forked from sh-edraft.de/sh_discord_bot
Secured password handling #70
This commit is contained in:
@@ -23,12 +23,13 @@ class ApiMigration(MigrationABC):
|
||||
`LastName` VARCHAR(255),
|
||||
`EMail` VARCHAR(255),
|
||||
`Password` VARCHAR(255),
|
||||
`PasswordSalt` VARCHAR(255),
|
||||
`RefreshToken` VARCHAR(255),
|
||||
`ConfirmationId` VARCHAR(255) DEFAULT NULL,
|
||||
`ForgotPasswordId` VARCHAR(255) DEFAULT NULL,
|
||||
`RefreshTokenExpiryTime` DATETIME(6) NOT NULL,
|
||||
`AuthRole` INT NOT NULL DEFAULT '0',
|
||||
`UserId` BIGINT NOT NULL DEFAULT '0',
|
||||
`UserId` BIGINT DEFAULT NULL,
|
||||
`CreatedOn` DATETIME(6) NOT NULL,
|
||||
`LastModifiedOn` DATETIME(6) NOT NULL,
|
||||
PRIMARY KEY(`Id`),
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
import uuid
|
||||
from datetime import datetime
|
||||
from typing import Optional
|
||||
from cpl_core.database import TableABC
|
||||
@@ -14,6 +15,7 @@ class AuthUser(TableABC):
|
||||
last_name: str,
|
||||
email: str,
|
||||
password: str,
|
||||
password_salt: Optional[str],
|
||||
refresh_token: Optional[str],
|
||||
confirmation_id: Optional[str],
|
||||
forgot_password_id: Optional[str],
|
||||
@@ -29,6 +31,7 @@ class AuthUser(TableABC):
|
||||
self._last_name = last_name
|
||||
self._email = email
|
||||
self._password = password
|
||||
self._password_salt = uuid.uuid4() if password_salt is None else password_salt
|
||||
self._refresh_token = refresh_token
|
||||
self._confirmation_id = confirmation_id
|
||||
self._forgot_password_id = forgot_password_id
|
||||
@@ -77,6 +80,14 @@ class AuthUser(TableABC):
|
||||
def password(self, value: str):
|
||||
self._password = value
|
||||
|
||||
@property
|
||||
def password_salt(self) -> str:
|
||||
return self._password_salt
|
||||
|
||||
@password_salt.setter
|
||||
def password_salt(self, value: str):
|
||||
self._password_salt = value
|
||||
|
||||
@property
|
||||
def refresh_token(self) -> Optional[str]:
|
||||
return self._refresh_token
|
||||
@@ -168,6 +179,7 @@ class AuthUser(TableABC):
|
||||
`LastName`,
|
||||
`EMail`,
|
||||
`Password`,
|
||||
`PasswordSalt`,
|
||||
`RefreshToken`,
|
||||
`ConfirmationId`,
|
||||
`ForgotPasswordId`,
|
||||
@@ -182,12 +194,13 @@ class AuthUser(TableABC):
|
||||
'{self._last_name}',
|
||||
'{self._email}',
|
||||
'{self._password}',
|
||||
'{self._refresh_token}',
|
||||
'{self._password_salt}',
|
||||
'{"NULL" if self._refresh_token is None else self._refresh_token}',
|
||||
'{"NULL" if self._confirmation_id is None else self._confirmation_id}',
|
||||
'{"NULL" if self._forgot_password_id is None else self._forgot_password_id}',
|
||||
'{self._refresh_token_expire_time}',
|
||||
{self._auth_role_id.value},
|
||||
{"NULL" if self._user_id is None else self._user_id}
|
||||
{"NULL" if self._user_id is None else self._user_id},
|
||||
'{self._created_at}',
|
||||
'{self._modified_at}'
|
||||
)
|
||||
@@ -201,6 +214,7 @@ class AuthUser(TableABC):
|
||||
`LastName` = '{self._last_name}',
|
||||
`EMail` = '{self._email}',
|
||||
`Password` = '{self._password}',
|
||||
`PasswordSalt` = '{self._password_salt}',
|
||||
`RefreshToken` = '{self._refresh_token}',
|
||||
`ConfirmationId` = '{"NULL" if self._confirmation_id is None else self._confirmation_id}',
|
||||
`ForgotPasswordId` = '{"NULL" if self._forgot_password_id is None else self._forgot_password_id}',
|
||||
|
||||
@@ -36,8 +36,9 @@ class AuthUserRepositoryService(AuthUserRepositoryABC):
|
||||
self._get_value_from_result(result[6]),
|
||||
self._get_value_from_result(result[7]),
|
||||
self._get_value_from_result(result[8]),
|
||||
AuthRoleEnum(self._get_value_from_result(result[9])),
|
||||
self._get_value_from_result(result[10]),
|
||||
self._get_value_from_result(result[9]),
|
||||
AuthRoleEnum(self._get_value_from_result(result[10])),
|
||||
self._get_value_from_result(result[11]),
|
||||
id=self._get_value_from_result(result[0])
|
||||
)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user