def _add_one_user(db: directives.PeeweeSession, username: hug.types.text, password: hug.types.text = None,
role: hug.types.one_of(UserRoles.user_roles()) = UserRoles.USER,
coupons: hug.types.number = 10):
with db.atomic():
name = username.lower()
salt = get_random_string(2)
secret_password = password or get_random_string(12)
hashed_password = hash_pw(name, salt, secret_password)
user = User.create(user_name=name, role=role, salt=salt,
password=hashed_password, coupons=coupons)
user.save()
return {"name": user.user_name, "password": secret_password}
def patch_user(db: PeeweeSession, body: hug.types.json,
user: hug.directives.user):
old_user_password = body["old_user_password"]
new_user_password = body["new_user_password"]
new_user_password_confirm = body["new_user_password_confirm"]
if new_user_password != new_user_password_confirm:
raise hug.HTTPBadRequest
with db.atomic():
try:
if user.password != hash_pw(user.user_name, user.salt,
old_user_password):
raise hug.HTTPBadRequest
salt = get_random_string(2)
secret_password = new_user_password
hashed_password = hash_pw(user.user_name, salt, secret_password)
user.salt = salt
user.password = hashed_password
user.save()
log.info(f"updated {user.user_name}'s pw.")
return "updated"
except DoesNotExist as e:
raise hug.HTTPBadRequest
except ValueError as e:
raise hug.HTTPBadRequest
def change_user_pw(db: directives.PeeweeSession, username: hug.types.text, password: hug.types.text, for_real: hug.types.smart_boolean = False):
if not for_real:
print(
f"this would change {username}'s pw to {password}. Run with --for_real if you're sure.")
sys.exit(1)
with db.atomic():
name = username.lower()
salt = get_random_string(2)
secret_password = password
hashed_password = hash_pw(name, salt, secret_password)
user = User.get(User.user_name == username)
user.salt = salt
user.password = hashed_password
user.save()
print(f"{user.user_name}'s pw successfully changed.")
def verify_user(user_name, user_password, context: PeeweeContext):
name = normalize_user(user_name)
with context.db.atomic():
try:
user = User.get(User.user_name == name)
salt = user.salt
hashed = hash_pw(name, salt, user_password)
if hashed == user.password:
return user
log.warning("invalid credentials for user: %s", user_name)
return False
except DoesNotExist:
log.warning("user not found: %s", user_name)
return False
except DatabaseError:
log.exception("unknown error logging in: %s", user_name)
return False
def put_user(db: PeeweeSession, newUserName: hug.types.text, newUserPassword: hug.types.text,
newUserPasswordConfirm: hug.types.text):
if newUserPassword != newUserPasswordConfirm:
raise hug.HTTPBadRequest
with db.atomic():
try:
name = newUserName.lower()
salt = get_random_string(2)
secret_password = newUserPassword
hashed_password = hash_pw(name, salt, secret_password)
user = User.create(user_name=name, role=UserRoles.USER, salt=salt, password=hashed_password, coupons=10)
user.save()
return {
"username": user.user_name
}
except IntegrityError:
raise hug.HTTPConflict('User already exists.')
