kallithea: pylons_app/model/forms.py comparison

Changed password crypting scheme to bcrypt, added dependency for setup

author	Marcin Kuzminski <marcin@python-works.com>
date	Fri, 20 Aug 2010 10:59:18 +0200
parents	e8af467b5a60
children	25ab66a26975

comparison

equal deleted inserted replaced

-:27f801e03489
+:04e8b31fb245
 from formencode import All
 from formencode.validators import UnicodeString, OneOf, Int, Number, Regex, \
 Email, Bool, StringBoolean
 from pylons import session
 from pylons.i18n.translation import _
-from pylons_app.lib.auth import get_crypt_password
+from pylons_app.lib.auth import check_password
 from pylons_app.model import meta
 from pylons_app.model.db import User, Repository
 from sqlalchemy.exc import OperationalError
 from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound
 from webhelpers.pylonslib.secure_form import authentication_token
 'password':messages['invalid_password']}
 e_dict_disable = {'username':messages['disabled_account']}
 def validate_python(self, value, state):
 sa = meta.Session
-crypted_passwd = get_crypt_password(value['password'])
+password = value['password']
 username = value['username']
 try:
 user = sa.query(User).filter(User.username == username).one()
 except (NoResultFound, MultipleResultsFound, OperationalError) as e:
 log.error(e)
 raise formencode.Invalid(self.message('invalid_password',
 state=State_obj), value, state,
 error_dict=self.e_dict)
 if user:
 if user.active:
-if user.username == username and user.password == crypted_passwd:
+if user.username == username and check_password(password, user.password):
 from pylons_app.lib.auth import AuthUser
 auth_user = AuthUser()
 auth_user.username = username
 auth_user.is_authenticated = True
 auth_user.is_admin = user.admin

Mercurial > kallithea