-
Notifications
You must be signed in to change notification settings - Fork 1
/
user.py
69 lines (56 loc) · 1.73 KB
/
user.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
import os
import re
import codecs
import random
import string
import webapp2
import jinja2
import hashlib
import hmac
#random string for hash secret
SECRET = "thisissupersecret"
from google.appengine.ext import ndb
USER_RE = re.compile(r"^[a-zA-Z0-9_-]{3,20}$") # valid user
PWD_RE = re.compile(r"^.{3,20}$") # valid password
EMAIL_RE = re.compile(r"^[\S]+@[\S]+.[\S]+$") # valid email
def valid_username(username):
"""Checks if username is valid"""
return USER_RE.match(username)
def valid_password(password):
"""Checks if password is valid"""
return PWD_RE.match(password)
def valid_email(email):
"""Checks if email is valid"""
return EMAIL_RE.match(email)
def hash_str(s):
"""HMAC Hash"""
return hmac.new(SECRET, s).hexdigest()
def make_secure_val(s):
"""Makes a secure value w/ hash"""
return "%s|%s" % (s, hash_str(s))
def check_secure_val(h):
"""Checks if h is a valid"""
val = h.split('|')[0]
if h == make_secure_val(val):
return val
def make_salt():
"""Makes a salt for hashing"""
return ''.join(random.choice(string.letters) for x in xrange(5))
def make_pw_hash(name, pw, salt = None):
"""Hash password"""
if not salt:
salt = make_salt()
h = hashlib.sha256(name + pw + salt).hexdigest()
return '%s,%s' % (h, salt)
def valid_pw(name, pw, h):
"""Deciphers password hash and checks for validity"""
salt = h.split(',')[1]
return h == make_pw_hash(name, pw, salt)
def users_key(group = 'default'):
"""Defines a User key"""
return ndb.Key('users', group)
class User(ndb.Model):
"""Contains user info"""
username = ndb.StringProperty(required = True)
pwd_hash = ndb.StringProperty(required = True)
email = ndb.StringProperty()