Açıklama Yok

authlib.py 3.0KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687
  1. import hashlib, time, json
  2. from cryptography.fernet import Fernet
  3. from connect import connection, engine, metadata
  4. import sqlalchemy as db
  5. def hash_pass(password):
  6. return hashlib.sha256(password.encode()).hexdigest()
  7. class Auth:
  8. def __init__(self, session, expire=0):
  9. self.session = session
  10. self.id = None
  11. self.email = None
  12. self.fernet = Fernet(b'3UH3USxvBcFITpnVa2gvTUIMO5jbc8jqU_Q1O6SNBLs=')
  13. if session.get("id"):
  14. value = json.loads(self.fernet.decrypt(session["id"]))
  15. self.id = value["id"]
  16. self.email = value["email"]
  17. # Remember to always change
  18. self.expire=expire
  19. def checkAuth(self):
  20. if self.expire and time.time() - self.session["tiempo"] > self.expire:
  21. self.delAuth()
  22. else:
  23. self.session["tiempo"] = time.time()
  24. return self.session.get("gallitosccom")
  25. def setAuth(self, id, email):
  26. self.session["gallitosccom"] = True
  27. self.id = id
  28. self.email = email
  29. # self.session["id"] = id
  30. # self.session["email"] = email
  31. self.session["id"] = self.fernet(json.dumps({"id": id, "email": email}))
  32. if self.expire:
  33. self.session["tiempo"] = time.time()
  34. def delAuth(self):
  35. if self.session.get("gallitosccom"):
  36. self.session.pop("gallitosccom", None)
  37. self.session.pop("id", None)
  38. # self.session.pop("email", None)
  39. def do_login(self, username, password):
  40. password = hash_pass(password)
  41. usuarios = db.Table('usuarios', metadata, autoload=True, autoload_with=engine)
  42. query = db.select([usuarios])
  43. if username.find("@") > 1:
  44. print("email")
  45. query = query.select_from(usuarios).where(usuarios.columns.email == username)
  46. else:
  47. print("username")
  48. query = query.select_from(usuarios).where(usuarios.columns.username == username)
  49. result = connection.execute(query).fetchone()
  50. if result and password == result["password"]:
  51. print(result)
  52. self.setAuth(result["id"], result["email"])
  53. # Añadir feature de last login.
  54. return True
  55. return False
  56. def checkRole(self, tipo):
  57. tables = {"admin": "administracion", "madre": "madres", "enfermera":"enfermeras", "facultad": "facultad", "estudiante": "estudiantes"}
  58. if tipo in tables:
  59. table = tables[tipo]
  60. else:
  61. return False
  62. usuarios = db.Table('usuarios', metadata, autoload=True, autoload_with=engine)
  63. role = db.Table(table, metadata, autoload=True, autoload_with=engine)
  64. query = db.select([usuarios, role])
  65. query = query.select_from(usuarios.join(role, usuarios.columns.id == role.columns.user_id)).where(role.columns.user_id == self.id)
  66. result = connection.execute(query).fetchone()
  67. if result:
  68. return True
  69. return False
  70. def do_logout(self):
  71. self.delAuth()