def post(self):
# If there was already a session, delete it.
# But wait until there's an error to delete the cookie.
# We might just want to reset it.
old_token = self.request.cookies.get('s')
if old_token:
ModelSession.keyfor(old_token).delete()
# Check the username and password.
username = self.request.params['username']
password = self.request.params['password']
user = ModelUser.keyfor(username).get()
# Failure: back to login with error message.
if not user or user.pwhash != bcrypt.hashpw(password, user.pwhash):
self.response.delete_cookie('s')
params = urllib.urlencode({
"error":
"User '{}' or password incorrect".format(cgi.escape(username)),
})
self.redirect("/login?" + params)
return
create_session(self.response, username)
self.redirect('/')
def validate_pwd(username, pwd):
user = get_user(username=username)
if user:
match_hash = bcrypt.hashpw(pwd, user.password)
if match_hash == user.password:
pwd = None
return True
return False
def hash_password(password):
"""
Return the hashed equivalent of a password
:param password: input password
:return: equivalent encrypted value using the bcrypt algorithm
"""
if password:
return bcrypt.hashpw(password, bcrypt.gensalt())
def check_password(password, stored_hash_value):
"""
Check if provided password is what is expected
:param password: input password
:param stored_hash_value:
:return: True if the input value corresponds to what is expected
False otherwise
"""
hash_value = bcrypt.hashpw(password, stored_hash_value)
return hash_value == stored_hash_value
def register():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
pwhash = bcrypt.hashpw(password, bcrypt.gensalt())
u = User()
u.register(username, pwhash)
session['username'] = username
return redirect(url_for('frontend.index'))
else:
return render_template('register.html')
def post(self):
username = self.request.params['username']
password = self.request.params['password']
user = ModelUser.keyfor(username).get()
if user:
params = urllib.urlencode(
{"error": "user {} exists".format(cgi.escape(username))})
self.redirect("/register?" + params)
return
user = ModelUser(key=ModelUser.keyfor(username),
username=username,
pwhash=bcrypt.hashpw(password, bcrypt.gensalt(5)))
user.put()
create_session(self.response, username)
self.redirect('/')
def login():
error = False
next_url = request.args.get('after') if request.args.get('after') is not None else url_for('frontend.index')
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
user = User.query(User.username == username).get()
if user is not None and bcrypt.hashpw(password, user.pwhash) == user.pwhash:
session['username'] = username
next_url = request.args.get('after')
flash('Successfully logged in!', category='success')
return redirect(next_url)
else:
error = True
return render_template('login.html', error=error, next_url=next_url)
def check_password_hash(self, pw_hash, password):
'''Tests a password hash against a candidate password. The candidate
password is first hashed and then subsequently compared in constant
time to the existing hash. This will either return `True` or `False`.
Example usage of :class:`check_password_hash` would look something
like this::
pw_hash = bcrypt.generate_password_hash('secret', 10)
bcrypt.check_password_hash(pw_hash, 'secret') # returns True
:param pw_hash: The hash to be compared against.
:param password: The password to compare.
'''
if isinstance(password, unicode):
password = password.encode('u8')
password = str(password)
return _constant_time_compare(bcrypt.hashpw(password, pw_hash),
pw_hash)
def generate_password_hash(self, password, rounds=None):
'''Generates a password hash using bcrypt. Specifying `rounds`
sets the log_rounds parameter of `bcrypt.gensalt()` which determines
the complexity of the salt. 12 is the default value.
Example usage of :class:`generate_password_hash` might look something
like this::
pw_hash = bcrypt.generate_password_hash('secret', 10)
:param password: The password to be hashed.
:param rounds: The optional number of rounds.
'''
if not password:
raise ValueError('Password must be non-empty.')
if rounds is None:
rounds = self._log_rounds
if isinstance(password, unicode):
password = password.encode('u8')
password = str(password)
return bcrypt.hashpw(password, bcrypt.gensalt(rounds))
def valid_hash(h, *args): # проверка хеша line_for_hashing = "" for arg in args: line_for_hashing += str(arg) if bcrypt.hashpw(line_for_hashing, h) == h: return True
def make_pw_hash(email, pw, salt = None): # Course function
if not salt:
salt = bcrypt.gensalt()
h = bcrypt.hashpw(email + pw, salt)
return( "%s|%s" % (salt, h))
def make_hash(*args): # создание хеша из полученных аргументов line_for_hashing = "" for arg in args: line_for_hashing += str(arg) return bcrypt.hashpw(line_for_hashing, bcrypt.gensalt())
def make_secure_val(val, secret, salt=None):
if not salt:
salt = bcrypt.gensalt()
h = bcrypt.hashpw(val + secret, salt)
return ('%s|%s|%s' % (val, h, salt))
def hash_str(s, salt=None):
if not salt:
salt = bcrypt.gensalt()
h = bcrypt.hashpw(s, salt)
return ("%s|%s|%s" % (s, h, salt))
def make_hash(self, name, pw):
return bcrypt.hashpw(pw + name, bcrypt.gensalt())
def hash_pwd(pwd):
new_pwd = bcrypt.hashpw(pwd, bcrypt.gensalt(6))
pwd = None
return new_pwd
def valid_pw(self, name, pw, h):
if bcrypt.hashpw(pw + name, h) == h:
return True