def requestAvatarId(self, loginCredentials):
"""
Attempts to authenticate with the given credentials, producing a
token.
:param loginCredentials: The credentials being used to log in: a user
identifier, and the user's password.
:type loginCredentials: ``twisted.cred.credentials.IUsernamePassword``
:returns: A deferred token value, for which there will be a matching
token in the user's store.
:rtype: ``Deferred str``
"""
identifier = loginCredentials.username
lockDirectory = directory.IWriteLockDirectory(self.store)
try:
lock = yield lockDirectory.acquire(["users", identifier])
except directory.AlreadyAcquiredException:
pass # TODO: do something useful here
except exceptions.NoSuchStoreException:
log.msg("unknown user identifier: {0}".format(identifier))
raise UnauthorizedLogin("Unknown user identifier")
storedCredentials = IUsernameHashedPassword(lock.store)
if (yield storedCredentials.checkPassword(loginCredentials.password)):
defer.returnValue(identifier)
else:
raise UnauthorizedLogin("Wrong password")
def test_interface(self):
"""
L{CramMD5Credentials} implements the L{IUsernameHashedPassword}
interface.
"""
self.assertTrue(
IUsernameHashedPassword.implementedBy(CramMD5Credentials))
def test_interface(self):
"""
L{CramMD5Credentials} implements the L{IUsernameHashedPassword}
interface.
"""
self.assertTrue(
IUsernameHashedPassword.implementedBy(CramMD5Credentials))
def requestAvatarId(self, credentials):
try:
username, domain = credentials.username.split('@', 1)
except ValueError:
self.failedLogins += 1
raise MissingDomainPart(credentials.username)
username = unicode(username)
domain = unicode(domain)
acct = self.accountByAddress(username, domain)
if acct is not None:
# Awful hack
if isinstance(credentials, Preauthenticated):
return acct.storeID
elif IUsernameHashedPassword.providedBy(credentials):
warnings.warn(
'Authenticating IUsernameHashedPassword credentials with '
'axiom.userbase is deprecated; use IUsernamePassword '
'instead', DeprecationWarning)
if credentials.checkPassword(acct.password):
return acct.storeID
else:
self.failedLogins += 1
raise BadCredentials()
else:
if unicode(credentials.password) == acct.password:
return succeed(acct.storeID)
else:
self.failedLogins += 1
return fail(BadCredentials())
self.failedLogins += 1
raise NoSuchUser(credentials.username)
def requestAvatarId(self, credentials):
passwordSecure = IUsernameHashedPassword(credentials, None) is not None
# ^ need to do something with this. security warning perhaps?
try:
username, domain = credentials.username.split('@', 1)
except ValueError:
self.failedLogins += 1
raise MissingDomainPart(credentials.username)
username = unicode(username)
domain = unicode(domain)
acct = self.accountByAddress(username, domain)
if acct is not None:
if IPreauthCredentials.providedBy(credentials):
return acct.storeID
else:
password = acct.password
if credentials.checkPassword(password):
return acct.storeID
else:
self.failedLogins += 1
raise BadCredentials()
self.failedLogins += 1
raise NoSuchUser(credentials.username)
def _auth(self, result, credentials):
if not result:
# Username not found in db
return defer.fail(
error.UnauthorizedLogin('Username or Password mismatch'))
else:
id = result.id
password = result.password
if IUsernameHashedPassword.providedBy(credentials):
if credentials.checkPassword(password):
return defer.succeed(id)
else:
return defer.fail(
error.UnauthorizedLogin('Username or Password mismatch'))
elif IUsernamePassword.providedBy(credentials):
m = hashlib.md5()
m.update(credentials.password)
#if password==m.hexdigest():
if password == credentials.password:
from goliat.session.usermanager import UserManager
if not UserManager().exists(id):
return defer.succeed(id)
else:
return defer.succeed(id)
#return defer.fail(
# error.LoginFailed('Already Logged'))
else:
return defer.fail(
error.UnauthorizedLogin('Username or Password mismatch'))
else:
# Wooops!
return defer.fail(
error.UnhandledCredentials(
'Revise the protocol configuration'))
def requestAvatarId(self, credentials):
for interface in self.credentialInterfaces:
if interface.providedBy(credentials):
break
else:
raise error.UnhandledCredentials()
try:
result = yield getUser(credentials.username)
except:
msg = "Database Error"
raise error.UnhandledCredentials(msg)
result = list(result)
if not len(result):
raise error.UnauthorizedLogin("Username not found.")
else:
password = result[0].password
if IUsernameHashedPassword.providedBy(credentials):
if credentials.checkPassword(password):
defer.returnValue(result[0])
else:
raise error.UnauthorizedLogin("Password mismatch.")
