Mercurial > kallithea
comparison rhodecode/model/user.py @ 750:73c99f45ef2a beta
fixed security issue when saving ldap user saved plaintext password
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Wed, 24 Nov 2010 03:38:48 +0100 |
parents | 1377a9d4bdb9 |
children | 89b9037d68b7 |
comparison
equal
deleted
inserted
replaced
749:fcd4fb51526e | 750:73c99f45ef2a |
---|---|
26 from pylons.i18n.translation import _ | 26 from pylons.i18n.translation import _ |
27 from rhodecode.model.caching_query import FromCache | 27 from rhodecode.model.caching_query import FromCache |
28 from rhodecode.model.db import User | 28 from rhodecode.model.db import User |
29 from rhodecode.model.meta import Session | 29 from rhodecode.model.meta import Session |
30 from rhodecode.lib.exceptions import * | 30 from rhodecode.lib.exceptions import * |
31 | |
31 import logging | 32 import logging |
32 import traceback | 33 import traceback |
33 | 34 |
34 log = logging.getLogger(__name__) | 35 log = logging.getLogger(__name__) |
35 | 36 |
47 "get_user_%s" % user_id)) | 48 "get_user_%s" % user_id)) |
48 return user.get(user_id) | 49 return user.get(user_id) |
49 | 50 |
50 | 51 |
51 def get_by_username(self, username, cache=False, case_insensitive=False): | 52 def get_by_username(self, username, cache=False, case_insensitive=False): |
52 | 53 |
53 if case_insensitive: | 54 if case_insensitive: |
54 user = self.sa.query(User).filter(User.username.ilike(username)) | 55 user = self.sa.query(User).filter(User.username.ilike(username)) |
55 else: | 56 else: |
56 user = self.sa.query(User)\ | 57 user = self.sa.query(User)\ |
57 .filter(User.username == username) | 58 .filter(User.username == username) |
78 Checks if user is in database, if not creates this user marked | 79 Checks if user is in database, if not creates this user marked |
79 as ldap user | 80 as ldap user |
80 :param username: | 81 :param username: |
81 :param password: | 82 :param password: |
82 """ | 83 """ |
83 | 84 from rhodecode.lib.auth import get_crypt_password |
84 if self.get_by_username(username) is None: | 85 if self.get_by_username(username) is None: |
85 try: | 86 try: |
86 new_user = User() | 87 new_user = User() |
87 new_user.username = username | 88 new_user.username = username |
88 new_user.password = password | 89 new_user.password = get_crypt_password(password) |
89 new_user.email = '%s@ldap.server' % username | 90 new_user.email = '%s@ldap.server' % username |
90 new_user.active = True | 91 new_user.active = True |
91 new_user.is_ldap = True | 92 new_user.is_ldap = True |
92 new_user.name = '%s@ldap' % username | 93 new_user.name = '%s@ldap' % username |
93 new_user.lastname = '' | 94 new_user.lastname = '' |