def testvalidpassword(self):
""" validate user password """
hash_val = crypto.crypt_password(u"MoinMoin", salt='12345')
result = crypto.valid_password(u'MoinMoin', hash_val)
assert result
with pytest.raises(ValueError):
invalid_result = crypto.valid_password("MoinMoin", '{junk_value}')
def testvalidpassword2(self):
""" validate user password """
hash_val = crypto.crypt_password(u"MoinMoin")
result = crypto.valid_password('MoinMoin', hash_val)
assert result
result = crypto.valid_password('WrongPassword', hash_val)
assert not result
with pytest.raises(ValueError):
invalid_result = crypto.valid_password("MoinMoin", '{junk_value}')
def _validate_password(self, data, password):
"""
Check user password.
This is a private method and should not be used by clients.
:param data: dict with user data (from storage)
:param password: password to verify [unicode]
:rtype: 2 tuple (bool, bool)
:returns: password is valid, enc_password changed
"""
pw_hash = data[ENC_PASSWORD]
# If we have no password set, we don't accept login with username.
# Require non-empty password.
if not pw_hash or not password:
return False, False
# check the password against the password hash
if not valid_password(password, pw_hash):
return False, False
new_pw_hash = upgrade_password(password, pw_hash)
if not new_pw_hash:
return True, False
data[ENC_PASSWORD] = new_pw_hash
return True, True
