summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--errors/session.py3
-rw-r--r--server/handlers.py19
-rw-r--r--server/user_session.py19
-rw-r--r--web/main.js23
4 files changed, 50 insertions, 14 deletions
diff --git a/errors/session.py b/errors/session.py
index c5170d8..f58f2af 100644
--- a/errors/session.py
+++ b/errors/session.py
@@ -6,5 +6,8 @@ class NoSuchSession(Exception):
class AuthenticationFailed(Exception):
pass
+class PasswordChangeFailed(Exception):
+ pass
+
class RequestProcessingError(Exception):
pass \ No newline at end of file
diff --git a/server/handlers.py b/server/handlers.py
index 0a77e66..a7f4f76 100644
--- a/server/handlers.py
+++ b/server/handlers.py
@@ -55,6 +55,21 @@ class Login(CodeqService):
request.reply({'code': 0, 'message': 'OK', 'sid':session.get_sid(), 'settings':settings})
+class ChangePassword(CodeqService):
+ def process(self, request):
+ js = request.data
+ password = js.get('password')
+ if password is None:
+ request.reply({'code': 1, 'message': 'Password was not provided'})
+ else:
+ try:
+ request.session.change_password(password)
+ except PasswordChangeFailed:
+ request.reply({'code': 2, 'message': 'Password change failed'})
+ else:
+ request.reply({'code': 0, 'message': 'OK'})
+
+
class Settings(CodeqService):
def process(self, request):
js = request.data
@@ -63,7 +78,7 @@ class Settings(CodeqService):
request.reply({'code': 1, 'message': 'New settings not provided'})
else:
try:
- request.session.update_settings(settings)
+ request.user_session.update_settings(settings)
request.session.write_settings_to_db()
except NoSuchSession:
request.reply({'code': 2, 'message': 'No such session'})
@@ -71,7 +86,6 @@ class Settings(CodeqService):
request.reply({'code': 0, 'message': 'OK'})
-
class Activity(CodeqService):
def process(self, request):
js = request.data
@@ -246,6 +260,7 @@ class EndProblem(CodeqService):
incoming_handlers = {
'list_problems': ProblemList(),
'login': Login(),
+ 'change_password': ChangePassword(),
'get_problem': GetProblem(),
'logout': None,
'activity': Activity(),
diff --git a/server/user_session.py b/server/user_session.py
index d80cedd..55f4853 100644
--- a/server/user_session.py
+++ b/server/user_session.py
@@ -7,7 +7,7 @@ import base64
import random
import db
import server
-from errors.session import NoSuchSession, AuthenticationFailed
+from errors.session import NoSuchSession, AuthenticationFailed, PasswordChangeFailed
import psycopg2.extras
__all__ = ['get_session_by_id', 'get_or_create_session', 'UserSession']
@@ -167,6 +167,22 @@ class UserSession(object):
finally:
db.return_connection(conn)
+ def change_password(self, password):
+ conn = db.get_connection()
+ try:
+ cur = conn.cursor()
+ try:
+ cur.execute('update codeq_user set password = %s where id = %s', (encrypt_password(password), self.uid,))
+ affected = cur.rowcount
+ if affected is None:
+ raise PasswordChangeFailed('Password change failed')
+ finally:
+ cur.close()
+ finally:
+ conn.commit()
+ db.return_connection(conn)
+
+
def send(self, json_obj):
"""Sends a message to the user.
@@ -223,6 +239,7 @@ def authenticate_and_create_session(username, password):
conn.commit()
db.return_connection(conn)
+
def verify_password(plain_password, encrypted_password):
elts = encrypted_password.split('$')
if len(elts) != 4:
diff --git a/web/main.js b/web/main.js
index 1a160e6..8d5446b 100644
--- a/web/main.js
+++ b/web/main.js
@@ -109,17 +109,18 @@ var guiHandlers = {
// actions to use default handling should define truthy values that are not functions
// (this is to filter out unnecessary traffic before it hits Python)
- 'activity': true,
- 'query': true,
- 'python_exec': true,
- 'python_push': true,
- 'python_stop': true,
- 'hint': true,
- 'test': true,
- 'get_problem': true,
- 'settings': true,
- 'load_problem': true,
- 'end_problem': true
+ 'change_password': true,
+ 'activity': true,
+ 'query': true,
+ 'python_exec': true,
+ 'python_push': true,
+ 'python_stop': true,
+ 'hint': true,
+ 'test': true,
+ 'get_problem': true,
+ 'settings': true,
+ 'load_problem': true,
+ 'end_problem': true
};
server.on('connection', function (socket) {