sms-proj/app_auth.py

import hashlib
import flask
from flask import request, redirect
import binascii
# from passlib.hash
import functools
import os
import appdb
import pprint
# import google_auth
import configparser

salt = os.urandom(32)
config = configparser.ConfigParser()
config.read('config.ini')
app_debug = config.get("app", "debug")
app_salt = config.get("auth", "FN_FLASK_SECRET_KEY")
login_redirect = "/"

app = flask.Blueprint('app_auth', __name__)
app.debug = True


def no_cache(view):
    @functools.wraps(view)
    def no_cache_impl(*args, **kwargs):
        response = flask.make_response(view(*args, **kwargs))

        response.headers['Cache-Control'] = 'no-store, no-cache, must-revalidate, max-age=0'
        response.headers['Pragma'] = 'no-cache'
        response.headers['Expires'] = '-1'
        return response

    return functools.update_wrapper(no_cache_impl, view)


def is_logged_in():
    if flask.session.get('loginid'):
        pprint.pprint('Flask session loginhash:')
        pprint.pprint(flask.session.get('loginid'))
        if appdb.verify_id(
            flask.session.get('email'),
                flask.session.get('loginid')) is True:
            return True
        return False
    return False


def verify_login(email, password):
    result = appdb.verify_login(email, password)
    if result:
        return True
    return False


@app.route('/auth/login', methods=['POST'])
@no_cache
def auth_login():
    """Login using provided credentials"""
    # pprint.pprint('Got credentials offff')
    # pprint.pprint(request.form)
    if appdb.verify_login(
        request.form['email'],
            hash_password(request.form['passwd'].encode('ascii'))):
        pprint.pprint("got variables")
        uniqueID = appdb.generate_id(request.form['email'])
        flask.session['loggedin'] = True
        flask.session['loginid'] = uniqueID
        flask.session['account_id'] = appdb.getAccountId(uniqueID)
        flask.session['email'] = request.form['email']
        flask.session['password'] = request.form['passwd']
        return "/"
    return "error"
    # return login_redirect


@app.route('/auth/register', methods=['POST'])
@no_cache
def auth_register_login():
    """Create a login using the supplied credentials in request.form"""
    # pprint.pprint('Got credentials offff')
    # pprint.pprint(request.form)
    return "DISABLED"


@app.route('/auth/updatepw', methods=['POST'])
@no_cache
def auth_updatepw():
    '''This takes three post variables to match the old password then match two
    passwords forms then update password if it all checks out.'''

    if not is_logged_in():
        return "error"
    if flask.session['loginid']:
        user_info = appdb.getUserInfo(
            flask.session['email'], flask.session['loginid'])

    passzero = request.form['passwdzero']
    passone = request.form['passwdone']
    orighash = hash_password(passzero.encode('ascii'))
    newhash = hash_password(passone.encode('ascii'))
    if (appdb.updatePass(user_info[0], orighash, newhash)):
        return '200'
    return "error"


@app.route('/auth/logout')
@no_cache
def auth_logout():
    flask.session.clear()
    return redirect('/')


def hash_password(password):
    """Hash a password for storing."""
    pwdhash = hashlib.pbkdf2_hmac(
        'sha512', password, app_salt.encode('ascii'), 100000)
    # hash = pbkdf2_sha256.encrypt(password, rounds=200000, salt_size=16)
    pwdhash = binascii.hexlify(pwdhash).decode('ascii')
    return pwdhash


def verify_password(stored_password, provided_password):
    """Verify a stored password against one provided by user"""
    pwdhash = hashlib.pbkdf2_hmac(
        'sha512', provided_password, app_salt.encode('ascii'), 100000)
    pwdhash = binascii.hexlify(pwdhash).decode('ascii')
    return pwdhash == stored_password
Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago			`import hashlib`
So much to say... Added the beginnings of local user creation alongside google integration. Google has made me jump through hoops to not have to do this but I am going to have to do it anyhow. The next step is to create a new user from scratch. 6 years ago			`import flask`
Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago			`from flask import request, redirect`
			`import binascii`
			`# from passlib.hash`
Removing google_auth and starting new auth Using app_auth to handle all authentication, while removing the google support, it was fun but silly. I'll be making database changes soon and setting up the rest of the login code. 5 years ago			`import functools`
			`import os`
Sweeping updates Login semi works, just need to do some jquery and change responses to be a lil better. I made some db updates in order to use this code so check the database.md file. 5 years ago			`import appdb`
Adding some hasing functions 6 years ago			`import pprint`
Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago			`# import google_auth`
Hoping this works 6 years ago			`import configparser`

Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago			`salt = os.urandom(32)`
Hoping this works 6 years ago			`config = configparser.ConfigParser()`
			`config.read('config.ini')`
Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago			`app_debug = config.get("app", "debug")`
			`app_salt = config.get("auth", "FN_FLASK_SECRET_KEY")`
Sweeping updates Login semi works, just need to do some jquery and change responses to be a lil better. I made some db updates in order to use this code so check the database.md file. 5 years ago			`login_redirect = "/"`
Hoping this works 6 years ago
Yarrr 6 years ago			`app = flask.Blueprint('app_auth', __name__)`
Removing google_auth and starting new auth Using app_auth to handle all authentication, while removing the google support, it was fun but silly. I'll be making database changes soon and setting up the rest of the login code. 5 years ago			`app.debug = True`

Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago
Removing google_auth and starting new auth Using app_auth to handle all authentication, while removing the google support, it was fun but silly. I'll be making database changes soon and setting up the rest of the login code. 5 years ago			`def no_cache(view):`
			`@functools.wraps(view)`
			`def no_cache_impl(args, *kwargs):`
			`response = flask.make_response(view(args, *kwargs))`
Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago
Removing google_auth and starting new auth Using app_auth to handle all authentication, while removing the google support, it was fun but silly. I'll be making database changes soon and setting up the rest of the login code. 5 years ago			`response.headers['Cache-Control'] = 'no-store, no-cache, must-revalidate, max-age=0'`
			`response.headers['Pragma'] = 'no-cache'`
			`response.headers['Expires'] = '-1'`
			`return response`

			`return functools.update_wrapper(no_cache_impl, view)`
Yarrr 6 years ago
Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago
Hoping this works 6 years ago			`def is_logged_in():`
Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago			`if flask.session.get('loginid'):`
I can't figure anything out, so I'm calling it for the night. 6 years ago			`pprint.pprint('Flask session loginhash:')`
Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago			`pprint.pprint(flask.session.get('loginid'))`
			`if appdb.verify_id(`
			`flask.session.get('email'),`
			`flask.session.get('loginid')) is True:`
			`return True`
			`return False`
Sweeping updates Login semi works, just need to do some jquery and change responses to be a lil better. I made some db updates in order to use this code so check the database.md file. 5 years ago			`return False`

Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago
Sweeping updates Login semi works, just need to do some jquery and change responses to be a lil better. I made some db updates in order to use this code so check the database.md file. 5 years ago			`def verify_login(email, password):`
			`result = appdb.verify_login(email, password)`
			`if result:`
I can't figure anything out, so I'm calling it for the night. 6 years ago			`return True`
Hoping this works 6 years ago			`return False`

Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago
Removing google_auth and starting new auth Using app_auth to handle all authentication, while removing the google support, it was fun but silly. I'll be making database changes soon and setting up the rest of the login code. 5 years ago			`@app.route('/auth/login', methods=['POST'])`
			`@no_cache`
			`def auth_login():`
			`"""Login using provided credentials"""`
Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago			`# pprint.pprint('Got credentials offff')`
			`# pprint.pprint(request.form)`
			`if appdb.verify_login(`
			`request.form['email'],`
			`hash_password(request.form['passwd'].encode('ascii'))):`
Sweeping updates Login semi works, just need to do some jquery and change responses to be a lil better. I made some db updates in order to use this code so check the database.md file. 5 years ago			`pprint.pprint("got variables")`
			`uniqueID = appdb.generate_id(request.form['email'])`
			`flask.session['loggedin'] = True`
			`flask.session['loginid'] = uniqueID`
			`flask.session['account_id'] = appdb.getAccountId(uniqueID)`
			`flask.session['email'] = request.form['email']`
			`flask.session['password'] = request.form['passwd']`
Fixing Made it work in a development environment to send and receive messages. 5 years ago			`return "/"`
			`return "error"`
Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago			`# return login_redirect`

