rhodecode-enterprise-ce Commit - r4958:8dd2ba8f

auth: re-orginize imports use hashlib helpers

super-admin -

r4958:8dd2ba8f default

parent child

rhodecode/lib/auth.py

0 +9 -7

              import time
              import collections
              import fnmatch
-             import hashlib
              import itertools
              import logging
              import random
                  false, User, Repository, Permission, UserToPerm, UserGroupToPerm, UserGroupMember,
                  UserIpMap, UserApiKeys, RepoGroup, UserGroup, UserNotice)
              from rhodecode.lib import rc_cache
-             from rhodecode.lib.utils2 import safe_unicode, aslist, safe_str, md5, safe_int, sha1
              from rhodecode.lib.utils import (
                  get_repo_slug, get_repo_group_slug, get_user_group_slug)
+             from rhodecode.lib.type_utils import aslist
+             from rhodecode.lib.hash_utils import sha1, sha256, md5
+             from rhodecode.lib.str_utils import ascii_bytes, safe_str, safe_int, safe_bytes
              from rhodecode.lib.caching_query import FromCache
              if rhodecode.is_unix:
                  import bcrypt
                  def hash_create(self, str_):
                      self._assert_bytes(str_)
-                     return hashlib.sha256(str_).hexdigest()
+                     return sha256(str_)
                  def hash_check(self, password, hashed):
                      """
                      :param hashed: password in hashed form
                      """
                      self._assert_bytes(password)
-                     return hashlib.sha256(password).hexdigest() == hashed
+                     return sha256(password) == hashed
              class _RhodeCodeCryptoTest(_RhodeCodeCryptoBase):
                  if salt is None:
                      salt = os.urandom(16)
-                 return hashlib.sha1(safe_str(data) + salt).hexdigest()
+                 return sha1(data + salt)
              def get_came_from(request):
                  def get_cookie_store(self):
                      return {
                          'username': self.username,
-                         'password': md5(self.password or ''),
+                         'password': md5(safe_bytes(self.password or '')),
                          'user_id': self.user_id,
                          'is_authenticated': self.is_authenticated
                      }
                  # from pyramid.csrf import get_csrf_token
                  if (csrf_token_key not in session and save_if_missing) or force_new:
-                     token = hashlib.sha1(str(random.getrandbits(128))).hexdigest()
+                     token = sha1(ascii_bytes(str(random.getrandbits(128))))
                      session[csrf_token_key] = token
                      if hasattr(session, 'save'):
                          session.save()

rhodecode/lib/hash_utils.py

0 +8 0

              def sha1_safe(s):
                  return sha1(safe_bytes(s))
+             def sha256(s):
+                 return hashlib.sha256(s).hexdigest()
+             def sha256_safe(s):
+                 return sha256(safe_bytes(s))

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages