kjao/binbin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added change password functionality

Browse Source
This commit is contained in:
Kenneth Jao 2020-08-06 23:03:36 -04:00
parent 6acada7c75
commit 23cd68556e
2 changed files with 50 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
binbin.py
View File

@ -199,6 +199,24 @@ def download(uuid):
conditional=True) conditional=True)
@app.route('/changepass', methods=['POST'])
def changepass():
## FIX LATER
check = verify_data('changepass', request.form, session)
if not check[0]: return check[1], 400
form = check[1]
salt = uuid.uuid4().hex
to_hash = (form['password'] + salt).encode('utf-8')
USERS.update_one({'username': form['username']},
{'$set': {
'password': hashlib.sha512(to_hash).digest(),
'salt': salt
}
})
return 'Operation completed'
@app.route('/users/<method>', methods=['POST']) @app.route('/users/<method>', methods=['POST'])
def users(method): def users(method):
if 'username' not in session: if 'username' not in session:
@ -217,11 +235,11 @@ def users(method):
'username': form['username'], 'username': form['username'],
'password': hashlib.sha512(to_hash).digest(), 'password': hashlib.sha512(to_hash).digest(),
'salt': salt, 'salt': salt,
'perm_level': 1
}) })
create_drive('virtual', user.inserted_id) create_drive('virtual', user.inserted_id)
elif method == 'delete': elif method == 'delete':
check = verify_data('users.delete', request.form, session) check = verify_data('users.delete', request.form, session)
if not check[0]: return check[1], 400 if not check[0]: return check[1], 400
@ -232,6 +250,7 @@ def users(method):
pass pass
return 'Operation completed' return 'Operation completed'
@app.route('/drive/<drive_id>/<path:path>') @app.route('/drive/<drive_id>/<path:path>')
def drive_path(): def drive_path():
pass pass
@ -382,6 +401,7 @@ def verify_data(method, form, sess):
'data': 'malformed data', 'data': 'malformed data',
'permission': 'insufficient permissions', 'permission': 'insufficient permissions',
'userexists': 'username already in use', 'userexists': 'username already in use',
'usernotexist': 'user does not exist',
'driveperm': 'the drive is not shared with you', 'driveperm': 'the drive is not shared with you',
'pathinvalid': 'not a valid path' 'pathinvalid': 'not a valid path'
} }
@ -401,7 +421,6 @@ def verify_data(method, form, sess):
except KeyError: except KeyError:
pass pass
elif method == 'users.delete': elif method == 'users.delete':
has_items = exists(data, ['username']) has_items = exists(data, ['username'])
if not has_items: errors.append('data') if not has_items: errors.append('data')
@ -414,6 +433,19 @@ def verify_data(method, form, sess):
elif method == 'users.modify': elif method == 'users.modify':
pass pass
elif method == 'changepass':
### REIMPLEMENT LATER
has_items = exists(data, ['username', 'password'])
if not has_items: errors.append('data')
sanitize(data)
try:
if USERS.find_one({'username': data['username']}) == None:
errors.append('usernotexist')
except KeyError:
pass
elif method == 'files': elif method == 'files':
has_items = exists(data, ['drive_id', 'path']) has_items = exists(data, ['drive_id', 'path'])
if not has_items: errors.append('data') if not has_items: errors.append('data')
@ -454,7 +486,6 @@ def verify_data(method, form, sess):
# For virtual drives, the path is just the user request. # For virtual drives, the path is just the user request.
data['drive'] = drive data['drive'] = drive
else: else:
raise Exception('Invalid data verification method.') raise Exception('Invalid data verification method.')

1
css/index.css
View File

@ -58,6 +58,7 @@ body {
#formContainer input { #formContainer input {
margin-bottom: 10%; margin-bottom: 10%;
padding: 5%; padding: 5%;
width: 90%;
border: none; border: none;
font-size: 130%; font-size: 130%;
font-family: 'Roboto Slab', sans-serif; font-family: 'Roboto Slab', sans-serif;