# HG changeset patch
# User Mads Kiilerich <mads@kiilerich.com>
# Date 2018-01-15 00:34:13
# Node ID fefd7279e798e279ed71acf3d538319412d2fb44
# Parent  9b9258f5e2b235d05967c93fe890dd1910774a3e

login: fix crash when entering non-ASCII password for login (Issue #300)

Avoid errors like
  UnicodeEncodeError: 'ascii' codec can't encode characters in position X: ordinal not in range(128)
when the user enters non-ASCII passwords for existing internal accounts in the
login prompt.

The password forms have "always" rejected non-ASCII passwords with
  Invalid characters (non-ASCII) in password

diff --git a/kallithea/lib/auth.py b/kallithea/lib/auth.py
--- a/kallithea/lib/auth.py
+++ b/kallithea/lib/auth.py
@@ -122,6 +122,11 @@ class KallitheaCrypto(object):
         :param hashed: password in hashed form
         """
 
+        try:
+            password = str(password)
+        except UnicodeEncodeError:
+            log.warning('rejecting non-ascii password')
+            return False
         if is_windows:
             return hashlib.sha256(password).hexdigest() == hashed
         elif is_unix:
diff --git a/kallithea/tests/functional/test_login.py b/kallithea/tests/functional/test_login.py
--- a/kallithea/tests/functional/test_login.py
+++ b/kallithea/tests/functional/test_login.py
@@ -133,6 +133,13 @@ class TestLoginController(TestController
 
         response.mustcontain('Invalid username or password')
 
+    def test_login_non_ascii(self):
+        response = self.app.post(url(controller='login', action='index'),
+                                 {'username': TEST_USER_REGULAR_LOGIN,
+                                  'password': 'blåbærgrød'})
+
+        response.mustcontain('>Invalid username or password<')
+
     # verify that get arguments are correctly passed along login redirection
 
     @parameterized.expand([