]>
Softwares of Agnibho - librevax.git/blob - auth.py
2 # Copyright (C) 2024 Dr. Agnibho Mondal
3 # This file is part of LibreVax.
4 # LibreVax is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
5 # LibreVax is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
6 # You should have received a copy of the GNU General Public License along with LibreVax. If not, see <https://www.gnu.org/licenses/>.
8 from flask
import session
9 from collections
import namedtuple
12 _auth
= namedtuple ( "auth" , [ "NONE" , "ALL" ])
13 auth
= _auth ( "NONE" , "ALL" )
15 def login ( cursor
, user
, password
, center
):
17 result
= cursor
. execute ( "SELECT * FROM users WHERE user=?" , ( user
,))
18 record
= result
. fetchone ()
19 if ( record
is not None and bcrypt
. checkpw ( password
. encode ( "utf-8" ), base64
. b64decode ( record
[ "hash" ]))):
20 session
[ "user" ]= record
[ "user" ]
21 session
[ "auth" ]= _parse_auth ( record
[ "auth" ])
22 result
= cursor
. execute ( "SELECT * FROM multicenter WHERE mid=?" , ( center
,))
23 record
= result
. fetchone ()
24 session
[ "mid" ]= record
[ "mid" ]
25 session
[ "center" ]= record
[ "center" ]
29 except Exception as e
:
33 def changePass ( cursor
, user
, new
, old
= None ):
36 result
= cursor
. execute ( "SELECT * FROM users WHERE user=?" , ( user
,))
37 record
= result
. fetchone ()
38 if ( record
is not None and bcrypt
. checkpw ( old
. encode ( "utf-8" ), base64
. b64decode ( record
[ "hash" ]))):
39 cursor
. execute ( "UPDATE users SET hash=? WHERE user=?" , ( base64
. b64encode ( bcrypt
. hashpw ( new
. encode ( "utf-8" ), bcrypt
. gensalt ())), user
))
44 cursor
. execute ( "UPDATE users SET hash=? WHERE user=?" , ( base64
. b64encode ( bcrypt
. hashpw ( new
. encode ( "utf-8" ), bcrypt
. gensalt ())), user
))
46 except Exception as e
:
50 def changeAuth ( cursor
, user
, auth
):
52 result
= cursor
. execute ( "SELECT * FROM users WHERE user=?" , ( user
,))
53 record
= result
. fetchone ()
54 if ( record
is not None ):
55 cursor
. execute ( "UPDATE users SET auth=? WHERE user=?" , ( auth
, user
))
60 except Exception as e
:
64 def new ( cursor
, user
, pwd
, auth
):
66 cursor
. execute ( "INSERT INTO users (user, hash, auth) VALUES (?, ?, ?)" , ( user
, base64
. b64encode ( bcrypt
. hashpw ( pwd
. encode ( "utf-8" ), bcrypt
. gensalt ())), auth
))
68 except Exception as e
:
72 def delete ( cursor
, user
):
74 cursor
. execute ( "DELETE FROM users WHERE user=?" , ( user
,))
76 except Exception as e
:
80 def switch ( cursor
, center
):
82 result
= cursor
. execute ( "SELECT * FROM multicenter WHERE mid=?" , ( center
[ "center" ],))
83 record
= result
. fetchone ()
84 session
[ "mid" ]= record
[ "mid" ]
85 session
[ "center" ]= record
[ "center" ]
87 except Exception as e
:
93 result
= cursor
. execute ( "SELECT * FROM users" )
94 record
= result
. fetchall ()
96 except Exception as e
:
99 def _parse_auth ( text
):
101 if ( text
. upper ()== auth
. ALL
):
106 except Exception as e
:
111 return session
[ "auth" ]
120 del session
[ "center" ]