def _validate_password(self, data, password):
"""
Check user password.
This is a private method and should not be used by clients.
:param data: dict with user data (from storage)
:param password: password to verify [unicode]
:rtype: 2 tuple (bool, bool)
:returns: password is valid, enc_password changed
"""
pw_hash = data[ENC_PASSWORD]
# If we have no password set, we don't accept login with username.
# Require non-empty password.
if not pw_hash or not password:
return False, False
# check the password against the password hash
if not valid_password(password, pw_hash):
return False, False
new_pw_hash = upgrade_password(password, pw_hash)
if not new_pw_hash:
return True, False
data[ENC_PASSWORD] = new_pw_hash
return True, True
def testupgradepassword(self):
""" return new password hash with better hash """
result = crypto.upgrade_password(u'MoinMoin', "junk_hash")
assert result.startswith('{SSHA256}')