Show More
@@ -30,7 +30,7 b' from pylons_app.model import meta' | |||||
30 | from pylons_app.model.db import User, RepoToPerm, Repository, Permission |
|
30 | from pylons_app.model.db import User, RepoToPerm, Repository, Permission | |
31 | from sqlalchemy.exc import OperationalError |
|
31 | from sqlalchemy.exc import OperationalError | |
32 | from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound |
|
32 | from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound | |
33 | import hashlib |
|
33 | import bcrypt | |
34 | from decorator import decorator |
|
34 | from decorator import decorator | |
35 | import logging |
|
35 | import logging | |
36 |
|
36 | |||
@@ -39,9 +39,11 b' log = logging.getLogger(__name__)' | |||||
39 | def get_crypt_password(password): |
|
39 | def get_crypt_password(password): | |
40 | """Cryptographic function used for password hashing based on sha1 |
|
40 | """Cryptographic function used for password hashing based on sha1 | |
41 | @param password: password to hash |
|
41 | @param password: password to hash | |
42 | """ |
|
42 | """ | |
43 | hashed = hashlib.sha1(password).hexdigest() |
|
43 | return bcrypt.hashpw(password, bcrypt.gensalt(10)) | |
44 | return hashed[3:] + hashed[:3] |
|
44 | ||
|
45 | def check_password(password, hashed): | |||
|
46 | return bcrypt.hashpw(password, hashed) == hashed | |||
45 |
|
47 | |||
46 | @cache_region('super_short_term', 'cached_user') |
|
48 | @cache_region('super_short_term', 'cached_user') | |
47 | def get_user_cached(username): |
|
49 | def get_user_cached(username): | |
@@ -53,7 +55,6 b' def get_user_cached(username):' | |||||
53 | return user |
|
55 | return user | |
54 |
|
56 | |||
55 | def authfunc(environ, username, password): |
|
57 | def authfunc(environ, username, password): | |
56 | password_crypt = get_crypt_password(password) |
|
|||
57 | try: |
|
58 | try: | |
58 | user = get_user_cached(username) |
|
59 | user = get_user_cached(username) | |
59 | except (NoResultFound, MultipleResultsFound, OperationalError) as e: |
|
60 | except (NoResultFound, MultipleResultsFound, OperationalError) as e: | |
@@ -62,7 +63,7 b' def authfunc(environ, username, password' | |||||
62 |
|
63 | |||
63 | if user: |
|
64 | if user: | |
64 | if user.active: |
|
65 | if user.active: | |
65 |
if user.username == username and user.password |
|
66 | if user.username == username and check_password(password, user.password): | |
66 | log.info('user %s authenticated correctly', username) |
|
67 | log.info('user %s authenticated correctly', username) | |
67 | return True |
|
68 | return True | |
68 | else: |
|
69 | else: |
@@ -24,7 +24,7 b' from formencode.validators import Unicod' | |||||
24 | Email, Bool, StringBoolean |
|
24 | Email, Bool, StringBoolean | |
25 | from pylons import session |
|
25 | from pylons import session | |
26 | from pylons.i18n.translation import _ |
|
26 | from pylons.i18n.translation import _ | |
27 |
from pylons_app.lib.auth import |
|
27 | from pylons_app.lib.auth import check_password | |
28 | from pylons_app.model import meta |
|
28 | from pylons_app.model import meta | |
29 | from pylons_app.model.db import User, Repository |
|
29 | from pylons_app.model.db import User, Repository | |
30 | from sqlalchemy.exc import OperationalError |
|
30 | from sqlalchemy.exc import OperationalError | |
@@ -94,7 +94,7 b' class ValidAuth(formencode.validators.Fa' | |||||
94 |
|
94 | |||
95 | def validate_python(self, value, state): |
|
95 | def validate_python(self, value, state): | |
96 | sa = meta.Session |
|
96 | sa = meta.Session | |
97 |
|
|
97 | password = value['password'] | |
98 | username = value['username'] |
|
98 | username = value['username'] | |
99 | try: |
|
99 | try: | |
100 | user = sa.query(User).filter(User.username == username).one() |
|
100 | user = sa.query(User).filter(User.username == username).one() | |
@@ -106,7 +106,7 b' class ValidAuth(formencode.validators.Fa' | |||||
106 | error_dict=self.e_dict) |
|
106 | error_dict=self.e_dict) | |
107 | if user: |
|
107 | if user: | |
108 | if user.active: |
|
108 | if user.active: | |
109 |
if user.username == username and user.password |
|
109 | if user.username == username and check_password(password, user.password): | |
110 | from pylons_app.lib.auth import AuthUser |
|
110 | from pylons_app.lib.auth import AuthUser | |
111 | auth_user = AuthUser() |
|
111 | auth_user = AuthUser() | |
112 | auth_user.username = username |
|
112 | auth_user.username = username |
@@ -24,6 +24,7 b' setup(' | |||||
24 | "mercurial>=1.6", |
|
24 | "mercurial>=1.6", | |
25 | "pysqlite", |
|
25 | "pysqlite", | |
26 | "whoosh>=1.0.0b5", |
|
26 | "whoosh>=1.0.0b5", | |
|
27 | "py-bcrypt", | |||
27 | ], |
|
28 | ], | |
28 | setup_requires=["PasteScript>=1.6.3"], |
|
29 | setup_requires=["PasteScript>=1.6.3"], | |
29 | packages=find_packages(exclude=['ez_setup']), |
|
30 | packages=find_packages(exclude=['ez_setup']), |
General Comments 0
You need to be logged in to leave comments.
Login now