]>
Softwares of Agnibho - librevax.git/blob - auth.py
2 # Copyright (C) 2024 Dr. Agnibho Mondal
3 # This file is part of LibreVax.
4 # LibreVax is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
5 # LibreVax is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
6 # You should have received a copy of the GNU General Public License along with LibreVax. If not, see <https://www.gnu.org/licenses/>.
8 from flask
import session
9 from collections
import namedtuple
12 _auth
= namedtuple ( "auth" , [ "NONE" , "ALL" ])
13 auth
= _auth ( "NONE" , "ALL" )
15 def login ( cursor
, user
, password
, center
):
17 result
= cursor
. execute ( "SELECT * FROM users WHERE user=?" , ( user
,))
18 record
= result
. fetchone ()
19 if ( record
is not None and bcrypt
. checkpw ( password
. encode ( "utf-8" ), base64
. b64decode ( record
[ "hash" ]))):
20 session
[ "user" ]= record
[ "user" ]
21 session
[ "auth" ]= _parse_auth ( record
[ "auth" ])
22 result
= cursor
. execute ( "SELECT * FROM multicenter WHERE mid=?" , ( center
,))
23 record
= result
. fetchone ()
24 session
[ "mid" ]= record
[ "mid" ]
25 session
[ "center" ]= record
[ "center" ]
29 except Exception as e
:
33 def change ( cursor
, user
, new
, old
= None ):
36 result
= cursor
. execute ( "SELECT * FROM users WHERE user=?" , ( user
,))
37 record
= result
. fetchone ()
38 if ( record
is not None and bcrypt
. checkpw ( old
. encode ( "utf-8" ), base64
. b64decode ( record
[ "hash" ]))):
39 cursor
. execute ( "UPDATE users SET hash=? WHERE user=?" , ( base64
. b64encode ( bcrypt
. hashpw ( new
. encode ( "utf-8" ), bcrypt
. gensalt ())), user
))
44 cursor
. execute ( "UPDATE users SET hash=? WHERE user=?" , ( base64
. b64encode ( bcrypt
. hashpw ( new
. encode ( "utf-8" ), bcrypt
. gensalt ())), user
))
46 except Exception as e
:
50 def new ( cursor
, user
, pwd
):
52 cursor
. execute ( "INSERT INTO users (user, hash) VALUES (?, ?)" , ( user
, base64
. b64encode ( bcrypt
. hashpw ( pwd
. encode ( "utf-8" ), bcrypt
. gensalt ()))))
54 except Exception as e
:
58 def switch ( cursor
, center
):
60 result
= cursor
. execute ( "SELECT * FROM multicenter WHERE mid=?" , ( center
[ "center" ],))
61 record
= result
. fetchone ()
62 session
[ "mid" ]= record
[ "mid" ]
63 session
[ "center" ]= record
[ "center" ]
65 except Exception as e
:
71 result
= cursor
. execute ( "SELECT * FROM users" )
72 record
= result
. fetchall ()
74 except Exception as e
:
77 def _parse_auth ( text
):
78 if ( text
. upper ()== auth
. ALL
):
85 return session
[ "auth" ]