def put(cls): myId = get_jwt_identity() data = cls.parser.parse_args() user = UserModel.find_by_id(myId) password = data["password"] salt = urandom(32) user.password = hashPassword(password, salt) user.salt = base64.b64encode(salt) user.save_to_db() return {'message': 'Success'}, 200
def put(cls): data = cls.parser.parse_args() user = UserModel.find_by_id(get_jwt_identity()) password = data["password"] salt = urandom(32) data["password"] = hashPassword(password, salt) data["salt"] = base64.b64encode(salt) user.password = data['password'] user.salt = data['salt'] user.save_to_db() return {'message': 'Pomyślnie zmieniono hasło'}, 200
def post(cls): data = cls.parser.parse_args() user = UserModel.find_by_username(data['username']) if (user is None): return {'message': "Invalid credentials"}, 401 salt = base64.b64decode(user.salt) # decoding base64 to bytes password_hash = hashPassword(data['password'], salt) # password hash is in base64 format if safe_str_cmp(user.password, password_hash): access_token = create_access_token(identity=user.id, fresh=True) # refresh_token = create_refresh_token(user.id) return {'access_token': access_token, 'user': user.json()}, 200 return {'message': "Invalid credentials"}, 401
def post(cls): data = cls.parser.parse_args() if UserModel.find_by_username(data["username"]): return {"message": "User already exists"}, 400 password = data["password"] salt = urandom(32) data["password"] = hashPassword(password, salt) # encoding random salt bytes to b64 format(db write) data["salt"] = base64.b64encode(salt) user = UserModel(**data) user.save_to_db() return {'message': 'User created successfully.'}, 201