drakken.model module

ORM module.

Warning

SQLAlchemy doesn’t escape raw SQL so to prevent SQL injection attacks always use the ORM.

class drakken.model.Base(**kwargs: Any)

Bases: DeclarativeBase

metadata: ClassVar[MetaData] = MetaData()

Refers to the _schema.MetaData collection that will be used for new _schema.Table objects.

See also

orm_declarative_metadata

registry: ClassVar[_RegistryType] = <sqlalchemy.orm.decl_api.registry object>

Refers to the _orm.registry in use where new _orm.Mapper objects will be associated.

class drakken.model.Session(**kwargs)

Bases: Base

Session table.

date_created
session_token
user
user_id
class drakken.model.User(**kwargs)

Bases: Base

User account table.

active
date_joined
email
id
last_login
pwhash
salt
drakken.model.authenticate(**kwargs)

Authenticate user.

Parameters:

  • username (str) – user name.

  • email (str) – email address.

  • password (str) – password.

Raises:

AuthenticateFail – username/email and password don’t match the database.

drakken.model.create_user(email, password, username='')

Create a user.

Parameters:

  • email (str) – must be unique if not using a username.

  • password (str) – must be within MIN_PASSWORD_LENGTH and

  • MAX_PASSWORD_LENGTH.

  • username (str) – must be unique. Optional.

Returns:

created User object.

Return type:

User

Note

The password hashing algorithm is deliberately computationally expensive to slow down hackers. Very long passwords can take so long to compute they can be used in a denial of service attack per OWASP. Which is why we check for too long passwords.

Raises:
drakken.model.get_session(request)

Return session object.

Parameters:

request (drakken.message.Request) – Request object.

Raises:

LoginFail – session ID is missing or not in database, request user agent doesn’t match session user agent, or session has expired.

drakken.model.login(**kwargs)

Login user and set response cookie.

Parameters:

  • username (str) – user name.

  • email (str) – email address.

  • password (str) – password.

  • request (message.Request) – Request object.

  • response (message.Response) – Response object.

Returns:

logged in User object.

Return type:

User

drakken.model.login_required(func=None, redirect=True)

Validate session token in cookie.

Use as a decorator.

Parameters:
Raises:

  • HTTPRedirect – redirect to config.LOGIN_URL if set and redirect == True.

  • LoginFail – if config.LOGIN_URL not set or redirect == False.

drakken.model.logout(request, response)

Log out user, delete session and cookie.

Parameters:
drakken.model.session_scope()

Context manager for database operations.

Automatically handles database commit, rollback, and close. Taken from SQLAlchemy docs.

Example:

from drakken.model import session_scope, User
from drakken.security import gensalt, hash

email = 'stuart@gmail.com'
password = 'FoundInTheSwamp'
salt = gensalt()
hashed = security.hash(password, salt)

with session_scope() as session:
    user = User(email=email, pwhash=hashed, salt=salt)
    session.add(user)
drakken.model.setup()

Configure database, creating tables if needed.

drakken.model.update_password(userid, password)

Change password for user.

Parameters:

  • userid (int) – user ID.

  • password (str) – new password.