From a5cd9ac66277b0eb87cad874e21967ae928797b1 Mon Sep 17 00:00:00 2001
From: Sam
Date: Fri, 27 Sep 2013 01:48:06 -0500
Subject: User registration beginning to work (at least the first stage)

---
 wqflask/wqflask/database.py     |  5 ++-
 wqflask/wqflask/model.py        | 68 ++++++++++++++++++++++-------------------
 wqflask/wqflask/pbkdf2.py       | 12 +++++++-
 wqflask/wqflask/user_manager.py | 15 ++++++---
 4 files changed, 62 insertions(+), 38 deletions(-)

(limited to 'wqflask')

diff --git a/wqflask/wqflask/database.py b/wqflask/wqflask/database.py
index d93987bc..65ca7d0c 100644
--- a/wqflask/wqflask/database.py
+++ b/wqflask/wqflask/database.py
@@ -19,4 +19,7 @@ def init_db():
     # you will have to import them first before calling init_db()
     #import yourapplication.models
     import wqflask.model
-    Base.metadata.create_all(bind=engine)
\ No newline at end of file
+    Base.metadata.create_all(bind=engine)
+    
+    
+init_db()
\ No newline at end of file
diff --git a/wqflask/wqflask/model.py b/wqflask/wqflask/model.py
index 603cfbc4..1f7297a2 100644
--- a/wqflask/wqflask/model.py
+++ b/wqflask/wqflask/model.py
@@ -10,8 +10,14 @@ from flask.ext.sqlalchemy import SQLAlchemy
 
 from wqflask import app
 
+from sqlalchemy import Column, Integer, String, Table, ForeignKey, Unicode, Boolean, DateTime
+from sqlalchemy.orm import relationship, backref
+
+from wqflask.database import Base
+
 # Create database connection object
-db = SQLAlchemy(app)
+#db = SQLAlchemy(app)
+
 
 # Is this right? -Sam
 #from sqlalchemy.ext.declarative import declarative_base
@@ -28,47 +34,48 @@ db = SQLAlchemy(app)
 #    """
 #    print("in get cls is:", cls)
 #    print("  key is {} : {}".format(type(key), key))
-#    query = db.Model.query(cls)
+#    query = Model.query(cls)
 #    print("query is: ", query)
 #    record = query.get(key)
 #    return record
 #
 #
-#print("db.Model is:", vars(db.Model))
-#db.Model.get = get
+#print("Model is:", vars(Model))
+#Model.get = get
 
 # Define models
-roles_users = db.Table('roles_users',
-        db.Column('user_id', db.Integer(), db.ForeignKey('user.the_id')),
-        db.Column('role_id', db.Integer(), db.ForeignKey('role.the_id')))
-
-class Role(db.Model):
-    the_id = db.Column(db.Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4()))
-    name = db.Column(db.Unicode(80), unique=True, nullable=False)
-    description = db.Column(db.Unicode(255))
-
-class User(db.Model):
-    the_id = db.Column(db.Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4()))
-    email_address = db.Column(db.Unicode(50), unique=True, nullable=False)
+#roles_users = Table('roles_users',
+#        Column('user_id', Integer(), ForeignKey('user.the_id')),
+#        Column('role_id', Integer(), ForeignKey('role.the_id')))
+
+class Role(Base):
+    __tablename__ = "role"
+    the_id = Column(Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4()))
+    name = Column(Unicode(80), unique=True, nullable=False)
+    description = Column(Unicode(255))
+
+class User(Base):
+    __tablename__ = "user"
+    the_id = Column(Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4()))
+    email_address = Column(Unicode(50), unique=True, nullable=False)
     
-    password = db.Column(db.Unicode(24), nullable=False)
-    salt = db.Column(db.Unicode(32), nullable=False)
-    password_info = db.Column(db.Unicode(50))
+    # Todo: Turn on strict mode for Mysql
+    password = Column(Unicode(500), nullable=False)
     
-    full_name = db.Column(db.Unicode(50))
-    organization = db.Column(db.Unicode(50))
+    full_name = Column(Unicode(50))
+    organization = Column(Unicode(50))
     
