def test_check_hash(self):
pw_hash = self.argon2.generate_password_hash('secret')
self.assertTrue(self.argon2.check_password_hash(pw_hash, 'secret'))
pw_hash = self.argon2.generate_password_hash(u'\u2603')
self.assertTrue(self.argon2.check_password_hash(pw_hash, u'\u2603'))
pw_hash = generate_password_hash('hunter2')
self.assertTrue(check_password_hash(pw_hash, 'hunter2'))
def register():
json_user = request.get_json()
user_id = json_user['userId']
password = json_user['password']
# Check if user already registered
user = Users.query.get(user_id)
if user:
return "User account already exists", 400
# Prepend randomly generated salt to password and hash using argon2
salt = bcrypt.gensalt()
hashed_pword = flask_argon2.generate_password_hash(salt.decode("utf-8") + password)
user_db = Users(user_id=user_id, password=hashed_pword, salt=salt)
db.session.add(user_db)
db.session.commit()
# Create access token and store in db
token = secrets.token_hex(16)
token_db = AccessTokens(token=token, expiry=(datetime.now() + timedelta(days=2)))
db.session.add(token_db)
db.session.commit()
json_token = json.dumps({'token': token})
return json_token, 200
def test_check_hash(self):
pw_hash = self.argon2.generate_password_hash('secret')
self.assertTrue(self.argon2.check_password_hash(pw_hash, 'secret'))
pw_hash = self.argon2.generate_password_hash(u'\u2603')
self.assertTrue(self.argon2.check_password_hash(pw_hash, u'\u2603'))
pw_hash = generate_password_hash('hunter2')
self.assertTrue(check_password_hash(pw_hash, 'hunter2'))
def register_patient():
if current_user.is_authenticated: # If current user is already logged in, direct them to dashboard.
flash('You are already signed in!',
'primary') # Displays message to user.
return redirect(url_for('main_bp.homepage'))
patient_form = PatientRegistrationForm()
if patient_form.validate_on_submit(
): # If the submitted form passes validation, then...
available_psychiatrist = psychiatrist_assign_function(
) # Attempt to assign a psychiatrist to this patient.
# if our query returns no psychiatrists, flash a danger alert to our user & take them back to the homepage.
if available_psychiatrist is None:
flash(
'Error! Could not currently register you with a psychiatrist. Please try again tomorrow.',
'danger')
return redirect(url_for('main_bp.homepage'))
else:
hashed_password = generate_password_hash(
patient_form.password.data
) # Generate password hash with Argon2
patient = Patient(
username=patient_form.username.data,
hashed_password=hashed_password,
email=patient_form.email.data,
first_name=patient_form.first_name.data,
last_name=patient_form.last_name.data,
phone_number=patient_form.phone_number.data,
postcode=patient_form.postcode.data,
medical_conditions=patient_form.medical_conditions.data,
user_authentication="Patient",
requires_urgent_help=False,
psychiatrist_id=available_psychiatrist # Back-Ref.
) # Translates WTForm data to a Patient object, ready for use with SQL-Alchemy.
db.session.add(
patient) # Adds our new patient object to the MySQL database.
db.session.commit()
flash('Congratulations, you are now a registered user!', 'success')
return redirect(url_for('main_bp.homepage'))
return render_template('register/patient_register_page.html',
title='Register ~ MiWell',
patient_form=patient_form)
def generate_new_psychiatrist(): # Generates a valid new patient.
new_psychiatrist = {
'bacp_number': generate_random_bacp(),
'email': "*****@*****.**",
'hashed_password': generate_password_hash("TestPsychiatrist"),
'first_name': "Test",
'last_name': "Psychiatrist",
'phone_number': "66666666666",
'postcode': "NN6 7TL",
'psychiatrist_bio': "I am a Test.",
'user_authentication': "Psychiatrist"
}
return new_psychiatrist
def generate_new_patient(): # Generates a valid new patient.
new_patient = {
'username': generate_random_username(),
'hashed_password': generate_password_hash("TestPatient"),
'email': "*****@*****.**",
'first_name': "Test",
'last_name': "Patient",
'phone_number': "11111111111",
'postcode':"L1 6DQ",
'medical_conditions': "I am a Test.",
'user_authentication': "Patient"
}
return new_patient
def register_psychiatrist():
if current_user.is_authenticated: # If current user is already logged in, direct them to dashboard.
flash('You are already signed in!',
'primary') # Displays message to user.
return redirect(url_for('main_bp.homepage'))
psychiatrist_form = PsychRegistrationForm()
if psychiatrist_form.validate_on_submit(
): # If the submitted form passes validation, then...
hashed_password = generate_password_hash(
psychiatrist_form.password.data) # Generate password hash.
psychiatrist = Psychiatrist(
bacp_number=psychiatrist_form.bacp_number.data,
hashed_password=hashed_password,
email=psychiatrist_form.email.data,
first_name=psychiatrist_form.first_name.data,
last_name=psychiatrist_form.last_name.data,
phone_number=psychiatrist_form.phone_number.data,
postcode=psychiatrist_form.postcode.data,
psychiatrist_bio=psychiatrist_form.psychiatrist_bio.data,
user_authentication="Psychiatrist"
) # Translates WTForm data to a Psychiatrist SQL_Alchemy object.
db.session.add(
psychiatrist
) # Adds our new psychiatrist object to the MySQL database.
db.session.commit()
flash('Congratulations, you are now a registered psychiatrist!',
'success')
return redirect(url_for('main_bp.homepage'))
return render_template('register/psych_register_page.html',
title='Register Psychiatrist ~ MiWell',
psychiatrist_form=psychiatrist_form)
def test_unicode_hash(self):
password = u'東京'
pw_hash = generate_password_hash(password)
self.assertTrue(check_password_hash(pw_hash, password))
def test_unicode_hash(self):
password = u'東京'
pw_hash = generate_password_hash(password)
self.assertTrue(check_password_hash(pw_hash, password))
