change password

author: Marko Pušnik <marko.pusnik@guru.si> 2015-10-06 00:41:12 +0200
committer: Marko Pušnik <marko.pusnik@guru.si> 2015-10-06 00:41:12 +0200
commit: 17b999c2739006c2ec3b37ed64f119c9ad0b3338 (patch)
tree: 87a36d696bdcf46a612bf3aa90fe4d2758d74e6f /server
parent: 4586cb0e9d6cc862176314dcaa29edfea3c8eb4d (diff)
2 files changed, 35 insertions, 3 deletions
diff --git a/server/handlers.py b/server/handlers.py
index 0a77e66..a7f4f76 100644
--- a/server/handlers.py
+++ b/server/handlers.py
@@ -55,6 +55,21 @@ class Login(CodeqService):
                 request.reply({'code': 0, 'message': 'OK', 'sid':session.get_sid(), 'settings':settings})
 
 
+class ChangePassword(CodeqService):
+    def process(self, request):
+        js = request.data
+        password = js.get('password')
+        if password is None:
+            request.reply({'code': 1, 'message': 'Password was not provided'})
+        else:
+            try:
+                request.session.change_password(password)
+            except PasswordChangeFailed:
+                request.reply({'code': 2, 'message': 'Password change failed'})
+            else:
+                request.reply({'code': 0, 'message': 'OK'})
+
+
 class Settings(CodeqService):
     def process(self, request):
         js = request.data
@@ -63,7 +78,7 @@ class Settings(CodeqService):
             request.reply({'code': 1, 'message': 'New settings not provided'})
         else:
             try:
-                request.session.update_settings(settings)
+                request.user_session.update_settings(settings)
                 request.session.write_settings_to_db()
             except NoSuchSession:
                 request.reply({'code': 2, 'message': 'No such session'})
@@ -71,7 +86,6 @@ class Settings(CodeqService):
                 request.reply({'code': 0, 'message': 'OK'})
 
 
-
 class Activity(CodeqService):
     def process(self, request):
         js = request.data
@@ -246,6 +260,7 @@ class EndProblem(CodeqService):
 incoming_handlers = {
     'list_problems': ProblemList(),
     'login': Login(),
+    'change_password': ChangePassword(),
     'get_problem': GetProblem(),
     'logout': None,
     'activity': Activity(),
diff --git a/server/user_session.py b/server/user_session.py
index d80cedd..55f4853 100644
--- a/server/user_session.py
+++ b/server/user_session.py
@@ -7,7 +7,7 @@ import base64
 import random
 import db
 import server
-from errors.session import NoSuchSession, AuthenticationFailed
+from errors.session import NoSuchSession, AuthenticationFailed, PasswordChangeFailed
 import psycopg2.extras
 
 __all__ = ['get_session_by_id', 'get_or_create_session', 'UserSession']
@@ -167,6 +167,22 @@ class UserSession(object):
         finally:
             db.return_connection(conn)
 
+    def change_password(self, password):
+        conn = db.get_connection()
+        try:
+            cur = conn.cursor()
+            try:
+                cur.execute('update codeq_user set password = %s  where id = %s', (encrypt_password(password), self.uid,))
+                affected = cur.rowcount
+                if affected is None:
+                    raise PasswordChangeFailed('Password change failed')
+            finally:
+                cur.close()
+        finally:
+            conn.commit()
+            db.return_connection(conn)
+
+
     def send(self, json_obj):
         """Sends a message to the user.
 
@@ -223,6 +239,7 @@ def authenticate_and_create_session(username, password):
         conn.commit()
         db.return_connection(conn)
 
+
 def verify_password(plain_password, encrypted_password):
     elts = encrypted_password.split('$')
     if len(elts) != 4:
author	Marko Pušnik <marko.pusnik@guru.si>	2015-10-06 00:41:12 +0200
committer	Marko Pušnik <marko.pusnik@guru.si>	2015-10-06 00:41:12 +0200
commit	17b999c2739006c2ec3b37ed64f119c9ad0b3338 (patch)
tree	87a36d696bdcf46a612bf3aa90fe4d2758d74e6f /server
parent	4586cb0e9d6cc862176314dcaa29edfea3c8eb4d (diff)