##// END OF EJS Templates
First step in reintegrating Jedi...
First step in reintegrating Jedi If Jedi is installed expose a private API use it with prompt toolkit. Jedi does not _yet_ provide all the completion IPython has, so this is still a bit awkward. In order to debug this (and see what is Jedi provided we for now inject a fake Jedi/IPython delimiter in the menu. Jedi completion and this behavior are enabled by default, but could likely be opt-in. Add also a number of debug flags to be able to track why jedi is not working, and/or what completions are found by IPython and not Jedi. That should give us a bit of heads up and feedback to know whether we can remove part of the IPython completer, and more especially if we can drop `python_matches`. Once `python_matches` is dropped and some other of the current matchers are either dropped or converted to the new API, that should simplify the internal quite a bit. That would just be too much for an already BIG pull-request.

File last commit:

r21134:02234da0
r23284:3ff1be2e
Show More
security.py
114 lines | 3.3 KiB | text/x-python | PythonLexer
Stefan van der Walt
Add hashed passphrase generation and verification.
r5320 """
Password generation for the IPython notebook.
"""
Fernando Perez
Fix failing doctests and post correct example of passwd() usage.
r5337 #-----------------------------------------------------------------------------
# Imports
#-----------------------------------------------------------------------------
# Stdlib
import getpass
Stefan van der Walt
Add hashed passphrase generation and verification.
r5320 import hashlib
import random
Fernando Perez
Fix failing doctests and post correct example of passwd() usage.
r5337 # Our own
Stefan van der Walt
Throw UsageError instead of ValueError.
r5335 from IPython.core.error import UsageError
Thomas Kluyver
Fix password hashing for Python 3...
r5343 from IPython.utils.py3compat import cast_bytes, str_to_bytes
Fernando Perez
Fix failing doctests and post correct example of passwd() usage.
r5337
#-----------------------------------------------------------------------------
# Globals
#-----------------------------------------------------------------------------
Stefan van der Walt
Throw UsageError instead of ValueError.
r5335
Stefan van der Walt
Use a global variable to adjust the number of bits used to generate the salt.
r5332 # Length of the salt in nr of hex chars, which implies salt_len * 4
# bits of randomness.
salt_len = 12
Fernando Perez
Fix failing doctests and post correct example of passwd() usage.
r5337 #-----------------------------------------------------------------------------
# Functions
#-----------------------------------------------------------------------------
Stefan van der Walt
Try to get password from user three times.
r5334 def passwd(passphrase=None, algorithm='sha1'):
Stefan van der Walt
Add hashed passphrase generation and verification.
r5320 """Generate hashed password and salt for use in notebook configuration.
Stefan van der Walt
In passwd, mention which variable in the notebook config to update.
r5322 In the notebook configuration, set `c.NotebookApp.password` to
the generated string.
Stefan van der Walt
Add hashed passphrase generation and verification.
r5320 Parameters
----------
passphrase : str
Stefan van der Walt
If no password is given, ask for one on the prompt.
r5333 Password to hash. If unspecified, the user is asked to input
and verify a password.
Stefan van der Walt
Allow any hashing algorithm.
r5328 algorithm : str
Stefan van der Walt
Update docstring to refer to hashlib.
r5331 Hashing algorithm to use (e.g, 'sha1' or any argument supported
by :func:`hashlib.new`).
Stefan van der Walt
Add hashed passphrase generation and verification.
r5320
Returns
-------
hashed_passphrase : str
Hashed password, in the format 'hash_algorithm:salt:passphrase_hash'.
Examples
--------
Thomas Kluyver
Miscellaneous docs fixes
r13597 >>> passwd('mypassword')
'sha1:7cf3:b7d6da294ea9592a9480c8f52e63cd42cfb9dd12'
Stefan van der Walt
Add hashed passphrase generation and verification.
r5320
"""
Stefan van der Walt
Try to get password from user three times.
r5334 if passphrase is None:
for i in range(3):
p0 = getpass.getpass('Enter password: ')
p1 = getpass.getpass('Verify password: ')
if p0 == p1:
passphrase = p0
break
else:
print('Passwords do not match.')
Stefan van der Walt
If no password is given, ask for one on the prompt.
r5333 else:
Stefan van der Walt
Throw UsageError instead of ValueError.
r5335 raise UsageError('No matching passwords found. Giving up.')
Stefan van der Walt
If no password is given, ask for one on the prompt.
r5333
Stefan van der Walt
Add hashed passphrase generation and verification.
r5320 h = hashlib.new(algorithm)
Stefan van der Walt
Use a global variable to adjust the number of bits used to generate the salt.
r5332 salt = ('%0' + str(salt_len) + 'x') % random.getrandbits(4 * salt_len)
Thomas Kluyver
Fix password hashing for Python 3...
r5343 h.update(cast_bytes(passphrase, 'utf-8') + str_to_bytes(salt, 'ascii'))
Stefan van der Walt
Add hashed passphrase generation and verification.
r5320
return ':'.join((algorithm, salt, h.hexdigest()))
Fernando Perez
Fix failing doctests and post correct example of passwd() usage.
r5337
Stefan van der Walt
Add hashed passphrase generation and verification.
r5320 def passwd_check(hashed_passphrase, passphrase):
"""Verify that a given passphrase matches its hashed version.
Parameters
----------
hashed_passphrase : str
Hashed password, in the format returned by `passwd`.
passphrase : str
Passphrase to validate.
Returns
-------
valid : bool
True if the passphrase matches the hash.
Examples
--------
Thomas Kluyver
Miscellaneous docs fixes
r13597 >>> from IPython.lib.security import passwd_check
>>> passwd_check('sha1:0e112c3ddfce:a68df677475c2b47b6e86d0467eec97ac5f4b85a',
... 'mypassword')
True
>>> passwd_check('sha1:0e112c3ddfce:a68df677475c2b47b6e86d0467eec97ac5f4b85a',
... 'anotherpassword')
False
Stefan van der Walt
Add hashed passphrase generation and verification.
r5320 """
try:
algorithm, salt, pw_digest = hashed_passphrase.split(':', 2)
except (ValueError, TypeError):
return False
Stefan van der Walt
Allow any hashing algorithm.
r5328 try:
h = hashlib.new(algorithm)
except ValueError:
return False
Fernando Perez
Remove unnecessary check on password salt length.
r5338 if len(pw_digest) == 0:
Stefan van der Walt
Add hashed passphrase generation and verification.
r5320 return False
Thomas Kluyver
Allow unicode arguments to passwd_check on Python 2....
r13558 h.update(cast_bytes(passphrase, 'utf-8') + cast_bytes(salt, 'ascii'))
Stefan van der Walt
Add hashed passphrase generation and verification.
r5320
return h.hexdigest() == pw_digest