correção dos formulários e adição da encryptação da senha para um hash

Adley
1 parent 1b24ecdc
Showing 5 changed files with 41 additions and 36 deletions Show diff stats
wscacicneo/model/reports.py
wscacicneo/templates/cadastro_coleta.pt
wscacicneo/templates/editaruser.pt
wscacicneo/utils/utils.py
wscacicneo/views.py
@@ -20,14 +20,15 @@ log = logging.getLogger()
  
 class Reports():
  
-    def __init__(self, nm_base, rest_url=None):
+    def __init__(self, nm_base, rest_url=None, response_object=True):
+        self.base_nm = nm_base
         if rest_url is None:
             self.rest_url = config.REST_URL
         else:
             self.rest_url = rest_url
         self.coleta_manual_base = coleta_manual.ColetaManualBase(nm_base, self.rest_url)
         self.base = self.coleta_manual_base.lbbase
-        self.documentrest = DocumentREST(self.rest_url, self.base, response_object=True)
+        self.documentrest = DocumentREST(self.rest_url, self.base, response_object)
  
  
     def get_base_orgao(self):
@@ -51,20 +52,19 @@ class Reports():
  
         return conv.document2dict(coleta_base.lbbase, self)
  
-    def coleta_to_json(self):
+    def coleta_to_json(self, document):
         """
         Convert object to json
         :return:
         """
  
-        return conv.document2json(nm_base.lbbase, self)
+        return conv.document2json(document.lbbase, self)
  
     def create_coleta(self, document):
         """
         Insere dados de coleta
         """
         result = self.documentrest.create(document)
-
         return result
  
     def update_coleta(self,id, document):
@@ -15,13 +15,8 @@
     </div>
     <div class="form-group">
       <label class="col-lg-2 control-label">Data da Coleta:</label>
-      <div class="col-lg-5">
-         <div id="datetimepicker1" class="input-append input-group dtpicker">
-          <input data-format="dd-MM-yyyy" type="text" id="data_coleta" class="form-control">
-          <span class="input-group-addon add-on">
-            <i data-time-icon="fa fa-times" data-date-icon="fa fa-calendar"></i>
-          </span>
-        </div>
+      <div class="col-lg-2">
+        <input type="date" id="data_coleta" class="form-control" >
       </div>
     </div>
     <br/>
@@ -59,12 +59,12 @@
                 <div class="form-group">
                     <label class="col-lg-2 control-label">Senha</label>
                         <div class="col-lg-5">
-                        <input type="text" id="senha" class="form-control" placeholder="Informe novamente sua senha">
+                        <input type="password" id="senha" class="form-control" placeholder="Informe novamente sua senha">
                     </div>
                 </div><div class="form-group">
                     <label class="col-lg-2 control-label">Confirmar Senha</label>
                         <div class="col-lg-5">
-                        <input type="text" id="confirmarsenha"  class="form-control" placeholder="Confirme sua senha">
+                        <input type="password" id="confirmarsenha"  class="form-control" placeholder="Confirme sua senha">
                     </div>
                 </div>
                 <div class="form-group">
@@ -119,7 +119,7 @@
                 if (data.email.indexOf("gov.br") > -1 == true){
                   emailCorreto = 1;
                 }
-                if(senha.value == confirmarsenha.value && senha.value != "" ){
+                if($('#senha').val() == $('#confirmarsenha').val() && $('#senha').val() != "" ){
                   senhaConfere = 1;
                 }
                 if (emailCorreto == 0 || senhaConfere == 0){
@@ -134,7 +134,7 @@
                       type: "PUT",
                       url: "${request.route_url('root')}put_user",
                       data: data, 
-                      success: function(){ alert('Alteração realizado com sucesso') },
+                      success: function(){ alert('Alteração realizada com sucesso') },
                       error: function(){ alert('Erro ao Alterar do usuário. Todos os campos são obrigatórios') },
                   });
                 }
 import requests
 import json
 import unicodedata
+import hashlib
+import uuid
 from wscacicneo.model.orgao import Orgao
 from wscacicneo.model.orgao import OrgaoBase
  
