diff options
| -rw-r--r-- | wqflask/wqflask/database.py | 5 | ||||
| -rw-r--r-- | wqflask/wqflask/model.py | 68 | ||||
| -rw-r--r-- | wqflask/wqflask/pbkdf2.py | 12 | ||||
| -rw-r--r-- | wqflask/wqflask/user_manager.py | 15 |
4 files changed, 62 insertions, 38 deletions
diff --git a/wqflask/wqflask/database.py b/wqflask/wqflask/database.py index d93987bc..65ca7d0c 100644 --- a/wqflask/wqflask/database.py +++ b/wqflask/wqflask/database.py @@ -19,4 +19,7 @@ def init_db(): # you will have to import them first before calling init_db() #import yourapplication.models import wqflask.model - Base.metadata.create_all(bind=engine) \ No newline at end of file + Base.metadata.create_all(bind=engine) + + +init_db() \ No newline at end of file diff --git a/wqflask/wqflask/model.py b/wqflask/wqflask/model.py index 603cfbc4..1f7297a2 100644 --- a/wqflask/wqflask/model.py +++ b/wqflask/wqflask/model.py @@ -10,8 +10,14 @@ from flask.ext.sqlalchemy import SQLAlchemy from wqflask import app +from sqlalchemy import Column, Integer, String, Table, ForeignKey, Unicode, Boolean, DateTime +from sqlalchemy.orm import relationship, backref + +from wqflask.database import Base + # Create database connection object -db = SQLAlchemy(app) +#db = SQLAlchemy(app) + # Is this right? -Sam #from sqlalchemy.ext.declarative import declarative_base @@ -28,47 +34,48 @@ db = SQLAlchemy(app) # """ # print("in get cls is:", cls) # print(" key is {} : {}".format(type(key), key)) -# query = db.Model.query(cls) +# query = Model.query(cls) # print("query is: ", query) # record = query.get(key) # return record # # -#print("db.Model is:", vars(db.Model)) -#db.Model.get = get +#print("Model is:", vars(Model)) +#Model.get = get # Define models -roles_users = db.Table('roles_users', - db.Column('user_id', db.Integer(), db.ForeignKey('user.the_id')), - db.Column('role_id', db.Integer(), db.ForeignKey('role.the_id'))) - -class Role(db.Model): - the_id = db.Column(db.Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4())) - name = db.Column(db.Unicode(80), unique=True, nullable=False) - description = db.Column(db.Unicode(255)) - -class User(db.Model): - the_id = db.Column(db.Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4())) - email_address = db.Column(db.Unicode(50), unique=True, nullable=False) +#roles_users = Table('roles_users', +# Column('user_id', Integer(), ForeignKey('user.the_id')), +# Column('role_id', Integer(), ForeignKey('role.the_id'))) + +class Role(Base): + __tablename__ = "role" + the_id = Column(Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4())) + name = Column(Unicode(80), unique=True, nullable=False) + description = Column(Unicode(255)) + +class User(Base): + __tablename__ = "user" + the_id = Column(Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4())) + email_address = Column(Unicode(50), unique=True, nullable=False) - password = db.Column(db.Unicode(24), nullable=False) - salt = db.Column(db.Unicode(32), nullable=False) - password_info = db.Column(db.Unicode(50)) + # Todo: Turn on strict mode for Mysql + password = Column(Unicode(500), nullable=False) - full_name = db.Column(db.Unicode(50)) - organization = db.Column(db.Unicode(50)) + full_name = Column(Unicode(50)) + organization = Column(Unicode(50)) - active = db.Column(db.Boolean()) - confirmed_at = db.Column(db.DateTime()) + active = Column(Boolean()) + confirmed_at = Column(DateTime()) - last_login_at = db.Column(db.DateTime()) - current_login_at = db.Column(db.DateTime()) - last_login_ip = db.Column(db.Unicode(39)) - current_login_ip = db.Column(db.Unicode(39)) - login_count = db.Column(db.Integer()) + last_login_at = Column(DateTime()) + current_login_at = Column(DateTime()) + last_login_ip = Column(Unicode(39)) + current_login_ip = Column(Unicode(39)) + login_count = Column(Integer()) - roles = db.relationship('Role', secondary=roles_users, - backref=db.backref('users', lazy='dynamic')) + #roles = relationship('Role', secondary=roles_users, + # backref=backref('users', lazy='dynamic')) # Setup Flask-Security #user_datastore = SQLAlchemyUserDatastore(db, User, Role) @@ -80,6 +87,5 @@ class User(db.Model): # #security = Security(app, user_datastore, register_form=ExtendedRegisterForm) -db.metadata.create_all(db.engine) #user_datastore.create_role(name="Genentech", description="Genentech Beta Project(testing)") diff --git a/wqflask/wqflask/pbkdf2.py b/wqflask/wqflask/pbkdf2.py index b7a7dd42..f7f61a09 100644 --- a/wqflask/wqflask/pbkdf2.py +++ b/wqflask/wqflask/pbkdf2.py @@ -72,11 +72,21 @@ def pbkdf2_bin(data, salt, iterations=1000, keylen=24, hashfunc=None): rv = u = _pseudorandom(salt + _pack_int(block)) for i in xrange(iterations - 1): u = _pseudorandom(''.join(map(chr, u))) - rv = starmap(xor, izip(rv, u)) + rv = list(starmap(xor, izip(rv, u))) buf.extend(rv) return ''.join(map(chr, buf))[:keylen] +def safe_str_cmp(a, b): + if len(a) != len(b): + return False + rv = 0 + for x, y in izip(a, b): + rv |= ord(x) ^ ord(y) + return rv == 0 + + + def test(): failed = [] def check(data, salt, iterations, keylen, expected): diff --git a/wqflask/wqflask/user_manager.py b/wqflask/wqflask/user_manager.py index 3f5eee08..bafc1c3e 100644 --- a/wqflask/wqflask/user_manager.py +++ b/wqflask/wqflask/user_manager.py @@ -14,7 +14,7 @@ import time import simplejson as json -import pbkdf2 +from wqflask import pbkdf2 from wqflask.database import db_session @@ -100,12 +100,12 @@ class RegisterUser(object): algorithm = getattr(hashlib, algo_string) pwfields.algorithm = "pbkdf2-" + algo_string pwfields.salt = os.urandom(32) - - # lastpass did 100000 iterations in 2011 + + # https://forums.lastpass.com/viewtopic.php?t=84104 pwfields.iterations = 100000 pwfields.keylength = 24 - pwfields.created = datetime.datetime.utcnow() + pwfields.created_ts = datetime.datetime.utcnow().isoformat() # One more check on password length assert len(password) >= 6, "Password shouldn't be so short here" @@ -114,7 +114,12 @@ class RegisterUser(object): start_time = time.time() pwfields.password = pbkdf2.pbkdf2_hex(password, pwfields.salt, pwfields.iterations, pwfields.keylength, algorithm) print("Creating password took:", time.time() - start_time) - self.user.password = json.dumps(pwfields.__dict__, sort_keys=True) + self.user.password = json.dumps(pwfields.__dict__, + sort_keys=True, + # See http://stackoverflow.com/a/12312896 + encoding="latin-1" + ) + #def combined_salt(user_salt): |