diff options
author | Walter Purcaro <vuolter@gmail.com> | 2015-02-16 21:59:10 +0100 |
---|---|---|
committer | Walter Purcaro <vuolter@gmail.com> | 2015-02-16 21:59:10 +0100 |
commit | 8e7d14bae4d3c836f029a1235eb227380acc3f75 (patch) | |
tree | ebd0679642cccb994e70a89a106b394189cb28bc /pyload/database/User.py | |
parent | Merge branch 'stable' into 0.4.10 (diff) | |
download | pyload-8e7d14bae4d3c836f029a1235eb227380acc3f75.tar.xz |
Fix plugins to work on 0.4.10
Diffstat (limited to 'pyload/database/User.py')
-rw-r--r-- | pyload/database/User.py | 93 |
1 files changed, 93 insertions, 0 deletions
diff --git a/pyload/database/User.py b/pyload/database/User.py new file mode 100644 index 000000000..67cb62ab9 --- /dev/null +++ b/pyload/database/User.py @@ -0,0 +1,93 @@ +# -*- coding: utf-8 -*- +# @author: mkaay + +from hashlib import sha1 +import random + +from pyload.database.DatabaseBackend import DatabaseBackend +from pyload.database.DatabaseBackend import style + +class UserMethods(object): + @style.queue + def checkAuth(db, user, password): + c = db.c + c.execute('SELECT id, name, password, role, permission, template, email FROM "users" WHERE name=?', (user,)) + r = c.fetchone() + if not r: + return {} + + salt = r[2][:5] + pw = r[2][5:] + h = sha1(salt + password) + if h.hexdigest() == pw: + return {"id": r[0], "name": r[1], "role": r[3], + "permission": r[4], "template": r[5], "email": r[6]} + else: + return {} + + @style.queue + def addUser(db, user, password): + salt = reduce(lambda x, y: x + y, [str(random.randint(0, 9)) for i in range(0, 5)]) + h = sha1(salt + password) + password = salt + h.hexdigest() + + c = db.c + c.execute('SELECT name FROM users WHERE name=?', (user,)) + if c.fetchone() is not None: + c.execute('UPDATE users SET password=? WHERE name=?', (password, user)) + else: + c.execute('INSERT INTO users (name, password) VALUES (?, ?)', (user, password)) + + + @style.queue + def changePassword(db, user, oldpw, newpw): + db.c.execute('SELECT id, name, password FROM users WHERE name=?', (user,)) + r = db.c.fetchone() + if not r: + return False + + salt = r[2][:5] + pw = r[2][5:] + h = sha1(salt + oldpw) + if h.hexdigest() == pw: + salt = reduce(lambda x, y: x + y, [str(random.randint(0, 9)) for i in range(0, 5)]) + h = sha1(salt + newpw) + password = salt + h.hexdigest() + + db.c.execute("UPDATE users SET password=? WHERE name=?", (password, user)) + return True + + return False + + + @style.async + def setPermission(db, user, perms): + db.c.execute("UPDATE users SET permission=? WHERE name=?", (perms, user)) + + @style.async + def setRole(db, user, role): + db.c.execute("UPDATE users SET role=? WHERE name=?", (role, user)) + + + @style.queue + def listUsers(db): + db.c.execute('SELECT name FROM users') + users = [] + for row in db.c: + users.append(row[0]) + return users + + @style.queue + def getAllUserData(db): + db.c.execute("SELECT name, permission, role, template, email FROM users") + user = {} + for r in db.c: + user[r[0]] = {"permission": r[1], "role": r[2], "template": r[3], "email": r[4]} + + return user + + @style.queue + def removeUser(db, user): + db.c.execute('DELETE FROM users WHERE name=?', (user,)) + +DatabaseBackend.registerSub(UserMethods) |