-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaccounts.py
157 lines (117 loc) · 4.83 KB
/
accounts.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
import os
import binascii
from pathlib import Path
import json
import scrypt
import psycopg2
from database import config
from secrets import token_urlsafe
from database_connector import DatabaseConnector
class AccountsDatabaseConnector(DatabaseConnector):
def __init__(self):
super().__init__()
self.connection = self.connect()
def connect(self):
self.connection = None
try:
params = config()
# connect to the PostgreSQL server
self.connection = psycopg2.connect(**params)
return self.connection
except (Exception, psycopg2.DatabaseError) as error:
print(error)
return None
def update_last_login(self, account_id):
cursor = self.connection.cursor()
cursor.execute("""UPDATE account SET last_login = NOW()::timestamp WHERE id = %s""", \
(account_id,))
self.connection.commit()
cursor.close()
return True
def get_update_notes(self, account_id):
cursor = self.connection.cursor()
cursor.execute("""SELECT last_login FROM account WHERE id = %s""", \
(account_id,))
last_login = cursor.fetchone()[0]
update_notes = tuple()
if last_login == None:
cursor.execute("""SELECT slug FROM update_notes""")
update_notes = cursor.fetchall()
else:
cursor.execute("""SELECT slug FROM update_notes WHERE date > %s ORDER BY date DESC""", (last_login,))
update_notes = cursor.fetchall()
cursor.close()
return update_notes
def complete_referrals(self, username):
cursor = self.connection.cursor()
cursor.execute("""UPDATE referral SET completed = %s WHERE referee_username = %s""", \
(True, username,))
self.connection.commit()
cursor.close()
return True
def set_pro(self, account_id, pro):
cursor = self.connection.cursor()
cursor.execute("""UPDATE account SET pro = %s WHERE id = %s""", \
(pro, account_id,))
self.connection.commit()
cursor.close()
return True
def get_pro(self, account_id):
cursor = self.connection.cursor()
cursor.execute("""SELECT pro FROM account WHERE id = %s""", \
(account_id,))
pro = cursor.fetchone()[0]
self.connection.commit()
cursor.close()
return pro
def save(self, username, password):
salt = binascii.hexlify(os.urandom(64)).decode()
hashed_password = str(binascii.hexlify(scrypt.hash(password, salt)).decode())
cursor = self.connection.cursor()
user_id = token_urlsafe(8)
cursor.execute("""SELECT username FROM account WHERE id = %s""", \
(user_id,))
while cursor.fetchone() is not None:
user_id = token_urlsafe(8)
cursor.execute("""SELECT username FROM account WHERE id = %s""", \
(user_id,))
cursor.execute("""INSERT INTO account (id, username, display_name, wealth, salt, password) VALUES(%s, %s, %s, %s, %s, %s)""", (user_id, username, username.split('@')[0], 0, salt, hashed_password))
self.connection.commit()
cursor.close()
def update_password(self, username, password):
salt = binascii.hexlify(os.urandom(64)).decode()
hashed_password = str(binascii.hexlify(scrypt.hash(password, salt)).decode())
cursor = self.connection.cursor()
cursor.execute("""UPDATE account SET password = %s, salt = %s WHERE username = %s""", \
(hashed_password, salt, username,))
self.connection.commit()
cursor.close()
return True
def verify(self, username, password):
account = self.get(username)
hashed_password = str(binascii.hexlify(scrypt.hash(password, account[2])).decode())
if hashed_password == account[3]:
return True
else:
return False
def get(self, username):
print("Getting account " + username)
exists = False
account = []
cursor = self.connection.cursor()
cursor.execute("""SELECT id FROM account WHERE username = %(username)s""", {'username': username})
userid_pair = cursor.fetchone()
username_exists = userid_pair is not None
if username_exists:
userid = userid_pair[0]
cursor.execute("""SELECT username, wealth, salt, password FROM account WHERE id = %(id)s""", {'id': userid})
account = cursor.fetchone()
account_exists = account is not None
exists = username_exists and account_exists
cursor.close()
if exists:
return account
return None
def make_token(self):
token = binascii.hexlify(os.urandom(64)).decode()
return token