Removing google_auth and starting new auth Using app_auth to handle all authentication, while removing the google support, it was fun but silly. I'll be making database changes soon and setting up the rest of the login code. 5 years ago
			`@app.route('/auth/register', methods=['POST'])`
			`@no_cache`
			`def auth_register_login():`
			`"""Create a login using the supplied credentials in request.form"""`
Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago			`# pprint.pprint('Got credentials offff')`
			`# pprint.pprint(request.form)`
Sweeping updates Login semi works, just need to do some jquery and change responses to be a lil better. I made some db updates in order to use this code so check the database.md file. 5 years ago			`return "DISABLED"`

Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago
jQuery update and some more password logic As said above, I updated jQuery to the latest version and added some logic for the password changing. 5 years ago			`@app.route('/auth/updatepw', methods=['POST'])`
			`@no_cache`
			`def auth_updatepw():`
Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago			`'''This takes three post variables to match the old password then match two`
			`passwords forms then update password if it all checks out.'''`

Password hashing Added support for hashing the passwords before being stored in the database. 5 years ago			`if not is_logged_in():`
			`return "error"`
			`if flask.session['loginid']:`
Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago			`user_info = appdb.getUserInfo(`
			`flask.session['email'], flask.session['loginid'])`
Password hashing Added support for hashing the passwords before being stored in the database. 5 years ago
jQuery update and some more password logic As said above, I updated jQuery to the latest version and added some logic for the password changing. 5 years ago			`passzero = request.form['passwdzero']`
			`passone = request.form['passwdone']`
Password hashing Added support for hashing the passwords before being stored in the database. 5 years ago			`orighash = hash_password(passzero.encode('ascii'))`
			`newhash = hash_password(passone.encode('ascii'))`
Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago			`if (appdb.updatePass(user_info[0], orighash, newhash)):`
Password hashing Added support for hashing the passwords before being stored in the database. 5 years ago			`return '200'`
jQuery update and some more password logic As said above, I updated jQuery to the latest version and added some logic for the password changing. 5 years ago			`return "error"`

Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago
Sweeping updates Login semi works, just need to do some jquery and change responses to be a lil better. I made some db updates in order to use this code so check the database.md file. 5 years ago			`@app.route('/auth/logout')`
			`@no_cache`
			`def auth_logout():`
			`flask.session.clear()`
			`return redirect('/')`
Removing google_auth and starting new auth Using app_auth to handle all authentication, while removing the google support, it was fun but silly. I'll be making database changes soon and setting up the rest of the login code. 5 years ago
Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago
Hoping this works 6 years ago			`def hash_password(password):`
			`"""Hash a password for storing."""`
Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago			`pwdhash = hashlib.pbkdf2_hmac(`
			`'sha512', password, app_salt.encode('ascii'), 100000)`
			`# hash = pbkdf2_sha256.encrypt(password, rounds=200000, salt_size=16)`
Adding some hasing functions 6 years ago			`pwdhash = binascii.hexlify(pwdhash).decode('ascii')`
			`return pwdhash`
Hoping this works 6 years ago
Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago
Hoping this works 6 years ago			`def verify_password(stored_password, provided_password):`
			`"""Verify a stored password against one provided by user"""`
Syntax cleaning A lot of cleaning of syntax after re-installing my computer and having to re-setup mariadb. I will try and make a dump of the example database. 5 years ago			`pwdhash = hashlib.pbkdf2_hmac(`
			`'sha512', provided_password, app_salt.encode('ascii'), 100000)`
Hoping this works 6 years ago			`pwdhash = binascii.hexlify(pwdhash).decode('ascii')`
			`return pwdhash == stored_password`