Hash password
This commit is contained in:
parent
e9a24588a0
commit
72d196ee7f
|
@ -56,9 +56,8 @@ class User(UserMixin):
|
||||||
SELECT *
|
SELECT *
|
||||||
FROM Bruker
|
FROM Bruker
|
||||||
WHERE Epost = %s
|
WHERE Epost = %s
|
||||||
AND Passord = %s
|
|
||||||
LIMIT 1;
|
LIMIT 1;
|
||||||
""", login)
|
""", (login[0],))
|
||||||
|
|
||||||
user = cur.fetchone()
|
user = cur.fetchone()
|
||||||
|
|
||||||
|
@ -67,6 +66,9 @@ class User(UserMixin):
|
||||||
if user is None:
|
if user is None:
|
||||||
raise Exception("Invalid login")
|
raise Exception("Invalid login")
|
||||||
|
|
||||||
|
if not glob.check_password(login[1], user[2]):
|
||||||
|
raise Exception("Incorrect password")
|
||||||
|
|
||||||
self.id, self.email, self.password, self.firstname, self.surname = user
|
self.id, self.email, self.password, self.firstname, self.surname = user
|
||||||
|
|
||||||
def register_account(email, password, firstname, surname):
|
def register_account(email, password, firstname, surname):
|
||||||
|
@ -77,7 +79,7 @@ def register_account(email, password, firstname, surname):
|
||||||
INSERT INTO
|
INSERT INTO
|
||||||
Bruker (Epost, Passord, Fornavn, Etternavn)
|
Bruker (Epost, Passord, Fornavn, Etternavn)
|
||||||
VALUES (%s, %s, %s, %s);
|
VALUES (%s, %s, %s, %s);
|
||||||
""", (email, password, firstname, surname))
|
""", (email, glob.hash_password(password), firstname, surname))
|
||||||
|
|
||||||
conn.commit()
|
conn.commit()
|
||||||
cur.close()
|
cur.close()
|
||||||
|
|
|
@ -2,6 +2,7 @@ import os
|
||||||
import json
|
import json
|
||||||
import shutil
|
import shutil
|
||||||
import mysql.connector
|
import mysql.connector
|
||||||
|
import bcrypt
|
||||||
|
|
||||||
# ------------------------------------------------------------------------------
|
# ------------------------------------------------------------------------------
|
||||||
# Global variables that is None by default and gets overwritten in other modules
|
# Global variables that is None by default and gets overwritten in other modules
|
||||||
|
@ -27,3 +28,9 @@ def get_sql_connection():
|
||||||
if sql_conn is None or not sql_conn.is_connected():
|
if sql_conn is None or not sql_conn.is_connected():
|
||||||
sql_conn = make_sql_connection()
|
sql_conn = make_sql_connection()
|
||||||
return sql_conn
|
return sql_conn
|
||||||
|
|
||||||
|
def hash_password(password):
|
||||||
|
return bcrypt.hashpw(password.encode(), bcrypt.gensalt(10, prefix=b"2a")).decode()
|
||||||
|
|
||||||
|
def check_password(p1, p2):
|
||||||
|
return bcrypt.checkpw(p1.encode(), p2.encode())
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
Flask>=1.0.2
|
Flask>=1.0.2
|
||||||
Flask-WTF>=0.14.2
|
Flask-WTF>=0.14.2
|
||||||
flask_login>=0.4.1
|
flask_login>=0.4.1
|
||||||
|
bcrypt
|
Loading…
Reference in New Issue
Block a user