From 17b999c2739006c2ec3b37ed64f119c9ad0b3338 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Pu=C5=A1nik?= Date: Tue, 6 Oct 2015 00:41:12 +0200 Subject: change password --- server/handlers.py | 19 +++++++++++++++++-- server/user_session.py | 19 ++++++++++++++++++- 2 files changed, 35 insertions(+), 3 deletions(-) (limited to 'server') diff --git a/server/handlers.py b/server/handlers.py index 0a77e66..a7f4f76 100644 --- a/server/handlers.py +++ b/server/handlers.py @@ -55,6 +55,21 @@ class Login(CodeqService): request.reply({'code': 0, 'message': 'OK', 'sid':session.get_sid(), 'settings':settings}) +class ChangePassword(CodeqService): + def process(self, request): + js = request.data + password = js.get('password') + if password is None: + request.reply({'code': 1, 'message': 'Password was not provided'}) + else: + try: + request.session.change_password(password) + except PasswordChangeFailed: + request.reply({'code': 2, 'message': 'Password change failed'}) + else: + request.reply({'code': 0, 'message': 'OK'}) + + class Settings(CodeqService): def process(self, request): js = request.data @@ -63,7 +78,7 @@ class Settings(CodeqService): request.reply({'code': 1, 'message': 'New settings not provided'}) else: try: - request.session.update_settings(settings) + request.user_session.update_settings(settings) request.session.write_settings_to_db() except NoSuchSession: request.reply({'code': 2, 'message': 'No such session'}) @@ -71,7 +86,6 @@ class Settings(CodeqService): request.reply({'code': 0, 'message': 'OK'}) - class Activity(CodeqService): def process(self, request): js = request.data @@ -246,6 +260,7 @@ class EndProblem(CodeqService): incoming_handlers = { 'list_problems': ProblemList(), 'login': Login(), + 'change_password': ChangePassword(), 'get_problem': GetProblem(), 'logout': None, 'activity': Activity(), diff --git a/server/user_session.py b/server/user_session.py index d80cedd..55f4853 100644 --- a/server/user_session.py +++ b/server/user_session.py @@ -7,7 +7,7 @@ import base64 import random import db import server -from errors.session import NoSuchSession, AuthenticationFailed +from errors.session import NoSuchSession, AuthenticationFailed, PasswordChangeFailed import psycopg2.extras __all__ = ['get_session_by_id', 'get_or_create_session', 'UserSession'] @@ -167,6 +167,22 @@ class UserSession(object): finally: db.return_connection(conn) + def change_password(self, password): + conn = db.get_connection() + try: + cur = conn.cursor() + try: + cur.execute('update codeq_user set password = %s where id = %s', (encrypt_password(password), self.uid,)) + affected = cur.rowcount + if affected is None: + raise PasswordChangeFailed('Password change failed') + finally: + cur.close() + finally: + conn.commit() + db.return_connection(conn) + + def send(self, json_obj): """Sends a message to the user. @@ -223,6 +239,7 @@ def authenticate_and_create_session(username, password): conn.commit() db.return_connection(conn) + def verify_password(plain_password, encrypted_password): elts = encrypted_password.split('$') if len(elts) != 4: -- cgit v1.2.1