Commit a1b9de76d1089cfc325f300201ba4b4db226f14c
1 parent
41d56522
Exists in
master
and in
1 other branch
change password is now async
Showing
2 changed files
with
10 additions
and
4 deletions
Show diff stats
learnapp.py
| @@ -35,6 +35,8 @@ async def check_password(try_pw, password): | @@ -35,6 +35,8 @@ async def check_password(try_pw, password): | ||
| 35 | hashed_pw = await loop.run_in_executor(None, bcrypt.hashpw, try_pw, password) | 35 | hashed_pw = await loop.run_in_executor(None, bcrypt.hashpw, try_pw, password) |
| 36 | return password == hashed_pw | 36 | return password == hashed_pw |
| 37 | 37 | ||
| 38 | +def bcrypt_hash_gen(pw): | ||
| 39 | + return bcrypt.hashpw(pw.encode('utf-8'), bcrypt.gensalt()) | ||
| 38 | 40 | ||
| 39 | # ============================================================================ | 41 | # ============================================================================ |
| 40 | # LearnApp - application logic | 42 | # LearnApp - application logic |
| @@ -124,13 +126,16 @@ class LearnApp(object): | @@ -124,13 +126,16 @@ class LearnApp(object): | ||
| 124 | # ------------------------------------------------------------------------ | 126 | # ------------------------------------------------------------------------ |
| 125 | # change_password | 127 | # change_password |
| 126 | # ------------------------------------------------------------------------ | 128 | # ------------------------------------------------------------------------ |
| 127 | - def change_password(self, uid, pw): | 129 | + async def change_password(self, uid, pw): |
| 128 | if not pw: | 130 | if not pw: |
| 129 | return False | 131 | return False |
| 130 | 132 | ||
| 133 | + loop = asyncio.get_running_loop() | ||
| 134 | + pw = await loop.run_in_executor(None, bcrypt_hash_gen, pw) | ||
| 135 | + | ||
| 131 | with self.db_session() as s: | 136 | with self.db_session() as s: |
| 132 | u = s.query(Student).get(uid) | 137 | u = s.query(Student).get(uid) |
| 133 | - u.password = bcrypt.hashpw(pw.encode('utf-8'), bcrypt.gensalt()) | 138 | + u.password = pw |
| 134 | 139 | ||
| 135 | logger.info(f'User "{uid}" changed password') | 140 | logger.info(f'User "{uid}" changed password') |
| 136 | return True | 141 | return True |
serve.py
| @@ -114,11 +114,12 @@ class LogoutHandler(BaseHandler): | @@ -114,11 +114,12 @@ class LogoutHandler(BaseHandler): | ||
| 114 | # ---------------------------------------------------------------------------- | 114 | # ---------------------------------------------------------------------------- |
| 115 | class ChangePasswordHandler(BaseHandler): | 115 | class ChangePasswordHandler(BaseHandler): |
| 116 | @tornado.web.authenticated | 116 | @tornado.web.authenticated |
| 117 | - def post(self): | 117 | + async def post(self): |
| 118 | uid = self.current_user | 118 | uid = self.current_user |
| 119 | pw = self.get_body_arguments('new_password')[0] | 119 | pw = self.get_body_arguments('new_password')[0] |
| 120 | 120 | ||
| 121 | - if self.learn.change_password(uid, pw): | 121 | + changed_ok = await self.learn.change_password(uid, pw) |
| 122 | + if changed_ok: | ||
| 122 | notification = tornado.escape.to_unicode(self.render_string('notification.html', type='success', msg='A password foi alterada!')) | 123 | notification = tornado.escape.to_unicode(self.render_string('notification.html', type='success', msg='A password foi alterada!')) |
| 123 | else: | 124 | else: |
| 124 | notification = tornado.escape.to_unicode(self.render_string('notification.html', type='danger', msg='A password não foi alterada!')) | 125 | notification = tornado.escape.to_unicode(self.render_string('notification.html', type='danger', msg='A password não foi alterada!')) |