From 6f48bf541b7b0eeb0c6968ca63125bf73e016643 Mon Sep 17 00:00:00 2001
From: Walter Purcaro <vuolter@users.noreply.github.com>
Date: Tue, 12 May 2015 03:15:13 +0200
Subject: Fix some directory names

---
 pyload/Database/User.py | 93 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 93 insertions(+)
 create mode 100644 pyload/Database/User.py

(limited to 'pyload/Database/User.py')

diff --git a/pyload/Database/User.py b/pyload/Database/User.py
new file mode 100644
index 000000000..dc60ce23a
--- /dev/null
+++ b/pyload/Database/User.py
@@ -0,0 +1,93 @@
+# -*- coding: utf-8 -*-
+# @author: mkaay
+
+from hashlib import sha1
+import random
+
+from pyload.Database import DatabaseBackend, style
+
+
+class UserMethods(object):
+
+
+    @style.queue
+    def checkAuth(db, user, password):
+        c = db.c
+        c.execute('SELECT id, name, password, role, permission, template, email FROM "users" WHERE name=?', (user,))
+        r = c.fetchone()
+        if not r:
+            return {}
+
+        salt = r[2][:5]
+        pw = r[2][5:]
+        h = sha1(salt + password)
+        if h.hexdigest() == pw:
+            return {"id": r[0], "name": r[1], "role": r[3],
+                    "permission": r[4], "template": r[5], "email": r[6]}
+        else:
+            return {}
+
+
+    @style.queue
+    def addUser(db, user, password):
+        salt = reduce(lambda x, y: x + y, [str(random.randint(0, 9)) for _i in xrange(0, 5)])
+        h = sha1(salt + password)
+        password = salt + h.hexdigest()
+
+        c = db.c
+        c.execute('SELECT name FROM users WHERE name=?', (user,))
+        if c.fetchone() is not None:
+            c.execute('UPDATE users SET password=? WHERE name=?', (password, user))
+        else:
+            c.execute('INSERT INTO users (name, password) VALUES (?, ?)', (user, password))
+
+
+    @style.queue
+    def changePassword(db, user, oldpw, newpw):
+        db.c.execute('SELECT id, name, password FROM users WHERE name=?', (user,))
+        r = db.c.fetchone()
+        if not r:
+            return False
+
+        salt = r[2][:5]
+        pw = r[2][5:]
+        h = sha1(salt + oldpw)
+        if h.hexdigest() == pw:
+            salt = reduce(lambda x, y: x + y, [str(random.randint(0, 9)) for _i in xrange(0, 5)])
+            h = sha1(salt + newpw)
+            password = salt + h.hexdigest()
+
+            db.c.execute("UPDATE users SET password=? WHERE name=?", (password, user))
+            return True
+
+        return False
+
+
+    @style.async
+    def setPermission(db, user, perms):
+        db.c.execute("UPDATE users SET permission=? WHERE name=?", (perms, user))
+
+
+    @style.async
+    def setRole(db, user, role):
+        db.c.execute("UPDATE users SET role=? WHERE name=?", (role, user))
+
+
+    @style.queue
+    def listUsers(db):
+        db.c.execute('SELECT name FROM users')
+        return [row[0] for row in db.c]
+
+
+    @style.queue
+    def getAllUserData(db):
+        db.c.execute("SELECT name, permission, role, template, email FROM users")
+        return {r[0]: {"permission": r[1], "role": r[2], "template": r[3], "email": r[4]} for r in db.c}
+
+
+    @style.queue
+    def removeUser(db, user):
+        db.c.execute('DELETE FROM users WHERE name=?', (user,))
+
+
+DatabaseBackend.registerSub(UserMethods)
-- 
cgit v1.2.3