app.models: minor refactor (extract pw auth)
This commit is contained in:
parent
8cfd5e01dc
commit
52d4d2abdb
|
@ -30,6 +30,7 @@ from app.errors import AliasInTrashError
|
|||
from app.extensions import db
|
||||
from app.log import LOG
|
||||
from app.oauth_models import Scope
|
||||
from app.pw_models import PasswordOracle
|
||||
from app.utils import (
|
||||
convert_to_id,
|
||||
random_string,
|
||||
|
@ -183,14 +184,10 @@ class Fido(db.Model, ModelMixin):
|
|||
sign_count = db.Column(db.Integer(), nullable=False)
|
||||
name = db.Column(db.String(128), nullable=False, unique=False)
|
||||
|
||||
|
||||
class User(db.Model, ModelMixin, UserMixin):
|
||||
class User(db.Model, ModelMixin, UserMixin, PasswordOracle):
|
||||
__tablename__ = "users"
|
||||
email = db.Column(db.String(256), unique=True, nullable=False)
|
||||
|
||||
salt = db.Column(db.String(128), nullable=True)
|
||||
password = db.Column(db.String(128), nullable=True)
|
||||
|
||||
name = db.Column(db.String(128), nullable=True)
|
||||
is_admin = db.Column(db.Boolean, nullable=False, default=False)
|
||||
alias_generator = db.Column(
|
||||
|
@ -522,18 +519,6 @@ class User(db.Model, ModelMixin, UserMixin):
|
|||
else:
|
||||
return Alias.filter_by(user_id=self.id).count() < MAX_NB_EMAIL_FREE_PLAN
|
||||
|
||||
def set_password(self, password):
|
||||
salt = bcrypt.gensalt()
|
||||
password_hash = bcrypt.hashpw(password.encode(), salt).decode()
|
||||
self.salt = salt.decode()
|
||||
self.password = password_hash
|
||||
|
||||
def check_password(self, password) -> bool:
|
||||
if not self.password:
|
||||
return False
|
||||
password_hash = bcrypt.hashpw(password.encode(), self.salt.encode())
|
||||
return self.password.encode() == password_hash
|
||||
|
||||
def profile_picture_url(self):
|
||||
if self.profile_picture_id:
|
||||
return self.profile_picture.get_url()
|
||||
|
|
|
@ -0,0 +1,20 @@
|
|||
import bcrypt
|
||||
|
||||
from app.extensions import db
|
||||
|
||||
|
||||
class PasswordOracle:
|
||||
salt = db.Column(db.String(128), nullable=True)
|
||||
password = db.Column(db.String(128), nullable=True)
|
||||
|
||||
def set_password(self, password):
|
||||
salt = bcrypt.gensalt()
|
||||
password_hash = bcrypt.hashpw(password.encode(), salt).decode()
|
||||
self.salt = salt.decode()
|
||||
self.password = password_hash
|
||||
|
||||
def check_password(self, password) -> bool:
|
||||
if not self.password:
|
||||
return False
|
||||
password_hash = bcrypt.hashpw(password.encode(), self.salt.encode())
|
||||
return self.password.encode() == password_hash
|
Loading…
Reference in New Issue