", "message": "Password is not accepted"}, 400, {"Content-Type": "application/json"}
class PasswordResources(Resource): policy = PasswordPolicy.from_names( length = 6, numbers = 1 ) # lupa password def post(self): parser = reqparse.RequestParser() parser.add_argument('email', location = 'json', required = True) args = parser.parse_args() qry = Users.query.filter_by(email = args['email']) userData = qry.first() if userData is not None: return {'message' : 'Cek email untuk mengubah password anda'}, 200 return{'message' : 'email tidak terdaftar'}, 401 # ubah password @jwt_required def put(self): parser = reqparse.RequestParser() parser.add_argument('password_lama', location = 'json', required = True) parser.add_argument('password_baru', location = 'json', required = True) parser.add_argument('konfirmasi_password', location = 'json', required = True) args = parser.parse_args() claims = get_jwt_claims() encrypted_password = hashlib.md5(args['password_lama'].encode()).hexdigest() qry = Users.query.filter_by(username = claims['username']).filter_by(password = encrypted_password) userData = qry.first() if userData is not None: validation = self.policy.test(args['password_baru']) if validation: errorList = [] for item in validation: split = str(item).split('(') error, num = split[0], split[1][0] errorList.append("{err}(minimum {num})".format(err=error, num=num)) message = "Mohon cek password baru anda: " + ', '.join(x for x in errorList) return {'message': message}, 422, {'Content-Type': 'application/json'} elif args['password_baru'] != args['konfirmasi_password']: return {'message': 'Konfirmasi password tidak sesuai'}, 401 encrypted = hashlib.md5(args['password_baru'].encode()).hexdigest() userData.password = encrypted db.session.commit() return {'message' : 'ubah password berhasil'}, 200 else: return {'message' : 'password salah'}, 404 def options(self, id=None): return {'status':'ok'},200
async def enforce_policy(password: str, policy: object): """ validates that the given password matches the provided password policy. @param password: (string) password to be validated @param policy: (object) password requirements """ ctx = {} kwargs_mapping = { 'length': 'length', 'upper_case_count': 'uppercase', 'numbers_count': 'numbers', 'specials_count': 'special', 'non_letters_count': 'nonletters', } for key in kwargs_mapping.keys(): if key in policy: ctx[kwargs_mapping[key]] = policy[key] password_policy = PasswordPolicy.from_names(**ctx) res = password_policy.test(password) if res != []: raise Exception({ 'message': 'Password provided does not match policy configured', 'status_code': 400 })
def post(self): #for pebisnis to register policy = PasswordPolicy.from_names( length=6, uppercase=1, numbers=1, special=1, ) parser = reqparse.RequestParser() parser.add_argument('username', location='json') parser.add_argument('password', location='json') parser.add_argument('name', location='json') parser.add_argument('nama_tempat', location='json') parser.add_argument('email', location='json') parser.add_argument('phone_no', location='json') parser.add_argument('address', location='json') parser.add_argument('deskripsi', location='json') parser.add_argument('url_image', location='json') args = parser.parse_args() validation = policy.test(args['password']) if validation == [] : user_type = 'pebisnis' password = hashlib.md5(args['password'].encode()).hexdigest() user_new = Pebisnis('pebisnis', args['username'], password, args['name'], args['nama_tempat'], args['email'], args['phone_no'], args['address'], args['deskripsi'], args['url_image']) db.session.add(user_new) #insert the input data into the database db.session.commit() return {"code": 200, "message": "OK, your user profile has been created", "data":marshal(user_new, Pebisnis.response_field)}, 200, {'Content-Type': 'application/json'} return {'status' : 'Password Invalid'}, 400, {'Content_type' : 'application/json'}