@@ -24,4 +26,8 @@ class Utils:
     # Retorna uma string sem caracteres especiais(sem espaço e acentos).
     def format_name(data):
 	    return ''.join(x for x in unicodedata.normalize('NFKD', data) if \
-	    unicodedata.category(x)[0] == 'L').lower()
 \ No newline at end of file
+	    unicodedata.category(x)[0] == 'L').lower()
+
+    def hash_password(password):
+        hash_object = hashlib.md5(password.encode())
+        return hash_object.hexdigest()
 \ No newline at end of file
@@ -341,7 +341,7 @@ def post_user(request):
             cargo = doc['cargo'],
             setor = doc['setor'],
             permissao = doc['permissao'],
-            senha = doc['senha'],
+            senha = Utils.hash_password(doc['senha']),
             favoritos = favoritos,
             itens = itens
         )
@@ -405,7 +405,7 @@ def put_user(request):
         'cargo' : params['cargo'],
         'setor' : params['setor'],
         'permissao' : params['permissao'],
-        'senha' : params['senha']
+        'senha' : Utils.hash_password(params['senha'])
     }
     search = user_obj.search_user(matricula)
     id = search.results[0]._metadata.id_doc
@@ -489,9 +489,10 @@ def login(request):
     if 'form.submitted' in request.params:
         email = request.params['email']
         senha = request.params['senha']
+        senha_hash = Utils.hash_password(senha)
         try:
             usuario = user_obj.search_user_by_email(email)
-            if usuario.results[0].senha == senha:
+            if usuario.results[0].senha == senha_hash:
                 headers = remember(request, email)
                 return HTTPFound(location = came_from,
                                  headers = headers)
@@ -540,32 +541,35 @@ def post_coleta_manual(request):
     """
     document = request.params
     nm_base = document['orgao']
-    data_coleta = document['data_coleta'],
-    softwarelist = document['softwarelist'],
-    win32_processor_manufacturer = document['win32_processor_manufacturer'],
-    win32_processor_numberoflogicalprocessors = document['win32_processor_numberoflogicalprocessors'],
-    win32_processor_caption = document['win32_processor_caption'],
-    operatingsystem_version = document['operatingsystem_version'],
-    operatingsystem_installdate = document['operatingsystem_installdate'],
-    operatingsystem_caption = document['operatingsystem_caption'],
+    data_coleta = document['data_coleta']
+    softwarelist = document['softwarelist']
+    win32_processor_manufacturer = document['win32_processor_manufacturer']
+    win32_processor_numberoflogicalprocessors = document['win32_processor_numberoflogicalprocessors']
+    win32_processor_caption = document['win32_processor_caption']
+    operatingsystem_version = document['operatingsystem_version']
+    operatingsystem_installdate = document['operatingsystem_installdate']
+    operatingsystem_caption = document['operatingsystem_caption']
     win32_bios_manufacturer = document['win32_bios_manufacturer']
-
-    coleta_dict= { 
-        "data_coleta" : data_coleta,
-        "softwarelist" : [softwarelist],
+    nm_base_formatted = Utils.format_name(nm_base)
+    coleta_dict= {
+        "data_coleta": data_coleta,
         "win32_processor": {
             "win32_processor_manufacturer": win32_processor_manufacturer,
             "win32_processor_numberoflogicalprocessors": win32_processor_numberoflogicalprocessors,
-            "win32_processor_caption" : win32_processor_caption
+            "win32_processor_caption": win32_processor_caption
         },
         "operatingsystem": {
             "operatingsystem_version": operatingsystem_version,
             "operatingsystem_installdate": operatingsystem_installdate,
-            "operatingsystem_caption" : operatingsystem_caption
+            "operatingsystem_caption": operatingsystem_caption
         },
+        "softwarelist": [
+            softwarelist
+        ],
         "win32_bios": {
             "win32_bios_manufacturer": win32_bios_manufacturer
         }
     }
-    id_doc = Reports(nm_base).create_coleta(coleta_dict)
