upstream/ipython Files · IPython/lib/security.py

Merge pull request from Carreau/shifttab...

Merge pull request from Carreau/shifttab also bind shift tab for tooltip + config This does not change the curent behavior, only add the shift+tab shortcut. Note that the shift tab shortcut has a slightly different behavior. You can select part of a line and pressing shift-tab will show you the tooltip only for the selection. This is disabled for multiline selection to still allow to unindent block of code, Keep in mind that the real real shortcut for indent unindent is Ctrl+] or [ . Select/tab is not really supported by codemirror. Finally the "tooltip_on_tab" behavior is globally configurable via IPython.config so that it could be easily switched to false. It can be overridden via js console for test purpose. IPython.config.tooltip_on_tab = true | false Take effect immediately, only on current notebook. or globally via custom.js var user_conf = {tooltip_on_tab:false | true}; $.extend(IPython.config, user_conf)

Thomas Kluyver - - Load All Authors

File last commit:

r5343:9a89486e


                r8971:99339d10

Download file

             security.py
        
                    118 lines
            
             | 3.4 KiB
            
                | text/x-python
            
             |
                PythonLexer
            
             / IPython / lib / security.py
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      """

      Password generation for the IPython notebook.

      """

      #-----------------------------------------------------------------------------

      # Imports

      #-----------------------------------------------------------------------------

      # Stdlib

      import getpass

      import hashlib

      import random

      # Our own

      from IPython.core.error import UsageError

      from IPython.testing.skipdoctest import skip_doctest

      from IPython.utils.py3compat import cast_bytes, str_to_bytes

      #-----------------------------------------------------------------------------

      # Globals

      #-----------------------------------------------------------------------------

      # Length of the salt in nr of hex chars, which implies salt_len * 4

      # bits of randomness.

      salt_len = 12

      #-----------------------------------------------------------------------------

      # Functions

      #-----------------------------------------------------------------------------

      @skip_doctest

      def passwd(passphrase=None, algorithm='sha1'):

          """Generate hashed password and salt for use in notebook configuration.

          In the notebook configuration, set `c.NotebookApp.password` to

          the generated string.

          Parameters

          ----------

          passphrase : str

              Password to hash.  If unspecified, the user is asked to input

              and verify a password.

          algorithm : str

              Hashing algorithm to use (e.g, 'sha1' or any argument supported

              by :func:`hashlib.new`).

          Returns

          -------

          hashed_passphrase : str

              Hashed password, in the format 'hash_algorithm:salt:passphrase_hash'.

          Examples

          --------

          In [1]: passwd('mypassword')

          Out[1]: 'sha1:7cf3:b7d6da294ea9592a9480c8f52e63cd42cfb9dd12'

          """

          if passphrase is None:

              for i in range(3):

                  p0 = getpass.getpass('Enter password: ')

                  p1 = getpass.getpass('Verify password: ')

                  if p0 == p1:

                      passphrase = p0

                      break

                  else:

                      print('Passwords do not match.')

              else:

                  raise UsageError('No matching passwords found. Giving up.')

          h = hashlib.new(algorithm)

          salt = ('%0' + str(salt_len) + 'x') % random.getrandbits(4 * salt_len)

          h.update(cast_bytes(passphrase, 'utf-8') + str_to_bytes(salt, 'ascii'))

          return ':'.join((algorithm, salt, h.hexdigest()))

      def passwd_check(hashed_passphrase, passphrase):

          """Verify that a given passphrase matches its hashed version.

          Parameters

          ----------

          hashed_passphrase : str

              Hashed password, in the format returned by `passwd`.

          passphrase : str

              Passphrase to validate.

          Returns

          -------

          valid : bool

              True if the passphrase matches the hash.

