def checkPassword(user, password): # First try their local password if user.password and user.password == User.crypt(user.username, password): return True # Then try Kerberos if possible if settings.kerberosRealm: try: import kerberos try: if kerberos.checkPassword(user.username, password, '', settings.kerberosRealm): return True except (kerberos.KrbError, kerberos.BasicAuthError): pass except ImportError: pass return False
def resetUserPasswordPost(handler, username, key, p_newPassword, p_newPassword2):
handler.title('Reset password')
user = User.load(username = username)
if not user:
ErrorBox.die('User', "No user named <b>%s</b>" % stripTags(username))
if user != handler.session['user'] and (not user.resetkey or user.resetkey != key):
ErrorBox.die('Key', "Incorrect reset key")
if p_newPassword != p_newPassword2:
ErrorBox.die('Password', "New password mismatch")
user.password = User.crypt(user.username, p_newPassword)
user.hotpKey = ''
user.resetkey = None
user.save()
print SuccessBox('Password changed', "Your password has been reset; you can <a href=\"/login\">login</a> now")
Event.passwordReset(handler, user)