-    return Response(str(id_coleta))
+    dumps = json.dumps(coleta_dict)
+    id_doc = Reports(nm_base_formatted,response_object=False).create_coleta(dumps)
+    return Response(str(id_doc))
 \ No newline at end of file
...	...	@@ -20,14 +20,15 @@ log = logging.getLogger()
20	20
21	21	class Reports():
22	22
23		- def __init__(self, nm_base, rest_url=None):
	23	+ def __init__(self, nm_base, rest_url=None, response_object=True):
	24	+ self.base_nm = nm_base
24	25	if rest_url is None:
25	26	self.rest_url = config.REST_URL
26	27	else:
27	28	self.rest_url = rest_url
28	29	self.coleta_manual_base = coleta_manual.ColetaManualBase(nm_base, self.rest_url)
29	30	self.base = self.coleta_manual_base.lbbase
30		- self.documentrest = DocumentREST(self.rest_url, self.base, response_object=True)
	31	+ self.documentrest = DocumentREST(self.rest_url, self.base, response_object)
31	32
32	33
33	34	def get_base_orgao(self):
...	...	@@ -51,20 +52,19 @@ class Reports():
51	52
52	53	return conv.document2dict(coleta_base.lbbase, self)
53	54
54		- def coleta_to_json(self):
	55	+ def coleta_to_json(self, document):
55	56	"""
56	57	Convert object to json
57	58	:return:
58	59	"""
59	60
60		- return conv.document2json(nm_base.lbbase, self)
	61	+ return conv.document2json(document.lbbase, self)
61	62
62	63	def create_coleta(self, document):
63	64	"""
64	65	Insere dados de coleta
65	66	"""
66	67	result = self.documentrest.create(document)
67		-
68	68	return result
69	69
70	70	def update_coleta(self,id, document):
...	...
...	...	@@ -15,13 +15,8 @@
15	15	</div>
16	16	<div class="form-group">
17	17	<label class="col-lg-2 control-label">Data da Coleta:</label>
18		- <div class="col-lg-5">
19		- <div id="datetimepicker1" class="input-append input-group dtpicker">
20		- <input data-format="dd-MM-yyyy" type="text" id="data_coleta" class="form-control">
21		- <span class="input-group-addon add-on">
22		- <i data-time-icon="fa fa-times" data-date-icon="fa fa-calendar"></i>
23		- </span>
24		- </div>
	18	+ <div class="col-lg-2">
	19	+ <input type="date" id="data_coleta" class="form-control" >
25	20	</div>
26	21	</div>
27	22	<br/>
...	...
...	...	@@ -59,12 +59,12 @@
59	59	<div class="form-group">
60	60	<label class="col-lg-2 control-label">Senha</label>
61	61	<div class="col-lg-5">
62		- <input type="text" id="senha" class="form-control" placeholder="Informe novamente sua senha">
	62	+ <input type="password" id="senha" class="form-control" placeholder="Informe novamente sua senha">
63	63	</div>
64	64	</div><div class="form-group">
65	65	<label class="col-lg-2 control-label">Confirmar Senha</label>
66	66	<div class="col-lg-5">
67		- <input type="text" id="confirmarsenha" class="form-control" placeholder="Confirme sua senha">
	67	+ <input type="password" id="confirmarsenha" class="form-control" placeholder="Confirme sua senha">
68	68	</div>
69	69	</div>
70	70	<div class="form-group">
...	...	@@ -119,7 +119,7 @@
119	119	if (data.email.indexOf("gov.br") > -1 == true){
120	120	emailCorreto = 1;
121	121	}
122		- if(senha.value == confirmarsenha.value && senha.value != "" ){
	122	+ if($('#senha').val() == $('#confirmarsenha').val() && $('#senha').val() != "" ){
123	123	senhaConfere = 1;
124	124	}
125	125	if (emailCorreto == 0 \|\| senhaConfere == 0){
...	...	@@ -134,7 +134,7 @@
134	134	type: "PUT",
135	135	url: "${request.route_url('root')}put_user",
136	136	data: data,
137		- success: function(){ alert('Alteração realizado com sucesso') },
	137	+ success: function(){ alert('Alteração realizada com sucesso') },
138	138	error: function(){ alert('Erro ao Alterar do usuário. Todos os campos são obrigatórios') },
139	139	});
140	140	}
...	...
1	1	import requests
2	2	import json
3	3	import unicodedata
	4	+import hashlib
	5	+import uuid
4	6	from wscacicneo.model.orgao import Orgao
5	7	from wscacicneo.model.orgao import OrgaoBase
6	8
...	...	@@ -24,4 +26,8 @@ class Utils:
24	26	# Retorna uma string sem caracteres especiais(sem espaço e acentos).
25	27	def format_name(data):
26	28	return ''.join(x for x in unicodedata.normalize('NFKD', data) if \
