Ejemplo n.º 1
0
    def test_06_hash_pepper(self):
        h = hash_with_pepper("superPassword")
        self.assertTrue("$pbkdf2" in h, h)

        r = verify_with_pepper(h, "superPassword")
        self.assertEqual(r, True)

        r = verify_with_pepper(h, "super Password")
        self.assertEqual(r, False)
Ejemplo n.º 2
0
    def test_06_hash_pepper(self):
        h = hash_with_pepper("superPassword")
        self.assertTrue("$pbkdf2"in h, h)

        r = verify_with_pepper(h, "superPassword")
        self.assertEqual(r, True)

        r = verify_with_pepper(h, "super Password")
        self.assertEqual(r, False)
Ejemplo n.º 3
0
def check_recoverycode(user, recoverycode):
    """
    Check if the given recovery code is a valid recovery code for this user

    :param user: User, who wants to reset his password.
    :type user: User object
    :param recoverycode: The recovery code
    :type recoverycode: str
    :return: True is code was correct
    """
    recoverycode_valid = False
    # delete old entries
    r = PasswordReset.query.filter(and_(PasswordReset.expiration <
                                      datetime.now())).delete()
    log.debug("{0!s} old password recoverycodes deleted.".format(r))
    sql_query = PasswordReset.query.filter(and_(PasswordReset.username ==
                                            user.login,
                                                PasswordReset.realm
                                                == user.realm))
    for pwr in sql_query:
        if verify_with_pepper(pwr.recoverycode, recoverycode):
            recoverycode_valid = True
            log.debug(u"Found valid recoverycode for user {0!r}".format(user))
            # Delete the recovery code, so that it can only be used once!
            r = pwr.delete()
            log.debug("{0!s} used password recoverycode deleted.".format(r))

    return recoverycode_valid
Ejemplo n.º 4
0
def check_recoverycode(user, recoverycode):
    """
    Check if the given recovery code is a valid recovery code for this user

    :param user: User, who wants to reset his password.
    :type user: User object
    :param recoverycode: The recovery code
    :type recoverycode: basestring
    :return: True is code was correct
    """
    recoverycode_valid = False
    # delete old entries
    r = PasswordReset.query.filter(and_(PasswordReset.expiration <
                                      datetime.now())).delete()
    log.debug("{0!s} old password recoverycodes deleted.".format(r))
    sql_query = PasswordReset.query.filter(and_(PasswordReset.username ==
                                            user.login,
                                                PasswordReset.realm
                                                == user.realm))
    for pwr in sql_query:
        if verify_with_pepper(pwr.recoverycode, recoverycode):
            recoverycode_valid = True
            log.debug("Found valid recoverycode for user {0!r}".format(user))
            # Delete the recovery code, so that it can only be used once!
            r = pwr.delete()
            log.debug("{0!s} used password recoverycode deleted.".format(r))

    return recoverycode_valid
Ejemplo n.º 5
0
def verify_db_admin(username, password):
    """
    This function is used to verify the username and the password against the
    database table "Admin".
    :param username: The administrator username
    :param password: The password
    :return: True if password is correct for the admin
    :rtype: bool
    """
    success = False
    qa = Admin.query.filter(Admin.username == username).first()
    if qa:
        success = verify_with_pepper(qa.password, password)

    return success
Ejemplo n.º 6
0
 def test_06_test_old_passwords(self):
     phash = passlib.hash.pbkdf2_sha512.hash(
         current_app.config.get("PI_PEPPER", "") + "test")
     self.assertTrue(phash.startswith("$pbkdf2"))
     r = verify_with_pepper(phash, "test")
     self.assertTrue(r)