andrei/Moona
andrei/Moona
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Изменено сравнение по хешу пароля в функцию check_auth

Browse Source
This commit is contained in:
Andrei 2022-10-20 10:28:10 +05:00
parent 1c4e74c2ca
commit c2fcc6b9d3
2 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
data/users.py
View File

@ -29,8 +29,8 @@ class User(SqlAlchemyBase, UserMixin):
def check_password(self, password): def check_password(self, password):
return check_password_hash(self.password, password) return check_password_hash(self.password, password)
def check_hash_password(self, hash_password): def check_hash_password(self, password):
return True if self.password == hash_password else False return True if password == self.password else False
def set_password(self, password): def set_password(self, password):
self.password = generate_password_hash(password) self.password = generate_password_hash(password)

7
main.py
View File

@ -742,12 +742,13 @@ def check_auth():
session = db_session.create_session() session = db_session.create_session()
user = session.query(User).filter(User.email == email).first() user = session.query(User).filter(User.email == email).first()
if user: if user:
if user.check_password(password) or user.check_hash_password(password): if user.check_password(password) or user.check_hash_password(password):
return make_response(jsonify({ return make_response(jsonify({
'key': '', 'key': open('key.txt', 'r', encoding='utf-8').read(),
'name': user.name, 'name': user.name,
'surname': user.surname, 'surname': user.surname,
'login': user.login 'login': user.login,
'hash': user.password
}), 200) }), 200)
else: else:
return abort(403) return abort(403)