本文整理汇总了Python中bcrypt.checkpw方法的典型用法代码示例。如果您正苦于以下问题:Python bcrypt.checkpw方法的具体用法?Python bcrypt.checkpw怎么用?Python bcrypt.checkpw使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类bcrypt
的用法示例。
在下文中一共展示了bcrypt.checkpw方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_reset_password_valid_token
# 需要导入模块: import bcrypt [as 别名]
# 或者: from bcrypt import checkpw [as 别名]
def test_reset_password_valid_token(test_client, authed_sempo_admin_user):
"""
GIVEN a Flask application
WHEN a valid the password reset token is POSTED to '/api/auth/reset_password/'
THEN check response is 200 and check if password changed
"""
import bcrypt
# Explicitly test None case since database migration can result in None instead of []
authed_sempo_admin_user.password_reset_tokens = None
password_reset_token = authed_sempo_admin_user.encode_single_use_JWS('R')
authed_sempo_admin_user.save_password_reset_token(password_reset_token)
password = 'NewTestPassword'
response = test_client.post('/api/v1/auth/reset_password/',
data=json.dumps(dict(new_password=password, reset_password_token=password_reset_token)),
content_type='application/json', follow_redirects=True)
f = Fernet(config.PASSWORD_PEPPER)
decrypted_hash = f.decrypt(authed_sempo_admin_user.password_hash.encode())
assert bcrypt.checkpw(
password.encode(), decrypted_hash)
assert authed_sempo_admin_user.password_reset_tokens == []
assert response.status_code == 200
示例2: get
# 需要导入模块: import bcrypt [as 别名]
# 或者: from bcrypt import checkpw [as 别名]
def get(cls, db, graph_hash, password, force=False):
if len(graph_hash) < 7:
return None
graph_hash = graph_hash + '_' * (40 - len(graph_hash))
result = db.execute('''select id, graph, view_pass, delete_pass, hash
from polycules where hash like ?''', [graph_hash])
graph = result.fetchall()
if len(graph) != 1:
return None
graph = graph[0]
polycule = Polycule(
db=db,
id=graph[0],
graph=graph[1],
view_pass=graph[2],
edit_pass=graph[3],
graph_hash=graph[4])
if not force and (
polycule.view_pass is not None and
not bcrypt.checkpw(password.encode('utf-8'),
polycule.view_pass.encode('utf-8'))):
raise Polycule.PermissionDenied
return polycule
示例3: post
# 需要导入模块: import bcrypt [as 别名]
# 或者: from bcrypt import checkpw [as 别名]
def post(self):
b = request.get_json()
email = b['email']
password = b['password']
user = g.db.execute_one_dict('''
SELECT id, password
FROM "user"
WHERE email = %s
''', [email])
if not user:
abort(400, 'Invalid email/password combination')
if not bcrypt.checkpw(password.encode('utf8'), user['password'].encode('utf8')):
abort(400, 'Invalid email/password combination')
token = encode_user_token(user['id'])
res = OK('Logged in')
res.set_cookie('token', token)
return res
示例4: authorize
# 需要导入模块: import bcrypt [as 别名]
# 或者: from bcrypt import checkpw [as 别名]
def authorize(request):
"""Requests an authorization token for a registered Account"""
required_fields = ['email', 'password']
common.validate_fields(required_fields, request.json)
password = bytes(request.json.get('password'), 'utf-8')
auth_info = await auth_query.fetch_info_by_email(
request.app.config.DB_CONN, request.json.get('email'))
if auth_info is None:
raise ApiUnauthorized("No user with that email exists")
hashed_password = auth_info.get('hashed_password')
if not bcrypt.checkpw(password, hashed_password):
raise ApiUnauthorized("Incorrect email or password")
token = common.generate_auth_token(
request.app.config.SECRET_KEY,
auth_info.get('email'),
auth_info.get('public_key'))
return json(
{
'authorization': token
})
示例5: log_in
# 需要导入模块: import bcrypt [as 别名]
# 或者: from bcrypt import checkpw [as 别名]
def log_in():
username = request.form['username']
password = request.form['password']
user = mysql.get_user(username)
if user:
if not user['enable']:
return jsonify({'success': False, 'msg': 'User has been banned! Please contact administrator.'}), 403
# 如果用户的TJUPT账户被封禁,则将Reseed账户同时封禁
if user['tjupt_id']:
user_active = check_id_tjupt(user['tjupt_id'])
if not user_active:
mysql.ban_user(user['id'])
return jsonify({'success': False, 'msg': 'User has been banned! Please contact administrator.'}), 403
if bcrypt.checkpw(password.encode('utf-8'), user['passhash'].encode('utf-8')):
return jsonify({'success': True, 'msg': 'Success~', 'token': User(user).get_auth_token()})
else:
return jsonify({'success': False, 'msg': 'Invalid username or password!'}), 403
else:
return jsonify({'success': False, 'msg': 'Invalid username or password!'}), 403
示例6: authenticate
# 需要导入模块: import bcrypt [as 别名]
# 或者: from bcrypt import checkpw [as 别名]
def authenticate(self, request):
body = await decode_request(request)
required_fields = ['public_key', 'password']
validate_fields(required_fields, body)
password = bytes(body.get('password'), 'utf-8')
auth_info = await self._database.fetch_auth_resource(
body.get('public_key'))
if auth_info is None:
raise ApiUnauthorized('No agent with that public key exists')
hashed_password = auth_info.get('hashed_password')
if not bcrypt.checkpw(password, bytes.fromhex(hashed_password)):
raise ApiUnauthorized('Incorrect public key or password')
token = generate_auth_token(
request.app['secret_key'], body.get('public_key'))
return json_response({'authorization': token})
示例7: get_users
# 需要导入模块: import bcrypt [as 别名]
# 或者: from bcrypt import checkpw [as 别名]
def get_users(self, email):
"""Get users that would match the email passed in.
