Mercurial > kallithea
comparison pylons_app/model/forms.py @ 415:04e8b31fb245
Changed password crypting scheme to bcrypt, added dependency for setup
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Fri, 20 Aug 2010 10:59:18 +0200 |
parents | e8af467b5a60 |
children | 25ab66a26975 |
comparison
equal
deleted
inserted
replaced
414:27f801e03489 | 415:04e8b31fb245 |
---|---|
22 from formencode import All | 22 from formencode import All |
23 from formencode.validators import UnicodeString, OneOf, Int, Number, Regex, \ | 23 from formencode.validators import UnicodeString, OneOf, Int, Number, Regex, \ |
24 Email, Bool, StringBoolean | 24 Email, Bool, StringBoolean |
25 from pylons import session | 25 from pylons import session |
26 from pylons.i18n.translation import _ | 26 from pylons.i18n.translation import _ |
27 from pylons_app.lib.auth import get_crypt_password | 27 from pylons_app.lib.auth import check_password |
28 from pylons_app.model import meta | 28 from pylons_app.model import meta |
29 from pylons_app.model.db import User, Repository | 29 from pylons_app.model.db import User, Repository |
30 from sqlalchemy.exc import OperationalError | 30 from sqlalchemy.exc import OperationalError |
31 from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound | 31 from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound |
32 from webhelpers.pylonslib.secure_form import authentication_token | 32 from webhelpers.pylonslib.secure_form import authentication_token |
92 'password':messages['invalid_password']} | 92 'password':messages['invalid_password']} |
93 e_dict_disable = {'username':messages['disabled_account']} | 93 e_dict_disable = {'username':messages['disabled_account']} |
94 | 94 |
95 def validate_python(self, value, state): | 95 def validate_python(self, value, state): |
96 sa = meta.Session | 96 sa = meta.Session |
97 crypted_passwd = get_crypt_password(value['password']) | 97 password = value['password'] |
98 username = value['username'] | 98 username = value['username'] |
99 try: | 99 try: |
100 user = sa.query(User).filter(User.username == username).one() | 100 user = sa.query(User).filter(User.username == username).one() |
101 except (NoResultFound, MultipleResultsFound, OperationalError) as e: | 101 except (NoResultFound, MultipleResultsFound, OperationalError) as e: |
102 log.error(e) | 102 log.error(e) |
104 raise formencode.Invalid(self.message('invalid_password', | 104 raise formencode.Invalid(self.message('invalid_password', |
105 state=State_obj), value, state, | 105 state=State_obj), value, state, |
106 error_dict=self.e_dict) | 106 error_dict=self.e_dict) |
107 if user: | 107 if user: |
108 if user.active: | 108 if user.active: |
109 if user.username == username and user.password == crypted_passwd: | 109 if user.username == username and check_password(password, user.password): |
110 from pylons_app.lib.auth import AuthUser | 110 from pylons_app.lib.auth import AuthUser |
111 auth_user = AuthUser() | 111 auth_user = AuthUser() |
112 auth_user.username = username | 112 auth_user.username = username |
113 auth_user.is_authenticated = True | 113 auth_user.is_authenticated = True |
114 auth_user.is_admin = user.admin | 114 auth_user.is_admin = user.admin |