45 lines
1.2 KiB
Python
45 lines
1.2 KiB
Python
import pwd
|
|
import uuid
|
|
|
|
from sqlalchemy import select, insert
|
|
from sqlalchemy.orm import Session
|
|
|
|
from pillar_tool.db.models.user import User
|
|
|
|
from Crypto.Hash import SHA3_256
|
|
from secrets import token_bytes
|
|
|
|
|
|
|
|
|
|
def create_user(db: Session, username: str, password: str) -> None:
|
|
pw_salt = token_bytes(32).hex()
|
|
pw_hash = compute_password_hash(password, pw_salt)
|
|
user_id = uuid.uuid4()
|
|
|
|
db.execute(insert(User).values(id=user_id, username=username, pw_hash=pw_hash, pw_salt=pw_salt))
|
|
|
|
|
|
|
|
def compute_password_hash(password: str, salt: str) -> str:
|
|
full_salted_password = salt + password
|
|
digest = SHA3_256.new(full_salted_password.encode('ascii')).digest()
|
|
digest_output = digest.hex()
|
|
|
|
return digest_output
|
|
|
|
def verify_user(db: Session, user: str, password: str) -> User | None:
|
|
# noinspection PyTypeChecker
|
|
selected_users = db.execute(select(User).where(User.username == user)).fetchall()
|
|
|
|
assert len(selected_users) < 2
|
|
if len(selected_users) == 0:
|
|
return None
|
|
|
|
# get the first user from the result
|
|
user: User = selected_users[0][0]
|
|
pw_hash = compute_password_hash(password, user.pw_salt)
|
|
|
|
if pw_hash == user.pw_hash:
|
|
return user
|
|
return None |