27		- unicodedata.category(x)[0] == 'L').lower()
28	29	\ No newline at end of file
	30	+ unicodedata.category(x)[0] == 'L').lower()
	31	+
	32	+ def hash_password(password):
	33	+ hash_object = hashlib.md5(password.encode())
	34	+ return hash_object.hexdigest()
29	35	\ No newline at end of file
...	...
...	...	@@ -341,7 +341,7 @@ def post_user(request):
341	341	cargo = doc['cargo'],
342	342	setor = doc['setor'],
343	343	permissao = doc['permissao'],
344		- senha = doc['senha'],
	344	+ senha = Utils.hash_password(doc['senha']),
345	345	favoritos = favoritos,
346	346	itens = itens
347	347	)
...	...	@@ -405,7 +405,7 @@ def put_user(request):
405	405	'cargo' : params['cargo'],
406	406	'setor' : params['setor'],
407	407	'permissao' : params['permissao'],
408		- 'senha' : params['senha']
	408	+ 'senha' : Utils.hash_password(params['senha'])
409	409	}
410	410	search = user_obj.search_user(matricula)
411	411	id = search.results[0]._metadata.id_doc
...	...	@@ -489,9 +489,10 @@ def login(request):
489	489	if 'form.submitted' in request.params:
490	490	email = request.params['email']
491	491	senha = request.params['senha']
	492	+ senha_hash = Utils.hash_password(senha)
492	493	try:
493	494	usuario = user_obj.search_user_by_email(email)
494		- if usuario.results[0].senha == senha:
	495	+ if usuario.results[0].senha == senha_hash:
495	496	headers = remember(request, email)
496	497	return HTTPFound(location = came_from,
497	498	headers = headers)
...	...	@@ -540,32 +541,35 @@ def post_coleta_manual(request):
540	541	"""
541	542	document = request.params
542	543	nm_base = document['orgao']
543		- data_coleta = document['data_coleta'],
544		- softwarelist = document['softwarelist'],
545		- win32_processor_manufacturer = document['win32_processor_manufacturer'],
546		- win32_processor_numberoflogicalprocessors = document['win32_processor_numberoflogicalprocessors'],
547		- win32_processor_caption = document['win32_processor_caption'],
548		- operatingsystem_version = document['operatingsystem_version'],
549		- operatingsystem_installdate = document['operatingsystem_installdate'],
550		- operatingsystem_caption = document['operatingsystem_caption'],
	544	+ data_coleta = document['data_coleta']
	545	+ softwarelist = document['softwarelist']
	546	+ win32_processor_manufacturer = document['win32_processor_manufacturer']
	547	+ win32_processor_numberoflogicalprocessors = document['win32_processor_numberoflogicalprocessors']
	548	+ win32_processor_caption = document['win32_processor_caption']
	549	+ operatingsystem_version = document['operatingsystem_version']
	550	+ operatingsystem_installdate = document['operatingsystem_installdate']
	551	+ operatingsystem_caption = document['operatingsystem_caption']
551	552	win32_bios_manufacturer = document['win32_bios_manufacturer']
552		-
553		- coleta_dict= {
554		- "data_coleta" : data_coleta,
555		- "softwarelist" : [softwarelist],
	553	+ nm_base_formatted = Utils.format_name(nm_base)
	554	+ coleta_dict= {
	555	+ "data_coleta": data_coleta,
556	556	"win32_processor": {
557	557	"win32_processor_manufacturer": win32_processor_manufacturer,
558	558	"win32_processor_numberoflogicalprocessors": win32_processor_numberoflogicalprocessors,
559		- "win32_processor_caption" : win32_processor_caption
	559	+ "win32_processor_caption": win32_processor_caption
560	560	},
561	561	"operatingsystem": {
562	562	"operatingsystem_version": operatingsystem_version,
563	563	"operatingsystem_installdate": operatingsystem_installdate,
564		- "operatingsystem_caption" : operatingsystem_caption
	564	+ "operatingsystem_caption": operatingsystem_caption
565	565	},
	566	+ "softwarelist": [
	567	+ softwarelist
	568	+ ],
566	569	"win32_bios": {
567	570	"win32_bios_manufacturer": win32_bios_manufacturer
568	571	}
569	572	}
570		- id_doc = Reports(nm_base).create_coleta(coleta_dict)
571		- return Response(str(id_coleta))
	573	+ dumps = json.dumps(coleta_dict)
	574	+ id_doc = Reports(nm_base_formatted,response_object=False).create_coleta(dumps)
	575	+ return Response(str(id_doc))
572	576	\ No newline at end of file
...	...