def put(self): policy = PasswordPolicy.from_names(length=6) parser = reqparse.RequestParser() parser.add_argument('old_password', location='json', required=True) parser.add_argument('new_password', location='json', required=True) args = parser.parse_args() claims = get_jwt_claims() user_id = claims['id'] user = User.query.get(user_id) hashed_pass_old = hashlib.md5( args['old_password'].encode()).hexdigest() validation = policy.test(args['new_password']) if hashed_pass_old == user.password: if validation == []: hashed_pass_new = hashlib.md5( args['new_password'].encode()).hexdigest() user.password = hashed_pass_new db.session.add(user) db.session.commit() return { "status": "password berhasil diubah" }, 200, { 'Content-Type': 'application/json' } else: return { "status": "gagal", "message": "password tidak valid" }, 400, { "Content-type": "application/json" } else: return {"status": "gagal", "message": "password salah"}, 401
async def check_password_stength( password, ) -> Optional[Union[Dict[str, str], Dict[str, List[str]]]]: password_policy_args = { "strength": config.get("auth.password_policy.strength", 0.5), "entropy_bits": config.get("auth.password_policy.entry_bits"), "length": config.get("auth.password_policy.length"), "uppercase": config.get("auth.password_policy.uppercase"), "numbers": config.get("auth.password_policy.numbers"), "special": config.get("auth.password_policy.special"), "nonletters": config.get("auth.password_policy.nonletters"), } # We remove entries with null values since password_strength doesn't like them. password_policy_args = {k: v for k, v in password_policy_args.items() if v} policy = PasswordPolicy.from_names(**password_policy_args) tested_pass = policy.password(password) errors = tested_pass.test() # Convert errors to string so they can be json encoded later errors: List[str] = [str(e) for e in errors] if errors: return {"message": "Password doesn't have enough entropy.", "errors": errors}
def register(): """Register user""" session.clear() if request.method == "POST": if not request.form.get("username"): return apology("must provide username", 403) elif not request.form.get("password"): return apology("must provide password", 403) elif not request.form.get("confirmation"): return apology("type password confirmation", 403) elif not request.form.get("password") == request.form.get( "confirmation"): return apology("passwords do not match", 403) # check password strength policy = PasswordPolicy.from_names( length=5, # min length: 8 uppercase=1, # need min. 2 uppercase letters numbers=1, # need min. 2 digits special=1, # need min. 2 special characters ) pass_test = policy.test(request.form.get("password")) if len(pass_test) != 0: return apology( "Password must be minimum 5 characters long, must contain at least 1 uppecase letter, " "1 number and 1 special character") # Add user to database passHash = generate_password_hash(request.form.get("password")) username = request.form.get("username") currUser = db.execute( "INSERT INTO users (username, hash) VALUES (:username,:passHash)", username=username, passHash=passHash) if not currUser: return render_template("register.html") # Query database for username rows = db.execute("SELECT * FROM users WHERE username = :username", username=request.form.get("username")) # Log user in session["user_id"] = rows[0]["id"] # Redirect user to home page return redirect("/") else: return render_template("register.html")
def validator_password(value): policy = PasswordPolicy.from_names( length=8, # min length: 8 uppercase=1, # need min. 2 uppercase letters numbers=1, # need min. 2 digits special=1, # need min. 2 special characters ) if len(policy.test(value)) == 0: return True
def register(): form = RegisterForm(request.form) if request.method == 'POST' and form.validate(): name = form.name.data lastname = form.lastname.data email = form.email.data username = form.username.data password = sha256_crypt.encrypt(str(form.password.data)) policy = PasswordPolicy.from_names( length=8, # min length: 8 uppercase=1, # need min. 2 uppercase letters numbers=2, # need min. 2 digits special=0, # need min. 2 special characters nonletters= 0, # need min. 2 non-letter characters (digits, specials, anything) ) validate_password = policy.test(form.password.data) # Create cursor cur = mysql.connection.cursor() user_validator = cur.execute( "SELECT username FROM users WHERE username = %s", [username]) if user_validator == 0 and len(validate_password) == 0: # Execute query cur.execute( "INSERT INTO users(name, lastname, email, username, password) VALUES(%s, %s, %s, %s, %s)", (name, lastname, email, username, password)) # Commit to DB mysql.connection.commit() # Close connection cur.close() flash('¡Ahora que estás registrado puedes ingresar!', 'success') return redirect(url_for('login')) else: if len(validate_password) != 0: error_password = "******" else: error_password = "******" if user_validator != 0: error_user = "******" else: error_user = "******" return render_template('register.html', form=form, error_user=error_user, error_password=error_password) # Close connection cur.close() return render_template('register.html', form=form)
