Added change password functionality
This commit is contained in:
parent
6acada7c75
commit
23cd68556e
39
binbin.py
39
binbin.py
@ -106,7 +106,7 @@ def mydrives():
|
|||||||
|
|
||||||
for drive in shared:
|
for drive in shared:
|
||||||
drive_info = {
|
drive_info = {
|
||||||
'_id': str(drive['_id']),
|
'_id': str(drive['_id']),
|
||||||
'name': drive['name'],
|
'name': drive['name'],
|
||||||
'size': drive['size']
|
'size': drive['size']
|
||||||
}
|
}
|
||||||
@ -199,6 +199,24 @@ def download(uuid):
|
|||||||
conditional=True)
|
conditional=True)
|
||||||
|
|
||||||
|
|
||||||
|
@app.route('/changepass', methods=['POST'])
|
||||||
|
def changepass():
|
||||||
|
## FIX LATER
|
||||||
|
check = verify_data('changepass', request.form, session)
|
||||||
|
if not check[0]: return check[1], 400
|
||||||
|
form = check[1]
|
||||||
|
|
||||||
|
salt = uuid.uuid4().hex
|
||||||
|
to_hash = (form['password'] + salt).encode('utf-8')
|
||||||
|
USERS.update_one({'username': form['username']},
|
||||||
|
{'$set': {
|
||||||
|
'password': hashlib.sha512(to_hash).digest(),
|
||||||
|
'salt': salt
|
||||||
|
}
|
||||||
|
})
|
||||||
|
return 'Operation completed'
|
||||||
|
|
||||||
|
|
||||||
@app.route('/users/<method>', methods=['POST'])
|
@app.route('/users/<method>', methods=['POST'])
|
||||||
def users(method):
|
def users(method):
|
||||||
if 'username' not in session:
|
if 'username' not in session:
|
||||||
@ -217,11 +235,11 @@ def users(method):
|
|||||||
'username': form['username'],
|
'username': form['username'],
|
||||||
'password': hashlib.sha512(to_hash).digest(),
|
'password': hashlib.sha512(to_hash).digest(),
|
||||||
'salt': salt,
|
'salt': salt,
|
||||||
'perm_level': 1
|
|
||||||
})
|
})
|
||||||
|
|
||||||
create_drive('virtual', user.inserted_id)
|
create_drive('virtual', user.inserted_id)
|
||||||
|
|
||||||
|
|
||||||
elif method == 'delete':
|
elif method == 'delete':
|
||||||
check = verify_data('users.delete', request.form, session)
|
check = verify_data('users.delete', request.form, session)
|
||||||
if not check[0]: return check[1], 400
|
if not check[0]: return check[1], 400
|
||||||
@ -232,6 +250,7 @@ def users(method):
|
|||||||
pass
|
pass
|
||||||
return 'Operation completed'
|
return 'Operation completed'
|
||||||
|
|
||||||
|
|
||||||
@app.route('/drive/<drive_id>/<path:path>')
|
@app.route('/drive/<drive_id>/<path:path>')
|
||||||
def drive_path():
|
def drive_path():
|
||||||
pass
|
pass
|
||||||
@ -382,6 +401,7 @@ def verify_data(method, form, sess):
|
|||||||
'data': 'malformed data',
|
'data': 'malformed data',
|
||||||
'permission': 'insufficient permissions',
|
'permission': 'insufficient permissions',
|
||||||
'userexists': 'username already in use',
|
'userexists': 'username already in use',
|
||||||
|
'usernotexist': 'user does not exist',
|
||||||
'driveperm': 'the drive is not shared with you',
|
'driveperm': 'the drive is not shared with you',
|
||||||
'pathinvalid': 'not a valid path'
|
'pathinvalid': 'not a valid path'
|
||||||
}
|
}
|
||||||
@ -401,7 +421,6 @@ def verify_data(method, form, sess):
|
|||||||
except KeyError:
|
except KeyError:
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
elif method == 'users.delete':
|
elif method == 'users.delete':
|
||||||
has_items = exists(data, ['username'])
|
has_items = exists(data, ['username'])
|
||||||
if not has_items: errors.append('data')
|
if not has_items: errors.append('data')
|
||||||
@ -414,6 +433,19 @@ def verify_data(method, form, sess):
|
|||||||
elif method == 'users.modify':
|
elif method == 'users.modify':
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
elif method == 'changepass':
|
||||||
|
### REIMPLEMENT LATER
|
||||||
|
has_items = exists(data, ['username', 'password'])
|
||||||
|
if not has_items: errors.append('data')
|
||||||
|
|
||||||
|
sanitize(data)
|
||||||
|
|
||||||
|
try:
|
||||||
|
if USERS.find_one({'username': data['username']}) == None:
|
||||||
|
errors.append('usernotexist')
|
||||||
|
except KeyError:
|
||||||
|
pass
|
||||||
|
|
||||||
elif method == 'files':
|
elif method == 'files':
|
||||||
has_items = exists(data, ['drive_id', 'path'])
|
has_items = exists(data, ['drive_id', 'path'])
|
||||||
if not has_items: errors.append('data')
|
if not has_items: errors.append('data')
|
||||||
@ -454,7 +486,6 @@ def verify_data(method, form, sess):
|
|||||||
# For virtual drives, the path is just the user request.
|
# For virtual drives, the path is just the user request.
|
||||||
|
|
||||||
data['drive'] = drive
|
data['drive'] = drive
|
||||||
|
|
||||||
else:
|
else:
|
||||||
raise Exception('Invalid data verification method.')
|
raise Exception('Invalid data verification method.')
|
||||||
|
|
||||||
|
|||||||
@ -58,6 +58,7 @@ body {
|
|||||||
#formContainer input {
|
#formContainer input {
|
||||||
margin-bottom: 10%;
|
margin-bottom: 10%;
|
||||||
padding: 5%;
|
padding: 5%;
|
||||||
|
width: 90%;
|
||||||
border: none;
|
border: none;
|
||||||
font-size: 130%;
|
font-size: 130%;
|
||||||
font-family: 'Roboto Slab', sans-serif;
|
font-family: 'Roboto Slab', sans-serif;
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user