elif IUsernamePassword.providedBy(credentials):
if password == credentials.password:
defer.returnValue(result[0])
else:
raise error.UnauthorizedLogin("Password mismatch.")
else:
raise error.UnhandledCredentials()
def _auth(self, result, credentials):
if not result:
# Username not found in db
return defer.fail(
error.UnauthorizedLogin('Username or Password mismatch'))
else:
id=result.id
password=result.password
if IUsernameHashedPassword.providedBy(credentials):
if credentials.checkPassword(password):
return defer.succeed(id)
else:
return defer.fail(
error.UnauthorizedLogin('Username or Password mismatch'))
elif IUsernamePassword.providedBy(credentials):
m=hashlib.md5()
m.update(credentials.password)
#if password==m.hexdigest():
if password==credentials.password:
from goliat.session.usermanager import UserManager
if not UserManager().exists(id):
return defer.succeed(id)
else:
return defer.succeed(id)
#return defer.fail(
# error.LoginFailed('Already Logged'))
else:
return defer.fail(
error.UnauthorizedLogin('Username or Password mismatch'))
else:
# Wooops!
return defer.fail(
error.UnhandledCredentials('Revise the protocol configuration'))
def test_interface(self):
"""
L{UsernameHashedPassword} implements L{IUsernameHashedPassword}.
"""
UsernameHashedPassword = self.getDeprecatedModuleAttribute(
'twisted.cred.credentials', 'UsernameHashedPassword', _uhpVersion)
self.assertTrue(
IUsernameHashedPassword.implementedBy(UsernameHashedPassword))
def _cbAuthenticate(self, result, credentials, deferred):
"""
Checks to see if authentication was good. Called once the info has
been retrieved from the DB.
"""
if len(result) == 0:
# Username not found in db
deferred.errback(error.UnauthorizedLogin('Username unknown'))
else:
username, password = result[0]
if self.customCheckFunc:
# Let the owner do the checking
if self.customCheckFunc(
username, credentials.password, password):
deferred.callback(credentials.username)
else:
deferred.errback(
error.UnauthorizedLogin('Password mismatch'))
else:
# It's up to us or the credentials object to do the checking
# now
if IUsernameHashedPassword.providedBy(credentials):
# Let the hashed password checker do the checking
if credentials.checkPassword(password):
deferred.callback(credentials.username)
else:
deferred.errback(
error.UnauthorizedLogin('Password mismatch'))
elif IUsernamePassword.providedBy(credentials):
# Compare the passwords, deciging whether or not to use
# case sensitivity
if self.caseSensitivePasswords:
passOk = (
password.lower() == credentials.password.lower())
else:
passOk = password == credentials.password
# See if they match
if passOk:
deferred.callback(credentials.username)
else:
deferred.errback(
error.UnauthorizedLogin('Password mismatch'))
else:
# OK, we don't know how to check this
deferred.errback(error.UnhandledCredentials())
def _cbAuthenticate(self, result, credentials, deferred):
"""
Checks to see if authentication was good. Called once the info has
been retrieved from the DB.
"""
if len(result) == 0:
# Username not found in db
deferred.errback(error.UnauthorizedLogin('Username unknown'))
else:
username, password = result[0]
if self.customCheckFunc:
# Let the owner do the checking
if self.customCheckFunc(username, credentials.password,
password):
deferred.callback(credentials.username)
else:
deferred.errback(
error.UnauthorizedLogin('Password mismatch'))
else:
# It's up to us or the credentials object to do the checking
# now
if IUsernameHashedPassword.providedBy(credentials):
# Let the hashed password checker do the checking
if credentials.checkPassword(password):
deferred.callback(credentials.username)
else:
deferred.errback(
error.UnauthorizedLogin('Password mismatch'))
elif IUsernamePassword.providedBy(credentials):
# Compare the passwords, deciging whether or not to use
# case sensitivity
if self.caseSensitivePasswords:
passOk = (
password.lower() == credentials.password.lower())
else:
passOk = password == credentials.password
# See if they match
if passOk:
deferred.callback(credentials.username)
else:
deferred.errback(
error.UnauthorizedLogin('Password mismatch'))
else:
# OK, we don't know how to check this
deferred.errback(error.UnhandledCredentials())
def test_interface(self):
"""
L{UsernameHashedPassword} implements L{IUsernameHashedPassword}.
"""
self.assertTrue(
IUsernameHashedPassword.implementedBy(UsernameHashedPassword))
def test_interface(self):
"""
L{UsernameHashedPassword} implements L{IUsernameHashedPassword}.
"""
self.assertTrue(
IUsernameHashedPassword.implementedBy(UsernameHashedPassword))
