def test_create_check_password_hash(self):
self.assertRaises(TypeError, security.create_password_hash, 'foo',
'bar')
password = '******'
hashval = security.create_password_hash(password, 'sha1')
self.assertTrue(security.check_password_hash(password, hashval))
hashval = security.create_password_hash(password, 'sha1', pepper='bar')
self.assertTrue(security.check_password_hash(password, hashval,
pepper='bar'))
hashval = security.create_password_hash(password, 'md5')
self.assertTrue(security.check_password_hash(password, hashval))
hashval = security.create_password_hash(password, 'plain')
self.assertTrue(security.check_password_hash(password, hashval))
hashval = security.create_password_hash(password, 'plain')
self.assertFalse(security.check_password_hash(password, ''))
hashval1 = security.hash_password(unicode(password), 'sha1', u'bar')
hashval2 = security.hash_password(unicode(password), 'sha1', u'bar')
self.assertTrue(hashval1 is not None)
self.assertEqual(hashval1, hashval2)
hashval1 = security.hash_password(unicode(password), 'md5', None)
hashval2 = security.hash_password(unicode(password), 'md5', None)
self.assertTrue(hashval1 is not None)
self.assertEqual(hashval1, hashval2)
def register(cls, **user_values):
"""Registers a new user."""
if 'password_raw' in user_values:
user_values['password'] = security.create_password_hash(
user_values.pop('password_raw'), bit_strength=12)
user_values['username'] = username = user_values['name'].lower()
user = User(key=cls.get_key(username), **user_values)
# Unique auth id and email.
unique_auth_id = 'User.auth_id:%s' % user_values['auth_id']
unique_email = 'User.email:%s' % user_values['email']
uniques = [unique_auth_id, unique_email]
success, existing = unique_model.Unique.create_multi(uniques)
if success:
txn = lambda: user.put() if not user.key.get() else None
if model.transaction(txn):
return True, user
else:
unique_model.Unique.delete_multi(uniques)
return False, ['username']
else:
properties = []
if unique_auth_id in uniques:
properties.append('auth_id')
if unique_email in uniques:
properties.append('email')
return False, properties
def get(self, create_by):
q = self.request.GET
if create_by not in ('uuid', 'password'):
return
new_userid = create_by +":"+str( q['userid'] )
a = AccountDB.get_by_id(new_userid)
if a: #IDの存在チェック
if security.check_password_hash(q['password'], a.password, pepper=PASSWORD_PEPPER):
#パスワードOK
p = PlayerDB.get_by_id(new_userid)
self.session = session(self.request)
self.session.start(new_userid, {"plkey":p.key})
#playerdb+ssid 返す
return webapp2.Response( json.dumps( {"result":p.to_dict()}, self.session) )
return webapp2.Response( json.dumps( {"code":1, "message":"ログインに失敗しました。"} ) )
passh = security.create_password_hash(q['password'], pepper=PASSWORD_PEPPER)
a = AccountDB(id = new_userid, userid = new_userid, password = passh, create_by = create_by)
p = PlayerDB(id = new_userid, userid = new_userid, namae=q['namae'])
ndb.put_multi( (a, p) )
self.session = session(self.request)
self.session.start(new_userid, {"plkey":p.key})
return webapp2.Response( json.dumps( {"result":p.to_dict()}, self.session ) )
