Show More
@@ -30,7 +30,7 b' from pylons_app.model import meta' | |||
|
30 | 30 | from pylons_app.model.db import User, RepoToPerm, Repository, Permission |
|
31 | 31 | from sqlalchemy.exc import OperationalError |
|
32 | 32 | from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound |
|
33 | import hashlib | |
|
33 | import bcrypt | |
|
34 | 34 | from decorator import decorator |
|
35 | 35 | import logging |
|
36 | 36 | |
@@ -39,9 +39,11 b' log = logging.getLogger(__name__)' | |||
|
39 | 39 | def get_crypt_password(password): |
|
40 | 40 | """Cryptographic function used for password hashing based on sha1 |
|
41 | 41 | @param password: password to hash |
|
42 | """ | |
|
43 | hashed = hashlib.sha1(password).hexdigest() | |
|
44 | return hashed[3:] + hashed[:3] | |
|
42 | """ | |
|
43 | return bcrypt.hashpw(password, bcrypt.gensalt(10)) | |
|
44 | ||
|
45 | def check_password(password, hashed): | |
|
46 | return bcrypt.hashpw(password, hashed) == hashed | |
|
45 | 47 | |
|
46 | 48 | @cache_region('super_short_term', 'cached_user') |
|
47 | 49 | def get_user_cached(username): |
@@ -53,7 +55,6 b' def get_user_cached(username):' | |||
|
53 | 55 | return user |
|
54 | 56 | |
|
55 | 57 | def authfunc(environ, username, password): |
|
56 | password_crypt = get_crypt_password(password) | |
|
57 | 58 | try: |
|
58 | 59 | user = get_user_cached(username) |
|
59 | 60 | except (NoResultFound, MultipleResultsFound, OperationalError) as e: |
@@ -62,7 +63,7 b' def authfunc(environ, username, password' | |||
|
62 | 63 | |
|
63 | 64 | if user: |
|
64 | 65 | if user.active: |
|
65 |
if user.username == username and user.password |
|
|
66 | if user.username == username and check_password(password, user.password): | |
|
66 | 67 | log.info('user %s authenticated correctly', username) |
|
67 | 68 | return True |
|
68 | 69 | else: |
@@ -24,7 +24,7 b' from formencode.validators import Unicod' | |||
|
24 | 24 | Email, Bool, StringBoolean |
|
25 | 25 | from pylons import session |
|
26 | 26 | from pylons.i18n.translation import _ |
|
27 |
from pylons_app.lib.auth import |
|
|
27 | from pylons_app.lib.auth import check_password | |
|
28 | 28 | from pylons_app.model import meta |
|
29 | 29 | from pylons_app.model.db import User, Repository |
|
30 | 30 | from sqlalchemy.exc import OperationalError |
@@ -94,7 +94,7 b' class ValidAuth(formencode.validators.Fa' | |||
|
94 | 94 | |
|
95 | 95 | def validate_python(self, value, state): |
|
96 | 96 | sa = meta.Session |
|
97 |
|
|
|
97 | password = value['password'] | |
|
98 | 98 | username = value['username'] |
|
99 | 99 | try: |
|
100 | 100 | user = sa.query(User).filter(User.username == username).one() |
@@ -106,7 +106,7 b' class ValidAuth(formencode.validators.Fa' | |||
|
106 | 106 | error_dict=self.e_dict) |
|
107 | 107 | if user: |
|
108 | 108 | if user.active: |
|
109 |
if user.username == username and user.password |
|
|
109 | if user.username == username and check_password(password, user.password): | |
|
110 | 110 | from pylons_app.lib.auth import AuthUser |
|
111 | 111 | auth_user = AuthUser() |
|
112 | 112 | auth_user.username = username |
General Comments 0
You need to be logged in to leave comments.
Login now