          Examples

          --------

          In [1]: from IPython.lib.security import passwd_check

          In [2]: passwd_check('sha1:0e112c3ddfce:a68df677475c2b47b6e86d0467eec97ac5f4b85a',

             ...:              'mypassword')

          Out[2]: True

          In [3]: passwd_check('sha1:0e112c3ddfce:a68df677475c2b47b6e86d0467eec97ac5f4b85a',

             ...:              'anotherpassword')

          Out[3]: False

          """

          try:

              algorithm, salt, pw_digest = hashed_passphrase.split(':', 2)

          except (ValueError, TypeError):

              return False

          try:

              h = hashlib.new(algorithm)

          except ValueError:

              return False

          if len(pw_digest) == 0:

              return False

          h.update(cast_bytes(passphrase, 'utf-8') + str_to_bytes(salt, 'ascii'))

          return h.hexdigest() == pw_digest

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				"""
				Password generation for the IPython notebook.
				"""
				#-----------------------------------------------------------------------------
				# Imports
				#-----------------------------------------------------------------------------
				# Stdlib
				import getpass
				import hashlib
				import random

				# Our own
				from IPython.core.error import UsageError
				from IPython.testing.skipdoctest import skip_doctest
				from IPython.utils.py3compat import cast_bytes, str_to_bytes

				#-----------------------------------------------------------------------------
				# Globals
				#-----------------------------------------------------------------------------

				# Length of the salt in nr of hex chars, which implies salt_len * 4
				# bits of randomness.
				salt_len = 12

				#-----------------------------------------------------------------------------
				# Functions
				#-----------------------------------------------------------------------------

				@skip_doctest
				def passwd(passphrase=None, algorithm='sha1'):
				"""Generate hashed password and salt for use in notebook configuration.

				In the notebook configuration, set `c.NotebookApp.password` to
				the generated string.

				Parameters
				----------
				passphrase : str
				Password to hash. If unspecified, the user is asked to input
				and verify a password.
				algorithm : str
				Hashing algorithm to use (e.g, 'sha1' or any argument supported
				by :func:`hashlib.new`).

				Returns
				-------
				hashed_passphrase : str
				Hashed password, in the format 'hash_algorithm:salt:passphrase_hash'.

				Examples
				--------
				In [1]: passwd('mypassword')
				Out[1]: 'sha1:7cf3:b7d6da294ea9592a9480c8f52e63cd42cfb9dd12'

				"""
				if passphrase is None:
				for i in range(3):
				p0 = getpass.getpass('Enter password: ')
				p1 = getpass.getpass('Verify password: ')
				if p0 == p1:
				passphrase = p0
				break
				else:
				print('Passwords do not match.')
				else:
				raise UsageError('No matching passwords found. Giving up.')

				h = hashlib.new(algorithm)
				salt = ('%0' + str(salt_len) + 'x') % random.getrandbits(4 * salt_len)
				h.update(cast_bytes(passphrase, 'utf-8') + str_to_bytes(salt, 'ascii'))

				return ':'.join((algorithm, salt, h.hexdigest()))


				def passwd_check(hashed_passphrase, passphrase):
				"""Verify that a given passphrase matches its hashed version.

				Parameters
				----------
				hashed_passphrase : str
				Hashed password, in the format returned by `passwd`.
				passphrase : str
				Passphrase to validate.

				Returns
				-------
				valid : bool
				True if the passphrase matches the hash.

				Examples
				--------
				In [1]: from IPython.lib.security import passwd_check

				In [2]: passwd_check('sha1:0e112c3ddfce:a68df677475c2b47b6e86d0467eec97ac5f4b85a',
				...: 'mypassword')
				Out[2]: True

				In [3]: passwd_check('sha1:0e112c3ddfce:a68df677475c2b47b6e86d0467eec97ac5f4b85a',
				...: 'anotherpassword')
				Out[3]: False

				"""
				try:
				algorithm, salt, pw_digest = hashed_passphrase.split(':', 2)
				except (ValueError, TypeError):
				return False

				try:
				h = hashlib.new(algorithm)
				except ValueError:
				return False

				if len(pw_digest) == 0:
				return False

				h.update(cast_bytes(passphrase, 'utf-8') + str_to_bytes(salt, 'ascii'))

				return h.hexdigest() == pw_digest