(db, user, oldpw, newpw)
| 56 | |
| 57 | @style.queue |
| 58 | def changePassword(db, user, oldpw, newpw): |
| 59 | db.c.execute('SELECT id, name, password FROM users WHERE name=?', (user, )) |
| 60 | r = db.c.fetchone() |
| 61 | if not r: |
| 62 | return False |
| 63 | |
| 64 | salt = r[2][:5] |
| 65 | pw = r[2][5:] |
| 66 | h = sha1(salt + oldpw) |
| 67 | if h.hexdigest() == pw: |
| 68 | salt = reduce(lambda x, y: x + y, [str(random.randint(0, 9)) for i in range(0, 5)]) |
| 69 | h = sha1(salt + newpw) |
| 70 | password = salt + h.hexdigest() |
| 71 | |
| 72 | db.c.execute("UPDATE users SET password=? WHERE name=?", (password, user)) |
| 73 | return True |
| 74 | |
| 75 | return False |
| 76 | |
| 77 | |
| 78 | @style.async |
no test coverage detected