| 25 | class UserMethods(): |
| 26 | @style.queue |
| 27 | def checkAuth(db, user, password): |
| 28 | c = db.c |
| 29 | c.execute('SELECT id, name, password, role, permission, template, email FROM "users" WHERE name=?', (user, )) |
| 30 | r = c.fetchone() |
| 31 | if not r: |
| 32 | return {} |
| 33 | |
| 34 | salt = r[2][:5] |
| 35 | pw = r[2][5:] |
| 36 | h = sha1(salt + password) |
| 37 | if h.hexdigest() == pw: |
| 38 | return {"id": r[0], "name": r[1], "role": r[3], |
| 39 | "permission": r[4], "template": r[5], "email": r[6]} |
| 40 | else: |
| 41 | return {} |
| 42 | |
| 43 | @style.queue |
| 44 | def addUser(db, user, password): |