示例#1
0
def new_password():
    # Create a new password
    size = random.randint(8, 12)
    new_pwd = functions.random_sequence(size)
    salt = random.randint(1000, 9999)
    # Hash them
    hash_pwd = functions.get_hash(new_pwd, salt)
    return new_pwd, str(salt), hash_pwd
示例#2
0
def check_integrity():
    # get hash of the previous block
    # again count its hash
    # compare results
    blocks_dict = {}
    results = []
    for filename in reversed(files[1:]):
        block = json.load(open(blockchain_dir + str(filename), 'rb'))
        blocks_dict[filename] = block
        file_hash = block['hash']
        prev_file = str(filename - 1)
        actual_hash = get_hash(prev_file)
        if file_hash == actual_hash:
            result = 'ok'
        else:
            result = 'corrupted'
        results.append({prev_file: result})
    return render_template('integrity.html', results=results)
示例#3
0
    e_mail = form.getvalue('email')
    password = form.getvalue('password')
    mydb = functions.connect()
    
    if e_mail is None:
        print("location: ../login.html?err=1")
        print("")
    
    sql = "SELECT salt, password_hash, id FROM users WHERE email = '" + e_mail + "'"
    mycursor = mydb.cursor()
    mycursor.execute(sql)

    try:
        user_details = mycursor.fetchone()
        salt = user_details[0]
        password_hash = functions.get_hash(password, salt)

        if password_hash == user_details[1]:
            # OK, password correct, create a cookie, find the ip + user_agent, save it in the data base, and set-cookie(sid:cookie)
            user_ip = os.environ["REMOTE_ADDR"]
            user_agent = os.environ["HTTP_USER_AGENT"]
            cookie_id = functions.random_sequence(10)
            user_id = str(user_details[2])
            update_time = str(datetime.datetime.now())

            # Insert data into the sessions table
            insert_query = "INSERT INTO `sessions`(`sid`, `uid`, `create_time`, `update_time`, `ip_address`, `user_agent`) VALUES ('" + cookie_id + "','" + user_id + "','" + update_time + "','" + update_time + "','" + user_ip + "','" + user_agent + "')"

            mycursor.execute(insert_query)
            mydb.commit()
            mydb.close()
示例#4
0
        err()
       
    # check if the temporary password is true
    
    uid = functions.get_user_id()
    try:
        sql = "SELECT salt, password_hash FROM users WHERE id = '" +str(uid) + "'"
        mydb = functions.connect()
        mycursor = mydb.cursor()
        mycursor.execute(sql)
        user_details = mycursor.fetchone()
    except:
        err()

    old_salt = user_details[0]
    old_password_hash = functions.get_hash(old_password, old_salt)

    if old_password_hash == user_details[1]:

        salt = str(random.randint(1000, 9999))
        password_hash = functions.get_hash(password1, salt)

        sql = "UPDATE users SET salt = '" + salt + "', password_hash='" + password_hash + "' WHERE id = '" + str(uid) + "' "
        mycursor.execute(sql)
        mydb.commit()
        json_res = {"ok": True,}
        print(json.dumps(json_res))
               
    else:
        err()
    mydb.close()