def authenticate(self, environ, identity):
"""
Check the given auth details and if its ok return the
userid for the given details.
See: (IAuthenticatorPlugin)
http://docs.repoze.org/who/narr.html\
#writing-an-authenticator-plugin
:returns: None indicated auth failure.
"""
from pp.user.model import user
login = identity['login']
if not login:
get_log().info(
"authenticate: No login name given <{!r}>".format(login)
)
return
#get_log().info("authenticate: %r" % login)
password = identity['password']
try:
# get_log().info(
# "authenticate: attempting to authenticate <{!r}>".format(
# login
# )
# )
user.validate_password(login, password)
except:
get_log().exception(
"Authenticate comms error for <{!r}>: ".format(login)
)
else:
get_log().info(
"authenticate: <{!r}> authenticated OK.".format(login)
)
return login
def test_validate_password(logger, mongodb):
assert user.count() == 0
assert user.dump() == []
username = u'andrés.bolívar'
display_name = u'Andrés Plácido Bolívar'
email = u'andrés.bolí[email protected]'
data = [
{
"username": "******",
"oauth_tokens": {
"googleauth": {
"request_token": "1234567890"
}
},
"display_name": "Bobby",
"phone": "12121212",
"cats": "big",
"teatime": 1,
"_id": "user-2719963b00964c01b42b5d81c998fd05",
"email": "*****@*****.**",
"password_hash": pwtools.hash_password('11amcoke')
},
{
"username": username.encode('utf-8'),
"display_name": display_name.encode('utf-8'),
"phone": "",
"_id": "user-38ed1d2903344702b30bb951916aaf1c",
"email": email.encode('utf-8'),
"password_hash": pwtools.hash_password('$admintime$')
}
]
user.load(data)
assert user.validate_password('bob.sprocket', '11amcoke') is True
assert user.validate_password('bob.sprocket', 'incorrect') is False
assert user.validate_password(username, '11amcoke') is False
assert user.validate_password(username, '$admintime$') is True