def forgotPassword(): disegno() print("| FORGOT PASSWORD |") print("+-----------------------------------------------+") while True: username = input("Username: "******"Email: ") controllo = 0 if "." in email and "@" in email: reader = csv.reader(open("userDB.csv"), delimiter='|') lines = list(reader) for i in range(len(lines)): if lines[i][1] == username and lines[i][3] == email: controllo = 1 # Criteri della password policy = PasswordPolicy.from_names( length=8, # min length: 8 uppercase=1, # need min. 1 uppercase letters numbers=1, # need min. 1 digits special=1, # need min. 1 special characters nonletters= 1, # need min. 1 non-letter characters (digits, specials, anything) ) while True: password1 = getpass.getpass( "Password must contain:\n- 8 Character\n- Number\n- Uppercase character\n- Special character\nPassword: "******"Confirm password: "******"Invalid email!") else: print("Invalid code!") else: print("Password doesn't match!") print("") if controllo == 1: print("Password was change successful!\n") x = input("Press any key to go to login menu ") login() else: print("Invalid credential...\n") else: print("Invalid email!\n")
def validate_password(password, *args): policy = PasswordPolicy.from_names( length=8, uppercase=2, numbers=2, special=2, nonletters=2, ) return not bool(policy.test(password))
class CreateEmployeeResource(Resource): # Enable CORS def options(self, id=None): return {'status': 'ok'}, 200 # To keep the password secret policy = PasswordPolicy.from_names(length=6, uppercase=1, numbers=1) # Create user account def post(self): parser = reqparse.RequestParser() parser.add_argument('id_outlet', location='json', required=True) parser.add_argument('full_name', location='json', required=True) parser.add_argument('username', location='json', required=True) parser.add_argument('password', location='json', required=True) parser.add_argument('position', location='json', required=True) args = parser.parse_args() # Check emptyness if args['full_name'] == '' or args['username'] == '' or args[ 'password'] == '': return {'message': 'tidak boleh ada kolom yang dikosongkan'}, 400 qry = Employees.query.filter_by(username=args['username']).first() if qry is None: validation = self.policy.test(args['password']) if validation: errorList = [] for item in validation: split = str(item).split('(') error, num = split[0], split[1][0] errorList.append("{err}(minimum {num})".format(err=error, num=num)) message = "Tolong periksa kembali password Anda: " + ', '.join( x for x in errorList) return { 'message': message }, 422, { 'Content-Type': 'application/json' } encrypted = hashlib.md5(args['password'].encode()).hexdigest() employee = Employees(args['id_outlet'], args['full_name'], args['username'], encrypted, args['position']) db.session.add(employee) db.session.commit() app.logger.debug('DEBUG : %s', employee) return { 'message': "Input Pegawai Berhasil" }, 200, { 'Content-Type': 'application/json' } return {'message': "Input Pegawai Gagal"}, 401
def post(self): policy = PasswordPolicy.from_names( length=6, # uppercase = 2, # numbers = 1, # special = 1 ) parser = reqparse.RequestParser() parser.add_argument('username', location='json', required=True) parser.add_argument('password', location='json', required=True) parser.add_argument('email', location='json', required=True) args = parser.parse_args() validation = policy.test(args['password']) if validation == []: password_digest = hashlib.md5( args['password'].encode()).hexdigest() user = Users(args['username'], password_digest, args['email']) api_key = 'ae7375326b6063793661b40590f4c845' api_secret = 'f2a15384f00c5f95a48ca5a5026a261a' mailjet = Client(auth=(api_key, api_secret), version='v3.1') data = { 'Messages': [ { "From": { "Email": "*****@*****.