API tools faq
paste
Guest User

Untitled

a guest
Jul 22nd, 2018
323
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.15 KB | None | 0 0
raw download clone embed print report
  1. from xpcom import components, verbose
  2. from sqlite3 import dbapi2 as sqlite
  3. import hashlib, os, sys, tarfile, urllib
  4.  
  5. class splash_2_py:
  6. _com_interfaces_ = components.interfaces.nsISplash
  7. _reg_clsid_ = "{C93B60BC-CD5A-4C8E-8876-61B16CAD86C6}"
  8. _reg_contractid_ = "@emporos.net/nsISplash;1"
  9.  
  10. """
  11. This file holds all the required python functions and settings for the opening splash screen for
  12. the Emporos POS system.
  13. """
  14.  
  15. def __init__(self):
  16. """
  17. Build run time properties.
  18. """
  19. self.db_file = ""
  20. self.conn = False
  21. self.cur = False
  22.  
  23. # AUTH FAIL RESPONSES
  24. self.AUTH_ERROR_NO_DATABASE = -10 # Username not found
  25. self.AUTH_ERROR_INVALID_USERNAME = -11 # Username not found
  26. self.AUTH_ERROR_USER_IS_LOCKED = -12 # User alread locked
  27. self.AUTH_ERROR_USER_JUST_LOCKED = -13 # User locked after this attempt to login
  28. self.AUTH_ERROR_AUTH_FAILED = -14 # User locked after this attempt to login
  29.  
  30. def auth_user(self, username, password):
  31. """
  32. Description:
  33. Authenticate a user's credentials. On success update the Whoami table's user_id with
  34. returned user_id and return the user_id. If the Otherwise update the Whoami table's user_id to 0 and
  35. return False.
  36.  
  37. Params:
  38. String username
  39. String password
  40.  
  41. Return:
  42. Boolean Return user id or error number.
  43. """
  44.  
  45. # Make sure we have a DB connection
  46. if self.cur:
  47.  
  48. user_id = False
  49.  
  50. user_lock_sql = "SELECT fail_count, is_locked FROM Users WHERE username =?"
  51. self.cur.execute(user_lock_sql, (username,))
  52. user_lock = self.cur.fetchone()
  53.  
  54. if user_lock:
  55. if user_lock[1] == 1:
  56. return self.AUTH_ERROR_USER_IS_LOCKED
  57.  
  58. if user_lock[0] >= 5:
  59. lock_user_sql = "UPDATE Users SET is_locked = '1' WHERE username =?"
  60. self.cur.execute(lock_user_sql,(username,))
  61. self.conn.commit()
  62.  
  63. return self.AUTH_ERROR_USER_JUST_LOCKED
  64.  
  65. else:
  66. return self.AUTH_ERROR_INVALID_USERNAME
  67.  
  68. # Validate user against DB
  69. auth_user_sql = "SELECT id FROM Users WHERE username =? AND password =?"
  70. self.cur.execute(auth_user_sql, (username, hashlib.md5(password).hexdigest()))
  71. user = self.cur.fetchone()
  72.  
  73. if user:
  74. user_id = int(user[0])
  75.  
  76. update_whoami_sql = "UPDATE Whoami SET user_id =?"
  77. self.cur.execute(update_whoami_sql,(user_id,))
  78. self.conn.commit()
  79.  
  80. if user_id:
  81. return user_id
  82.  
  83. add_fail_count_sql = "UPDATE Users SET fail_count = fail_count + 1 WHERE username =?"
  84. self.cur.execute(add_fail_count_sql,(username,))
  85. self.conn.commit()
  86.  
  87. return self.AUTH_ERROR_AUTH_FAILED
  88.  
  89. print "Auth User Error: No database"
  90.  
  91. return self.AUTH_ERROR_NO_DATABASE
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!