def loginAuth(): error = None if request.method == 'POST': userInput = request.form['user_input'] pwd = request.form['pwd'] user = User.query.filter_by(email=userInput).first() if user.email: password = pwd if _security.password_hash != 'plaintext': password = get_hmac(password) if userInput == user.email and _pwd_context.verify( get_hmac(pwd), user.password): userDetails = PersonalDetails.query.filter_by( details=user).first() return render_template('index.html', teaminfo=spider.teamInfo(), teamtab=spider.parseTeamPos(), virus=spider.caronaInfo(), temp=spider.parseTemp(), user=user, userDetails=userDetails) else: error = 'Invalid credentials' return render_template('login.html', err=error)
def delete_user(email): with app.app_context(): try: user = user_datastore.get_user(get_hmac(email)) user_datastore.delete_user(user) db.session.commit() except: print('Delete user failed!')
def unlock_user(email): with app.app_context(): try: user = user_datastore.get_user(get_hmac(email)) user_datastore.remove_role_from_user(user, user_datastore.find_role('Locked')) db.session.commit() except: print('Unlock user failed!')
def lock_user(email): with app.app_context(): try: user = user_datastore.get_user(get_hmac(email)) locked = user_datastore.find_role('Locked') user_datastore.add_role_to_user(user, locked) db.session.commit() except: print('Lock user failed!')
def unlock_user(email): with app.app_context(): try: user = user_datastore.get_user(get_hmac(email)) user_datastore.remove_role_from_user( user, user_datastore.find_role('Locked')) db.session.commit() except: print('Unlock user failed!')
def create_user(email, password): with app.app_context(): try: newuser = user_datastore.create_user(email=get_hmac(email), password=encrypt_password(password)) virgin = user_datastore.find_role('Virgin') user_datastore.add_role_to_user(newuser, virgin) db.session.commit() except: print('User already exists!')
def change_password(email, password): with app.app_context(): try: user = user_datastore.get_user(get_hmac(email)) user.password = encrypt_password(password) virgin = user_datastore.find_role('Virgin') user_datastore.add_role_to_user(user, virgin) db.session.commit() except: print('Password change failed!')
def create_user(email, password): with app.app_context(): try: newuser = user_datastore.create_user( email=get_hmac(email), password=encrypt_password(password)) virgin = user_datastore.find_role('Virgin') user_datastore.add_role_to_user(newuser, virgin) db.session.commit() except: print('User already exists!')
def test_verify_password_argon2(app, sqlalchemy_datastore): init_app_with_options(app, sqlalchemy_datastore, **{"SECURITY_PASSWORD_HASH": "argon2"}) with app.app_context(): hashed_pwd = hash_password("pass") assert verify_password("pass", hashed_pwd) assert "t=10" in hashed_pwd # Verify double hash assert verify_password("pass", argon2.hash(get_hmac("pass")))
def verify_and_update_password(password, user): """ Copy-pasted function from flask_security and disable double_hash for Django passwords. """ if (use_double_hash(user.password) and not user.password.startswith('pbkdf2_sha256')): verified = _pwd_context.verify(get_hmac(password), user.password) else: # Try with original password. verified = _pwd_context.verify(password, user.password) if verified and _pwd_context.needs_update(user.password): user.password = hash_password(password) _datastore.put(user) return verified
def test_verify_password_single_hash_list(app, sqlalchemy_datastore): init_app_with_options( app, sqlalchemy_datastore, **{ 'SECURITY_PASSWORD_HASH': 'bcrypt', 'SECURITY_PASSWORD_SALT': 'salty', 'SECURITY_PASSWORD_SINGLE_HASH': ['django_pbkdf2_sha256', 'plaintext'], 'SECURITY_PASSWORD_SCHEMES': ['bcrypt', 'pbkdf2_sha256', 'django_pbkdf2_sha256', 'plaintext'] }) with app.app_context(): # double hash assert verify_password('pass', encrypt_password('pass')) assert verify_password('pass', pbkdf2_sha256.hash(get_hmac('pass'))) # single hash assert verify_password('pass', django_pbkdf2_sha256.hash('pass')) assert verify_password('pass', plaintext.hash('pass'))
def test_verify_password_single_hash_list(app, sqlalchemy_datastore): init_app_with_options( app, sqlalchemy_datastore, **{ "SECURITY_PASSWORD_HASH": "bcrypt", "SECURITY_PASSWORD_SALT": "salty", "SECURITY_PASSWORD_SINGLE_HASH": ["django_pbkdf2_sha256", "plaintext"], "SECURITY_PASSWORD_SCHEMES": [ "bcrypt", "pbkdf2_sha256", "django_pbkdf2_sha256", "plaintext", ], } ) with app.app_context(): # double hash assert verify_password("pass", hash_password("pass")) assert verify_password("pass", pbkdf2_sha256.hash(get_hmac("pass"))) # single hash assert verify_password("pass", django_pbkdf2_sha256.hash("pass")) assert verify_password("pass", plaintext.hash("pass"))
def test_can_verify_django_and_flask_password(app, user): context = app.extensions['security'].pwd_context assert context.verify(get_hmac('password'), user.password) assert context.verify('vincent', django_fixture()['fields']['password'])