! was not in original dreamtown !
This commit is contained in:
parent
26f5bd6976
commit
173a493897
65
DreamTown/cgi-bin/auth/5555/changePassword
Normal file
65
DreamTown/cgi-bin/auth/5555/changePassword
Normal file
|
@ -0,0 +1,65 @@
|
|||
#!/usr/bin/python3
|
||||
from dreamtown_config import *
|
||||
import sys
|
||||
import binascii
|
||||
import os
|
||||
import json
|
||||
import sqlite3
|
||||
import hashlib
|
||||
|
||||
print("Content-Type: application/json")
|
||||
print("")
|
||||
method = os.environ["REQUEST_METHOD"]
|
||||
if method != "POST":
|
||||
print("Expected POST")
|
||||
os._exit()
|
||||
|
||||
|
||||
content_len = int(os.environ["CONTENT_LENGTH"])
|
||||
post = sys.stdin.read(content_len)
|
||||
jsonData = json.loads(post)
|
||||
result = {"status":SUCCESS}
|
||||
|
||||
|
||||
def TryLogin():
|
||||
username = jsonData['name'].lower()
|
||||
old_password = jsonData['old_password']
|
||||
new_password = jsonData['new_password']
|
||||
|
||||
#Check User Exists
|
||||
c = db.cursor()
|
||||
cur = c.execute('SELECT COUNT(1) from users WHERE Name=?',(username,))
|
||||
rows = cur.fetchone()
|
||||
count = rows[0]
|
||||
|
||||
if count == 0:
|
||||
result['status'] = USER_DOES_NOT_EXIST
|
||||
return 0
|
||||
#Check Password
|
||||
cur = c.execute('SELECT PassHash,Salt from users WHERE Name= ?',(username,))
|
||||
|
||||
rows = cur.fetchone()
|
||||
|
||||
PassHash = rows[0]
|
||||
Salt = rows[1]
|
||||
|
||||
SaltedHash = pass_salt_algo(old_password,Salt)
|
||||
if SaltedHash != PassHash:
|
||||
result['status'] = INVALID_PASSWORD
|
||||
return 0
|
||||
|
||||
NewSaltedHash = pass_salt_algo(new_password,Salt)
|
||||
|
||||
#Update password
|
||||
result['status'] = SUCCESS
|
||||
c.execute('UPDATE users SET PassHash=? WHERE Name=?',(NewSaltedHash,username))
|
||||
c.execute('UPDATE users SET LastSession=NULL WHERE Name=?',(username,))
|
||||
|
||||
db = sqlite3.connect(SQLLITE_DB_PATH)
|
||||
TryLogin()
|
||||
db.commit()
|
||||
db.close()
|
||||
print(json.dumps(result))
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user