|
|
05525d |
|
|
|
05525d |
|
|
|
05525d |
import hashlib
|
|
|
05525d |
|
|
|
05525d |
import exception
|
|
|
05525d |
|
|
|
05525d |
|
|
|
05525d |
class User:
|
|
|
05525d |
table = 'users'
|
|
|
05525d |
|
|
|
05525d |
def __init__(self, connection, data):
|
|
|
05525d |
self.connection = connection
|
|
|
05525d |
self.id = data['id']
|
|
|
05525d |
self.login = data['login']
|
|
|
05525d |
self.password = data['password']
|
|
|
05525d |
self.name = data['name']
|
|
|
05525d |
self.email = data['email']
|
|
|
05525d |
|
|
|
05525d |
@staticmethod
|
|
|
05525d |
def query(connection, id):
|
|
|
05525d |
rows = connection.query_dict('SELECT * FROM %T WHERE `id`=%d', table, id)
|
|
|
05525d |
assert len(rows) <= 1
|
|
|
05525d |
return User(connection, rows[0]) if rows else None;
|
|
|
05525d |
|
|
|
05525d |
@staticmethod
|
|
|
05525d |
def query_by_login(connection, login):
|
|
|
05525d |
rows = connection.query_dict('SELECT * FROM %T WHERE `login`=%s', table, login)
|
|
|
05525d |
assert len(rows) <= 1
|
|
|
05525d |
return User(connection, rows[0]) if rows else None;
|
|
|
05525d |
|
|
|
05525d |
@staticmethod
|
|
|
05525d |
def query_list(connection):
|
|
|
05525d |
result = list()
|
|
|
05525d |
with connection.cursor_dict('SELECT * FROM %T ORDER BY `login`', table) as cursor:
|
|
|
05525d |
for row in cursor:
|
|
|
05525d |
result.append(User(connection, cursor))
|
|
|
05525d |
return result
|
|
|
05525d |
|
|
|
05525d |
|
|
|
05525d |
def insert(self, connection):
|
|
|
05525d |
assert not self.id
|
|
|
05525d |
connection.execute(
|
|
|
05525d |
'''INSERT INTO %T SET
|
|
|
05525d |
`login` = %s,
|
|
|
05525d |
`name` = %s,
|
|
|
05525d |
`email` = %s''',
|
|
|
05525d |
table,
|
|
|
05525d |
self.login,
|
|
|
05525d |
self.name,
|
|
|
05525d |
self.email )
|
|
|
05525d |
self.id = self.connection.insert_id()
|
|
|
05525d |
|
|
|
05525d |
def update(self, connection):
|
|
|
05525d |
assert self.id
|
|
|
05525d |
connection.execute(
|
|
|
05525d |
'UPDATE SET %T `name` = %s, `email` = %s WHERE `id` = %d',
|
|
|
05525d |
table, self.name, self.email, self.id )
|
|
|
05525d |
|
|
|
05525d |
@staticmethod
|
|
|
05525d |
def gen_password_hash(salt, id, plain_password):
|
|
|
05525d |
return hashlib.sha512(bytes(str(user_id) + '|' + str(salt) + '|' + password, 'utf8')).hexdigest()
|
|
|
05525d |
|
|
|
05525d |
def password_hash(self, plain_password):
|
|
|
05525d |
assert self.id
|
|
|
05525d |
return gen_password_hash(self.connection.pool.server.salt, self.id, password)
|
|
|
05525d |
|
|
|
05525d |
@staticmethod
|
|
|
05525d |
def resetpassword(connection, id, password):
|
|
|
05525d |
connection.execute(
|
|
|
05525d |
'UPDATE %T SET `password` = %s WHERE `id` = %d',
|
|
|
05525d |
table, password, id )
|
|
|
05525d |
if not connection.request \
|
|
|
05525d |
or not connection.request.session \
|
|
|
05525d |
or connection.request.session.user.id != id:
|
|
|
05525d |
connection.pool.server.remove_session_for_user(id)
|
|
|
05525d |
|
|
|
05525d |
def update_password(self, connection, password = None):
|
|
|
05525d |
assert self.id
|
|
|
05525d |
if not password is None:
|
|
|
05525d |
self.password = password
|
|
|
05525d |
resetpassword(self.connection, self.id, self.password)
|
|
|
05525d |
|
|
|
05525d |
def delete(self, connection):
|
|
|
05525d |
assert self.id
|
|
|
05525d |
connection.execute('DELETE FROM %T WHERE `id`=%d', table, self.id)
|
|
|
05525d |
|
|
|
05525d |
|