**", "Name": "easy.my.id" }, "To": [ { "Email": args['email'], "Name": args['username'] } ], "Subject": "Welcome aboard {username}".format(username=args['username']), "TextPart": "Thanks for Sign Up", "HTMLPart": "<h3>Hai {username}, Welcome to <a href='https://www.easy.my.id/'>easy.my.id</a>!</h3><br />Everyone can be smarter. Good Luck!!!!".format(username=args['username']), "CustomID": "Thanks for Sign Up" } ] } result = mailjet.send.create(data=data) db.session.add(user) db.session.commit() app.logger.debug('DEBUG : %s', user) return marshal(user, Users.response_fields), 200, {'Content-Type': 'application/json'}
class RegisterResource(Resource): policy = PasswordPolicy.from_names( length = 6, numbers = 1 ) # register account def post(self): parser = reqparse.RequestParser() parser.add_argument('username', location = 'json', required = True) parser.add_argument('email', location = 'json', required = True) parser.add_argument('password', location = 'json', required = True) parser.add_argument('confirm_password', location = 'json', required = True) args = parser.parse_args() if args['password'] != args['confirm_password']: return {'message': 'Konfirmasi password tidak sesuai'}, 401 else: validation = self.policy.test(args['password']) if validation: errorList = [] for item in validation: split = str(item).split('(') error, num = split[0], split[1][0] errorList.append("{err}(minimum {num})".format(err=error, num=num)) message = "Please check your password: "******"registrasi berhasil, silakan login untuk proses selanjutnya"},200,{'Content-Type': 'application/json'} def options(self, id=None): return {'status':'ok'},200
def policyChecker(passwordString): policy = PasswordPolicy.from_names( length=8, uppercase=2, numbers=2, special=2, nonletters=2 ) output = policy.test(passwordString) print(output)
def post(self): policy = PasswordPolicy.from_names(length=6) parser = reqparse.RequestParser() parser.add_argument('name', location='json', required=True) parser.add_argument('email', location='json', required=True) parser.add_argument('password', location='json', required=True) parser.add_argument('image', location='json') parser.add_argument('address', location='json') parser.add_argument('description', location='json') parser.add_argument('industry', location='json') parser.add_argument('location', location='json') args = parser.parse_args() validation = policy.test(args['password']) if validation == []: password_digest = hashlib.md5( args['password'].encode()).hexdigest() company = Company(datetime.datetime.now(), args['name'], args['email'], password_digest, args['image'], args['address'], True, 'company', args['description'], args['industry'], args['location']) try: db.session.add(company) db.session.commit() except Exception as e: return { "status": "failed", "result": "company already exist" }, 400, { 'Content-Type': 'application/json' } app.logger.debug('DEBUG : %s ', company) return { "status": "success", "result": marshal(company, Company.response_field) }, 200, { 'Content-Type': 'application/json' } return { "status": "failed", "result": "Wrong Password Length" }, 400, { 'Content-Type': 'application/json' }
class ChangePassword(Resource): # Enable CORS def options(self,id=None): return {'status':'ok'} , 200 # To keep the password secret policy = PasswordPolicy.from_names( length = 6, uppercase = 1, numbers = 1 ) @jwt_required @user_required def put(self): # Take input from user claims = get_jwt_claims() parser = reqparse.RequestParser() parser.add_argument('old_password', location = 'json') parser.add_argument('new_password', location = 'json') parser.add_argument('confirm_new_password', location = 'json') args = parser.parse_args() # Check emptyness if args['old_password'] == None or args['old_password'] == '' or args['new_password'] == None or args['new_password'] == '' or args['confirm_new_password'] == None or args['confirm_new_password'] == '': return {'message': 'Tidak boleh ada kolom yang dikosongkan'}, 400 # Check the old password encrypted = hashlib.md5(args['old_password'].encode()).hexdigest() owner = Users.query.filter_by(id = claims['id']).filter_by(password = encrypted).first() if owner is None: return {'message': 'Mohon maaf password lama yang Anda masukkan salah'}, 400 # Check new password and confirmation if args['new_password'] != args['confirm_new_password']: return {'message': 'Tolong periksa kembali password Anda'}, 400 # Validate the new password validation = self.policy.test(args['new_password']) if validation: errorList = [] for item in validation: split = str(item).split('(') error, num = split[0], split[1][0] errorList.append("{err}(minimum {num})".format(err=error, num=num)) message = "Tolong periksa kembali password Anda: " + ', '.join(x for x in errorList) return {'message': message}, 422, {'Content-Type': 'application/json'} encrypted = hashlib.md5(args['new_password'].encode()).hexdigest() owner.password = encrypted db.session.commit() return {'message': 'Sukses mengubah password'}, 200
def passwordPolicyCheck(password): policy = PasswordPolicy.from_names( length=8, uppercase=2, numbers=2, special=2, nonletters=2, entropybits= 30, ) Result = policy.test(password) return Result
def post(self): policy = PasswordPolicy.from_names( length=6, uppercase=1, numbers=1, special=1, ) parser = reqparse.RequestParser() parser.add_argument('email', location='json') parser.add_argument('name', location='json') parser.add_argument('url_image', location='json') parser.add_argument('googleID', location='json') args = parser.parse_args() qry = Pemain.query.all() # qry = Pemain.query.order_by(desc(Pemain.created_time)).all() # return {"message": "Success", "data":marshal(qry, Pemain.response_field)}, 200, {'Content-Type': 'application/json'} #check Existence Of Data flag = False rows = [] for row in qry: if args["email"] == marshal(row, Pemain.response_field)["username"]: flag = True break rows.append(marshal(row, Pemain.response_field)) #if Daata Exist if (flag): return {"message": "Success", "data":"login"}, 200, {'Content-Type': 'application/json'} #If Data Didnt Exist passwords = args['googleID'] + "Rekt$" validation = policy.test(passwords) if validation == [] : password = hashlib.md5(passwords.encode()).hexdigest() pemain = Pemain(args['email'],password,args['name'],args['email'],"0","empty","empty","pemain",str(datetime.datetime.now()),args['url_image'],1,120000) db.session.add(pemain) db.session.commit() events = threading.Event() myCalendar = calendar.Calendar(events,args["email"]) t1 = threading.Thread(target = myCalendar.flags) t2 = threading.Thread(target = myCalendar.setCalendar) t1.start() t2.start() print ("T2",t2) return {"message": "Success", "data":"registered"}, 200, {'Content-Type': 'application/json'} return {"message": "Wrong Value", "data":"error"}, 200, {'Content-Type': 'application/json'}
def get_password_policy_rules(bool_policy): default_policy = PasswordPolicy.from_names( length = 8, # min length: 8 uppercase = 2, # need min. 2 uppercase letters numbers = 2, # need min. 2 digits special = 2, # need min. 2 special character need min. nonletters = 2, # 2 non-letter characters (digits, specials, anything) ) if bool_policy: policy_length = input("Minimum Password Length (enter number): ") policy_uppercase = input("Minimum Number of Uppercase Letters (enter number): ") policy_numbers = input("Minimum Number of Numbers (enter number): ") policy_special = input("Minimum Number of Special Characters (enter number): ") policy_nonletters = input("Minimum Number of Non-Letters [non-letter characters means digits, specials, anything] (enter number): ") try: user_policy = PasswordPolicy.from_names( length = int(policy_length), # min length: 8 uppercase = int(policy_uppercase), # need min. 2 uppercase letters numbers = int(policy_numbers), # need min. 2 digits special = int(policy_special), # need min. 2 special characters need min. 2 non-letter characters (digits, specials, anything) nonletters = int(policy_nonletters), ) return user_policy except SyntaxError as s: print("Invalid Entry: Default of 8 length, 2 uppercase, 2 numbers, 2 special, and 2 non letters will be entered") return default_policy except SyntaxError as s: print("Invalid Entry: Default of 8 length, 2 uppercase, 2 numbers, 2 special, and 2 non letters will be entered") return default_policy return None