Show More
| @@ -30,7 +30,7 b' from pylons_app.model import meta' | |||||
| 30 | from pylons_app.model.db import User, RepoToPerm, Repository, Permission |
|
30 | from pylons_app.model.db import User, RepoToPerm, Repository, Permission | |
| 31 | from sqlalchemy.exc import OperationalError |
|
31 | from sqlalchemy.exc import OperationalError | |
| 32 | from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound |
|
32 | from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound | |
| 33 | import hashlib |
|
33 | import bcrypt | |
| 34 | from decorator import decorator |
|
34 | from decorator import decorator | |
| 35 | import logging |
|
35 | import logging | |
| 36 |
|
36 | |||
| @@ -39,9 +39,11 b' log = logging.getLogger(__name__)' | |||||
| 39 | def get_crypt_password(password): |
|
39 | def get_crypt_password(password): | |
| 40 | """Cryptographic function used for password hashing based on sha1 |
|
40 | """Cryptographic function used for password hashing based on sha1 | |
| 41 | @param password: password to hash |
|
41 | @param password: password to hash | |
| 42 | """ |
|
42 | """ | |
| 43 | hashed = hashlib.sha1(password).hexdigest() |
|
43 | return bcrypt.hashpw(password, bcrypt.gensalt(10)) | |
| 44 | return hashed[3:] + hashed[:3] |
|
44 | ||
|
|
45 | def check_password(password, hashed): | |||
|
|
46 | return bcrypt.hashpw(password, hashed) == hashed | |||
| 45 |
|
47 | |||
| 46 | @cache_region('super_short_term', 'cached_user') |
|
48 | @cache_region('super_short_term', 'cached_user') | |
| 47 | def get_user_cached(username): |
|
49 | def get_user_cached(username): | |
| @@ -53,7 +55,6 b' def get_user_cached(username):' | |||||
| 53 | return user |
|
55 | return user | |
| 54 |
|
56 | |||
| 55 | def authfunc(environ, username, password): |
|
57 | def authfunc(environ, username, password): | |
| 56 | password_crypt = get_crypt_password(password) |
|
|||
| 57 | try: |
|
58 | try: | |
| 58 | user = get_user_cached(username) |
|
59 | user = get_user_cached(username) | |
| 59 | except (NoResultFound, MultipleResultsFound, OperationalError) as e: |
|
60 | except (NoResultFound, MultipleResultsFound, OperationalError) as e: | |
| @@ -62,7 +63,7 b' def authfunc(environ, username, password' | |||||
| 62 |
|
63 | |||
| 63 | if user: |
|
64 | if user: | |
| 64 | if user.active: |
|
65 | if user.active: | |
| 65 |
if user.username == username and user.password |
|
66 | if user.username == username and check_password(password, user.password): | |
| 66 | log.info('user %s authenticated correctly', username) |
|
67 | log.info('user %s authenticated correctly', username) | |
| 67 | return True |
|
68 | return True | |
| 68 | else: |
|
69 | else: | |
| @@ -24,7 +24,7 b' from formencode.validators import Unicod' | |||||
| 24 | Email, Bool, StringBoolean |
|
24 | Email, Bool, StringBoolean | |
| 25 | from pylons import session |
|
25 | from pylons import session | |
| 26 | from pylons.i18n.translation import _ |
|
26 | from pylons.i18n.translation import _ | |
| 27 |
from pylons_app.lib.auth import |
|
27 | from pylons_app.lib.auth import check_password | |
| 28 | from pylons_app.model import meta |
|
28 | from pylons_app.model import meta | |
| 29 | from pylons_app.model.db import User, Repository |
|
29 | from pylons_app.model.db import User, Repository | |
| 30 | from sqlalchemy.exc import OperationalError |
|
30 | from sqlalchemy.exc import OperationalError | |
| @@ -94,7 +94,7 b' class ValidAuth(formencode.validators.Fa' | |||||
| 94 |
|
94 | |||
| 95 | def validate_python(self, value, state): |
|
95 | def validate_python(self, value, state): | |
| 96 | sa = meta.Session |
|
96 | sa = meta.Session | |
| 97 |
|
|
97 | password = value['password'] | |
| 98 | username = value['username'] |
|
98 | username = value['username'] | |
| 99 | try: |
|
99 | try: | |
| 100 | user = sa.query(User).filter(User.username == username).one() |
|
100 | user = sa.query(User).filter(User.username == username).one() | |
| @@ -106,7 +106,7 b' class ValidAuth(formencode.validators.Fa' | |||||
| 106 | error_dict=self.e_dict) |
|
106 | error_dict=self.e_dict) | |
| 107 | if user: |
|
107 | if user: | |
| 108 | if user.active: |
|
108 | if user.active: | |
| 109 |
if user.username == username and user.password |
|
109 | if user.username == username and check_password(password, user.password): | |
| 110 | from pylons_app.lib.auth import AuthUser |
|
110 | from pylons_app.lib.auth import AuthUser | |
| 111 | auth_user = AuthUser() |
|
111 | auth_user = AuthUser() | |
| 112 | auth_user.username = username |
|
112 | auth_user.username = username | |
| @@ -24,6 +24,7 b' setup(' | |||||
| 24 | "mercurial>=1.6", |
|
24 | "mercurial>=1.6", | |
| 25 | "pysqlite", |
|
25 | "pysqlite", | |
| 26 | "whoosh>=1.0.0b5", |
|
26 | "whoosh>=1.0.0b5", | |
|
|
27 | "py-bcrypt", | |||
| 27 | ], |
|
28 | ], | |
| 28 | setup_requires=["PasteScript>=1.6.3"], |
|
29 | setup_requires=["PasteScript>=1.6.3"], | |
| 29 | packages=find_packages(exclude=['ez_setup']), |
|
30 | packages=find_packages(exclude=['ez_setup']), | |
General Comments 0
You need to be logged in to leave comments.
Login now