Updated to support the encrypted login format created during 2019
Summer Maintenance.
"""
email = sha256(email.encode("utf-8")).hexdigest()
email_index = auth.index(email)
active_users = models.Account.objects.filter(**{"email_index": email_index})
return (
User.objects.get(pk=u.user_id)
for u in active_users
if bcrypt.checkpw(email.encode("utf-8"), u.encrypted_email.encode("utf-8"))
)
示例8: user_login
# 需要导入模块: import bcrypt [as 别名]
# 或者: from bcrypt import checkpw [as 别名]
def user_login(self, email, password):
# Auths a user and returns user object
user = self.Session.query(Users).filter(Users.user_email == email).first()
if user is not None:
if bcrypt.checkpw(password.encode(), user.password):
if int(user.active_account) != 1:
self.db_methods.app_logging("resources", f"Failed login attempt for disabled account: {email} ")
return False
self.__update_last_logged_in__(email)
self.db_methods.app_logging("resources", f"Successful login for user: {email}")
return user
else:
self.db_methods.app_logging("resources", f"Failed login attempt for user {email} ")
return False
else:
self.db_methods.app_logging("resources", f"Failed login attempt for unknown account: {email} ")
return False
示例9: authenticate_route_handler
# 需要导入模块: import bcrypt [as 别名]
# 或者: from bcrypt import checkpw [as 别名]
def authenticate_route_handler():
AUTHENTICATOR.kill()
password = request.forms.get('password')
session = request.environ.get('beaker.session')
keep_password = SETTINGS_HANDLER.get_setting('keep_password') or False
stored_hash = SETTINGS_HANDLER.get_setting('password')
if AUTHENTICATOR.matches_password(password) or keep_password and bcrypt.checkpw(password.encode('utf-8'), stored_hash.encode('utf-8')):
session['User-Agent'] = request.headers.get('User-Agent')
session['Logged-In'] = True
session.save()
redirect('/')
else:
if session.get('Logged-In', True):
session['Logged-In'] = False
session.save()
if not keep_password:
AUTHENTICATOR.reset_password()
AUTHENTICATOR.launch()
return template('login', keep_password=keep_password, failed=True)
示例10: auth_entry
# 需要导入模块: import bcrypt [as 别名]
# 或者: from bcrypt import checkpw [as 别名]
def auth_entry(entry, password):
"""Compare a password with a single user auth file entry
:param: entry: Line from auth user file to use for authentication
:param: password: Password encoded as bytes
:returns: A dictionary of WSGI environment values to append to the request
:raises: Unauthorized, if the entry doesn't match supplied password or
if the entry is crypted with a method other than bcrypt
"""
username, crypted = parse_entry(entry)
if not bcrypt.checkpw(password, crypted):
unauthorized()
return {
'HTTP_X_USER': username,
'HTTP_X_USER_NAME': username
}
示例11: test_password_update
# 需要导入模块: import bcrypt [as 别名]
# 或者: from bcrypt import checkpw [as 别名]
def test_password_update(self):
data = {'password': 'password123'}
url = url_for('api.user_password_update', pk=self.obj.id)
response = self.client.patch(
url,
data=json.dumps(data),
headers=self.auth_header,
content_type='application/json',
)
assert response.status_code == 200
patched = self.obj.__class__.load(
self.namespace,
self.obj.id,
)
user_password = patched.password.encode('utf-8')
given_password = "password123".encode('utf-8')
assert bcrypt.checkpw(given_password, user_password)
示例12: verify
# 需要导入模块: import bcrypt [as 别名]
# 或者: from bcrypt import checkpw [as 别名]
def verify(self, user, password):
"""Implementation of :func:`~kqueen.auth.base.__init__`
This function tries to find local user and verify password.
"""
if isinstance(user, User):
user_password = user.password.encode('utf-8')
given_password = password
if bcrypt.checkpw(given_password, user_password):
return user, None
msg = "Local authentication failed"
logger.info(msg)
return None, msg
示例13: check_password
# 需要导入模块: import bcrypt [as 别名]
# 或者: from bcrypt import checkpw [as 别名]
def check_password(self, user: str, passwd: str) -> bool:
if user == "root":
return False
passwd_hash = self["admins"].get(user, None)
if not passwd_hash:
return False
return bcrypt.checkpw(passwd.encode("utf-8"), passwd_hash.encode("utf-8"))
示例14: check_salt_hashed_secret
# 需要导入模块: import bcrypt [as 别名]
# 或者: from bcrypt import checkpw [as 别名]
def check_salt_hashed_secret(password, hashed_password):
f = Fernet(config.PASSWORD_PEPPER)
hashed_password = f.decrypt(hashed_password.encode())
return bcrypt.checkpw(password.encode(), hashed_password)
示例15: compare
# 需要导入模块: import bcrypt [as 别名]
# 或者: from bcrypt import checkpw [as 别名]
def compare(cls, plain_text, hash_text):
plain_text = str(plain_text).encode('utf-8')
return bcrypt.checkpw(plain_text, hash_text)