Domovská stránka Prehľadávať Pomoc
Prihlásiť sa
raylu
/
sysvitals
1
0
Fork 0
Súbory Issues 0 Pull requesty 0 Wiki
Strom: f5e65da8b2
Branche Tagy
sysvitals
/
web
/
db.py

db.py 1.9 KB
História Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162 
  1. import hashlib
    2. 

  2. import hmac
    3. 

  3. import binascii
    4. 

  4. import os
    5. 

  5. 

  6. import tornado.gen
    7. 

  7. import psycopg2
    8. 

  8. import momoko
    9. 

  9. 

  10. import config
    11. 

  11. 

  12. def hash_pw(password, salt=None):
    13. 

  13. 	if salt is None:
    14. 

  14. 		salt = os.urandom(16)
    15. 

  15. 	h = hmac.new(salt, password.encode('utf-8'), hashlib.sha256)
    16. 

  16. 	hashed = h.hexdigest()
    17. 

  17. 	salt_hex = binascii.hexlify(salt).decode()
    18. 

  18. 	return hashed, salt_hex
    19. 

  19. 

  20. class MomokoDB:
    21. 

  21. 	db = momoko.Pool(dsn='dbname=%s user=%s' % (config.db.database, config.db.user), size=2)
    22. 

  22. 

  23. 	@tornado.gen.coroutine
    24. 

  24. 	def execute(self, query, *args):
    25. 

  25. 		result = yield momoko.Op(self.db.execute, query, args, cursor_factory=psycopg2.extras.DictCursor)
    26. 

  26. 		return result
    27. 

  27. 

  28. 	@tornado.gen.coroutine
    29. 

  29. 	def create_user(self, username, password):
    30. 

  30. 		hashed_password, salt = hash_pw(password)
    31. 

  31. 		query = 'INSERT INTO users (username, password, salt) VALUES (%s, %s, %s) RETURNING id;'
    32. 

  32. 		cursor = yield self.execute(query, username, hashed_password, salt)
    33. 

  33. 		return cursor.fetchone()['id']
    34. 

  34. 

  35. 	@tornado.gen.coroutine
    36. 

  36. 	def check_user(self, username, password):
    37. 

  37. 		query = 'SELECT id, username, password, salt FROM users WHERE username=%s;'
    38. 

  38. 		cursor = yield self.execute(query, username)
    39. 

  39. 		user = cursor.fetchone()
    40. 

  40. 		if not user:
    41. 

  41. 			return
    42. 

  42. 		salt = binascii.unhexlify(bytes(user['salt'], 'ascii'))
    43. 

  43. 		hashed, _ = hash_pw(password, salt)
    44. 

  44. 		if hashed == user['password']:
    45. 

  45. 			return user
    46. 

  46. 

  47. 	@tornado.gen.coroutine
    48. 

  48. 	def create_group(self, user_id, group_name):
    49. 

  49. 		cursor = yield self.execute('INSERT INTO groups (name) VALUES(%s) RETURNING id;', group_name)
    50. 

  50. 		group_id = cursor.fetchone()['id']
    51. 

  51. 		yield self.execute('INSERT INTO user_groups (user_id, group_id) VALUES(%s, %s);', user_id, group_id)
    52. 

  52. 		return group_id
    53. 

  53. 

  54. 	@tornado.gen.coroutine
    55. 

  55. 	def get_groups(self, user_id):
    56. 

  56. 		cursor = yield self.execute('''
    57. 

  57. 			SELECT groups.id, groups.name FROM users
    58. 

  58. 			JOIN user_groups ON users.id = user_groups.user_id
    59. 

  59. 			JOIN groups ON user_groups.group_id = groups.id
    60. 

  60. 			WHERE users.id = %s;
    61. 

  61. 		''', user_id)
    62. 

  62. 		return cursor.fetchall()
    63.