def test_password_hash(self): p1 = "test" p2 = "pass" user = User.find("*****@*****.**") hash1 = util.password_hash(p1,user.password_salt) hash2 = util.password_hash(p2, user.password_salt) assert hash1 != hash2 assert user.authorize("*****@*****.**", "pass") != None
def authorize(cls, email, password): try: user = cls.query.filter(cls.email == email).one() if user.password == util.password_hash(password, user.password_salt): return user except sqlalchemy.orm.exc.NoResultFound: return None
def authorize_anonymous(cls, uuid, password): email = uuid + ANONYMOUS_EMAIL_DOMAIN try: user = cls.query.filter(cls.email == email).one() if user.password == util.password_hash(password, user.password_salt): return user except sqlalchemy.orm.exc.NoResultFound: return None
def update_password(self, password): """ :param password: str :return: """ self.password_salt = "".join( chr(random.randint(0, 255)) for i in range(32)).encode('utf-8') self.password = util.password_hash(password, self.password_salt) self.password_salt = self.password_salt
def update_password(self, password: str): """ :param password: str :return: """ salt_bytes = "".join(chr(random.randint(0, 255)) for _ in range(32)).encode('utf-8') self.password = util.password_hash(password, salt_bytes) self.password_salt = salt_bytes.hex()
def update_password(self, password): self.password_salt = "".join( chr(random.randint(0, 255)) for i in range(32)) self.password = util.password_hash(password, self.password_salt)
def update_password(self, password): self.password_salt = "".join( chr(random.randint(0, 255)) for i in range(32) ) self.password = util.password_hash(password, self.password_salt)