user registration api endpoint

3 files changed, 28 insertions, 2 deletions

diff --git a/api/auth/signup.py b/api/auth/signup.py
index df6a271..a568b6d 100644
--- a/api/auth/signup.py
+++ b/api/auth/signup.py
@@ -1,6 +1,7 @@
 from flask import Blueprint, request
 from main import cursor, connection
 from randid import new_uuid
+import passwords
 import time
 import json
 
@@ -20,8 +21,8 @@ def index():
            return "", 400
 
     user_id = new_uuid()
-    password_salt = "salt"
-    password_hash = "hash"
+    password_salt = passwords.salt()
+    password_hash = passwords.password_hash(password, password_salt)
     registered = int( time.time() * 1000 )
 
     cursor.execute("insert into users values (?, ?, ?, NULL, ?, ?, ?, NULL, FALSE, \"user\", \"{}\", NULL, \"online\") ",
diff --git a/api/passwords.py b/api/passwords.py
new file mode 100644
index 0000000..58b712d
--- /dev/null
+++ b/api/passwords.py
@@ -0,0 +1,13 @@
+import bcrypt
+
+def enc(string):
+    return string.encode('utf-8')
+
+def salt():
+    return bcrypt.gensalt()
+
+def check_password(password, salt, password_hash):
+    return bcrypt.checkpw(enc(password)+salt, enc(password_hash))
+
+def password_hash(password, salt):
+    return bcrypt.hashpw(enc(password), salt);
diff --git a/api/tests.sh b/api/tests.sh
new file mode 100755
index 0000000..391aa0f
--- /dev/null
+++ b/api/tests.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+
+signup () {
+	curl -X POST \
+		-H "Content-Type: application/json" \
+		-d '{
+		"username": "test",
+		"email": "test@example.com",
+		"password": "password123"
+		}' \
+		localhost:5000/api/auth/signup
+}