diff options
| author | Frederick Muriuki Muriithi | 2023-01-05 07:53:21 +0300 |
|---|---|---|
| committer | Frederick Muriuki Muriithi | 2023-01-05 07:53:21 +0300 |
| commit | 93e20e7be957c0a4c8b08d2a5395f29109865c82 (patch) | |
| tree | 8c527e968eef756671bffdfe0e2b119eb6042158 /gn3/auth/authentication/users.py | |
| parent | 3752c663fa9ded1801680aa2342947b7676d8ce9 (diff) | |
| download | genenetwork3-93e20e7be957c0a4c8b08d2a5395f29109865c82.tar.gz | |
auth: Persist the user's registration details
If the registration details pass the validations steps, then persist the
details in the database and respond with details about the newly created user.
* gn3/auth/authentication/users.py: new functions
* `save_user`: create and persist a new user
* `set_user_password`: hash and persist the new password for the given user
* gn3/auth/authorisation/views.py: Persist the user details and respond with
the newly persisted user details.
Diffstat (limited to 'gn3/auth/authentication/users.py')
| -rw-r--r-- | gn3/auth/authentication/users.py | 26 |
1 files changed, 25 insertions, 1 deletions
diff --git a/gn3/auth/authentication/users.py b/gn3/auth/authentication/users.py index 6ec6bca..0cd5852 100644 --- a/gn3/auth/authentication/users.py +++ b/gn3/auth/authentication/users.py @@ -1,5 +1,5 @@ """User-specific code and data structures.""" -from uuid import UUID +from uuid import UUID, uuid4 from typing import NamedTuple import bcrypt @@ -53,3 +53,27 @@ def valid_login(conn: db.DbConnection, user: User, password: str) -> bool: return False return bcrypt.checkpw(password.encode("utf-8"), row["password"]) + +def save_user(cursor: db.DbCursor, email: str, name: str) -> User: + """ + Create and persist a user. + + The user creation could be done during a transaction, therefore the function + takes a cursor object rather than a connection. + + The newly created and persisted user is then returned. + """ + user_id = uuid4() + cursor.execute("INSERT INTO users VALUES (?, ?, ?)", + (str(user_id), email, name)) + return User(user_id, email, name) + +def set_user_password( + cursor: db.DbCursor, user: User, password: str) -> Tuple[User, bytes]: + """Set the given user's password in the database.""" + hashed_password = bcrypt.hashpw(password.encode("utf8"), bcrypt.gensalt()) + cursor.execute( + ("INSERT INTO user_credentials VALUES (:user_id, :hash) " + "ON CONFLICT (user_id) DO UPDATE SET password=:hash"), + {"user_id": str(user.user_id), "hash": hashed_password}) + return user, hashed_password |