-    active = db.Column(db.Boolean())
-    confirmed_at = db.Column(db.DateTime())
+    active = Column(Boolean())
+    confirmed_at = Column(DateTime())
 
-    last_login_at = db.Column(db.DateTime())
-    current_login_at = db.Column(db.DateTime())
-    last_login_ip = db.Column(db.Unicode(39))
-    current_login_ip = db.Column(db.Unicode(39))
-    login_count = db.Column(db.Integer())
+    last_login_at = Column(DateTime())
+    current_login_at = Column(DateTime())
+    last_login_ip = Column(Unicode(39))
+    current_login_ip = Column(Unicode(39))
+    login_count = Column(Integer())
 
-    roles = db.relationship('Role', secondary=roles_users,
-                            backref=db.backref('users', lazy='dynamic'))
+    #roles = relationship('Role', secondary=roles_users,
+    #                        backref=backref('users', lazy='dynamic'))
 
 # Setup Flask-Security
 #user_datastore = SQLAlchemyUserDatastore(db, User, Role)
@@ -80,6 +87,5 @@ class User(db.Model):
 #
 #security = Security(app, user_datastore, register_form=ExtendedRegisterForm)
 
-db.metadata.create_all(db.engine)
 
 #user_datastore.create_role(name="Genentech", description="Genentech Beta Project(testing)")
diff --git a/wqflask/wqflask/pbkdf2.py b/wqflask/wqflask/pbkdf2.py
index b7a7dd42..f7f61a09 100644
--- a/wqflask/wqflask/pbkdf2.py
+++ b/wqflask/wqflask/pbkdf2.py
@@ -72,11 +72,21 @@ def pbkdf2_bin(data, salt, iterations=1000, keylen=24, hashfunc=None):
         rv = u = _pseudorandom(salt + _pack_int(block))
         for i in xrange(iterations - 1):
             u = _pseudorandom(''.join(map(chr, u)))
-            rv = starmap(xor, izip(rv, u))
+            rv = list(starmap(xor, izip(rv, u)))
         buf.extend(rv)
     return ''.join(map(chr, buf))[:keylen]
 
 
+def safe_str_cmp(a, b):
+    if len(a) != len(b):
+        return False
+    rv = 0
+    for x, y in izip(a, b):
+        rv |= ord(x) ^ ord(y)
+    return rv == 0
+
+
+
 def test():
     failed = []
     def check(data, salt, iterations, keylen, expected):
diff --git a/wqflask/wqflask/user_manager.py b/wqflask/wqflask/user_manager.py
index 3f5eee08..bafc1c3e 100644
--- a/wqflask/wqflask/user_manager.py
+++ b/wqflask/wqflask/user_manager.py
@@ -14,7 +14,7 @@ import time
 
 import simplejson as json
 
-import pbkdf2
+from wqflask import pbkdf2
 
 from wqflask.database import db_session
 
@@ -100,12 +100,12 @@ class RegisterUser(object):
         algorithm = getattr(hashlib, algo_string)
         pwfields.algorithm = "pbkdf2-" + algo_string
         pwfields.salt = os.urandom(32)
-        
-        # lastpass did 100000 iterations in 2011 
+
+        # https://forums.lastpass.com/viewtopic.php?t=84104
         pwfields.iterations = 100000   
         pwfields.keylength = 24
         
-        pwfields.created = datetime.datetime.utcnow()
+        pwfields.created_ts = datetime.datetime.utcnow().isoformat()
         # One more check on password length
         assert len(password) >= 6, "Password shouldn't be so short here"
         
@@ -114,7 +114,12 @@ class RegisterUser(object):
         start_time = time.time()
         pwfields.password = pbkdf2.pbkdf2_hex(password, pwfields.salt, pwfields.iterations, pwfields.keylength, algorithm)
         print("Creating password took:", time.time() - start_time)
-        self.user.password = json.dumps(pwfields.__dict__, sort_keys=True)
+        self.user.password = json.dumps(pwfields.__dict__,
+                                        sort_keys=True,
+                                        # See http://stackoverflow.com/a/12312896
+                                        encoding="latin-1"
+                                       )
+        
 
 
 #def combined_salt(user_salt):
-- 
cgit v1.2.3