def validate_userpass(username, password, storage):
    # This function uses the internal authenticator to identify the user
    # You can overload this to pass username/password to an LDAP server for exemple
    if config.auth.internal.enabled and username and password:
        user = storage.user.get(username)
        if user:
            if verify_password(password, user.password):
                return username, ["R", "W", "E"]

        raise AuthenticationException("Wrong username or password")

    return None, None
Beispiel #2
0
def validate_apikey(username, apikey, storage):
    # This function identifies the user via the internal API key functionality
    #   NOTE: It is not recommended to overload this function but you can still do it
    if config.auth.allow_apikeys and apikey:
        user_data = storage.user.get(username)
        if user_data:
            name, apikey_password = apikey.split(":", 1)
            key = user_data.apikeys.get(name, None)
            if key is not None:
                if verify_password(apikey_password, key.password):
                    return username, key.acl

        raise AuthenticationException("Invalid apikey")

    return None, None
def test_security():
    passwd = get_random_password()
    p_hash = get_password_hash(passwd)
    assert verify_password(passwd, p_hash)