From d5b6a4ea27f8c905e613363aab365066ad6d9cda Mon Sep 17 00:00:00 2001
From: Jules Laplace <julescarbon@gmail.com>
Date: Fri, 5 Mar 2021 18:08:17 +0100
Subject: auth stuff. generate secret and create user from the cli

---
 animism-align/cli/app/utils/auth_utils.py | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 animism-align/cli/app/utils/auth_utils.py

(limited to 'animism-align/cli/app/utils/auth_utils.py')

diff --git a/animism-align/cli/app/utils/auth_utils.py b/animism-align/cli/app/utils/auth_utils.py
new file mode 100644
index 0000000..71974e3
--- /dev/null
+++ b/animism-align/cli/app/utils/auth_utils.py
@@ -0,0 +1,31 @@
+from flask_jwt import JWT
+
+import hmac
+import hashlib
+from app.settings import app_cfg
+
+from app.sql.common import db, Session, User
+
+def encrypt_password(cleartext):
+  clearbytes = bytearray()
+  clearbytes.extend(map(ord, cleartext))
+  return hmac.new(app_cfg.TOKEN_SECRET_BYTES, clearbytes, hashlib.sha256).hexdigest()
+
+def authenticate(username, password):
+  session = Session()
+  password = encrypt_password(password)
+  user = session.query(User).filter(User.username == username).first()
+  session.close()
+  if user and hmac.compare_digest(user.password.encode('utf-8'), password.encode('utf-8')):
+    return user
+  return None
+
+def identity(payload):
+  session = Session()
+  user_id = payload['identity']
+  user = session.query(User).get(user_id)
+  session.close()
+  return user
+
+def setup_jwt(app):
+  return JWT(app, authenticate, identity)
-- 
cgit v1.2.3-70-g09d2