kallithea Changeset - 04e8b31fb245

Changeset - 04e8b31fb245

Parent rev.

Child rev.

[Not reviewed]

default

0 3 0

Marcin Kuzminski - 15 years ago 2010-08-20 10:59:18
marcin@python-works.com

Changed password crypting scheme to bcrypt, added dependency for setup

3 files changed with 11 insertions and 9 deletions:

pylons_app/lib/auth.py

pylons_app/model/forms.py

setup.py

0 comments (0 inline, 0 general)

pylons_app/lib/auth.py

➞

Show inline comments

@@ @@ -30,7 +30,7 @@ from pylons_app.model import meta @@
 from pylons_app.model.db import User, RepoToPerm, Repository, Permission
 from sqlalchemy.exc import OperationalError
 from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound
-import hashlib
+import bcrypt
 from decorator import decorator
 import logging
@@ @@ -39,9 +39,11 @@ log = logging.getLogger(__name__) @@
 def get_crypt_password(password):
     """Cryptographic function used for password hashing based on sha1
     @param password: password to hash
     """
     hashed = hashlib.sha1(password).hexdigest()
     return hashed[3:] + hashed[:3]
     """
     return bcrypt.hashpw(password, bcrypt.gensalt(10))
 def check_password(password, hashed):
     return bcrypt.hashpw(password, hashed) == hashed
 @cache_region('super_short_term', 'cached_user')
 def get_user_cached(username):
@@ @@ -53,7 +55,6 @@ def get_user_cached(username): @@
     return user
 def authfunc(environ, username, password):
     password_crypt = get_crypt_password(password)
     try:
         user = get_user_cached(username)
     except (NoResultFound, MultipleResultsFound, OperationalError) as e:
@@ @@ -62,7 +63,7 @@ def authfunc(environ, username, password @@
     if user:
         if user.active:
-            if user.username == username and user.password == password_crypt:
+            if user.username == username and check_password(password, user.password):
                 log.info('user %s authenticated correctly', username)
                 return True
         else:

pylons_app/model/forms.py

➞

Show inline comments

@@ @@ -24,7 +24,7 @@ from formencode.validators import Unicod @@
     Email, Bool, StringBoolean
 from pylons import session
 from pylons.i18n.translation import _
-from pylons_app.lib.auth import get_crypt_password
+from pylons_app.lib.auth import check_password
 from pylons_app.model import meta
 from pylons_app.model.db import User, Repository
 from sqlalchemy.exc import OperationalError
@@ @@ -94,7 +94,7 @@ class ValidAuth(formencode.validators.Fa @@
     def validate_python(self, value, state):
         sa = meta.Session
-        crypted_passwd = get_crypt_password(value['password'])
+        password = value['password']
         username = value['username']
         try:
             user = sa.query(User).filter(User.username == username).one()
@@ @@ -106,7 +106,7 @@ class ValidAuth(formencode.validators.Fa @@
                                      error_dict=self.e_dict)
         if user:
             if user.active:
-                if user.username == username and user.password == crypted_passwd:
+                if user.username == username and check_password(password, user.password):
                     from pylons_app.lib.auth import AuthUser
                     auth_user = AuthUser()
                     auth_user.username = username

setup.py

➞

Show inline comments

@@ @@ -24,6 +24,7 @@ setup( @@
         "mercurial>=1.6",
         "pysqlite",
         "whoosh>=1.0.0b5",
         "py-bcrypt",
     ],
     setup_requires=["PasteScript>=1.6.3"],
     packages=find_packages(exclude=['ez_setup']),

0 comments (0 inline, 0 general)