def _populate(self, app):
from zope.password.password import SSHAPasswordManager
pwd_mgr = SSHAPasswordManager()
encoded = pwd_mgr.encodePassword('password')
cartouche = app.cartouche = FauxCartouche()
cartouche.by_uuid['UUID'] = Dummy(uuid='UUID', password=encoded)
cartouche.by_login['login'] = '******'
def sendGeneratedPassword(request, uuid, confirmed):
record = confirmed.get(uuid)
if record is None:
raise KeyError
pwd_mgr = SSHAPasswordManager()
generator = request.registry.queryUtility(IPasswordGenerator,
default=randomPassword)
new_password = generator()
encoded = pwd_mgr.encodePassword(new_password)
confirmed.set(uuid,
email=record.email,
login=record.login,
password=encoded,
security_question=record.security_question,
security_answer=record.security_answer,
token=record.token,
)
from_addr = request.registry.settings['cartouche.from_addr']
delivery = request.registry.queryUtility(IMailDelivery,
default=localhost_mta)
login_url = view_url(request.context, request, 'login_url', 'login.html')
body = PASSWORD_EMAIL % {'password': new_password, 'login_url': login_url}
message = Message()
message['Subject'] = 'Your new site password'
message.set_payload(body)
delivery.send(from_addr, [record.email], message)
def _populate(self, app):
from zope.password.password import SSHAPasswordManager
pwd_mgr = SSHAPasswordManager()
encoded = pwd_mgr.encodePassword('password')
cartouche = app.cartouche = FauxCartouche()
cartouche.by_uuid['UUID'] = Dummy(uuid='UUID', password=encoded)
cartouche.by_login['login'] = '******'
def sendGeneratedPassword(request, uuid, confirmed):
record = confirmed.get(uuid)
if record is None:
raise KeyError
pwd_mgr = SSHAPasswordManager()
generator = request.registry.queryUtility(IPasswordGenerator,
default=randomPassword)
new_password = generator()
encoded = pwd_mgr.encodePassword(new_password)
confirmed.set(
uuid,
email=record.email,
login=record.login,
password=encoded,
security_question=record.security_question,
security_answer=record.security_answer,
token=record.token,
)
from_addr = request.registry.settings['cartouche.from_addr']
delivery = request.registry.queryUtility(IMailDelivery,
default=localhost_mta)
login_url = view_url(request.context, request, 'login_url', 'login.html')
body = PASSWORD_EMAIL % {'password': new_password, 'login_url': login_url}
message = Message()
message['Subject'] = 'Your new site password'
message.set_payload(body)
delivery.send(from_addr, [record.email], message)
def edit_account_view(context, request):
confirmed = request.registry.queryAdapter(context, IRegistrations,
name='confirmed')
if confirmed is None: #pragma NO COVERAGE
confirmed = ConfirmedRegistrations(context)
identity = request.environ.get('repoze.who.identity')
if identity is None:
return HTTPUnauthorized()
userid = identity['repoze.who.userid']
account_info = confirmed.get(userid)
if account_info is None:
return HTTPForbidden()
appstruct = {'login_name': account_info.login,
'email': account_info.email,
'security': {'question': account_info.security_question or '',
'answer': account_info.security_answer or '',
},
}
schema = EditAccount().bind(current_login_name=account_info.login,
confirmed=confirmed,
old_password=account_info.password)
form = Form(schema, buttons=('update',))
rendered_form = form.render(appstruct)
if 'update' in request.POST:
try:
appstruct = form.validate(request.POST.items())
except ValidationFailure as e:
rendered_form = e.render()
else:
login = appstruct['login_name']
email = appstruct['email']
pwd_mgr = SSHAPasswordManager()
password = pwd_mgr.encodePassword(appstruct['password'])
security_question = appstruct['security']['question']
security_answer = appstruct['security']['answer']
confirmed.set(userid,
email=email,
login=login,
password=password,
security_question=security_question,
security_answer=security_answer,
)
return HTTPFound(
location=view_url(context, request,
'after_edit_url',
request.view_name,
))
main_template = get_renderer('templates/main.pt')
return {'main_template': main_template.implementation(),
'rendered_form': rendered_form,
}
def edit_account_view(context, request):
confirmed = request.registry.queryAdapter(context,
IRegistrations,
name='confirmed')
if confirmed is None: #pragma NO COVERAGE
confirmed = ConfirmedRegistrations(context)
identity = request.environ.get('repoze.who.identity')
if identity is None:
return HTTPUnauthorized()
userid = identity['repoze.who.userid']
account_info = confirmed.get(userid)
if account_info is None:
return HTTPForbidden()
appstruct = {
'login_name': account_info.login,
'email': account_info.email,
'security': {
'question': account_info.security_question or '',
'answer': account_info.security_answer or '',
},
}
schema = EditAccount().bind(current_login_name=account_info.login,
confirmed=confirmed,
old_password=account_info.password)
form = Form(schema, buttons=('update', ))
rendered_form = form.render(appstruct)
if 'update' in request.POST:
try:
appstruct = form.validate(request.POST.items())
except ValidationFailure, e:
rendered_form = e.render()
else:
login = appstruct['login_name']
email = appstruct['email']
pwd_mgr = SSHAPasswordManager()
password = pwd_mgr.encodePassword(appstruct['password'])
security_question = appstruct['security']['question']
security_answer = appstruct['security']['answer']
confirmed.set(
userid,
email=email,
login=login,
password=password,
security_question=security_question,
security_answer=security_answer,
)
return HTTPFound(location=view_url(
context,
request,
'after_edit_url',
request.view_name,
))
def authenticate(self, environ, identity):
try:
login = identity['login']
password = identity['password']
except KeyError:
return None
pwd_mgr = SSHAPasswordManager()
record = FauxConfirmedRegistrations(None).get_by_login(login)
if (record is not None and
pwd_mgr.checkPassword(record.password, password)):
return record.uuid
def authenticate(self, environ, identity):
try:
login = identity['login']
password = identity['password']
except KeyError:
return None
pwd_mgr = SSHAPasswordManager()
record = FauxConfirmedRegistrations(None).get_by_login(login)
if (record is not None and
pwd_mgr.checkPassword(record.password, password)):
return record.uuid
def do_login(self, **data):
login = Login()
self.applyData(login, **data)
principals = IOAuthPrincipalSource(grok.getApplication())
account = principals.find(login=login.login, domain=principals.domain)
if account: # check password, and authenticate if match
from zope.password.password import SSHAPasswordManager
mgr = SSHAPasswordManager()
if mgr.checkPassword(account.secret, login.secret):
session = ISession(self.request)['OAuth2']
session['principal'] = account # Found the principal
def test_POST_w_password_match_w_after_edit_url(self):
from webob.exc import HTTPFound
from webob.multidict import MultiDict
from zope.password.password import SSHAPasswordManager
AFTER = '/'
OLD_EMAIL = '*****@*****.**'
NEW_EMAIL = '*****@*****.**'
ENVIRON = {'repoze.who.identity': {'repoze.who.userid': 'UUID'}}
self.config.registry.settings['cartouche.after_edit_url'] = AFTER
pwd_mgr = SSHAPasswordManager()
encoded = pwd_mgr.encodePassword('old_password')
by_uuid, by_login, by_email = self._registerConfirmed()
by_uuid['UUID'] = Dummy(login='******',
email=OLD_EMAIL,
password=encoded,
security_question='borncity',
security_answer='FXBG')
by_email[OLD_EMAIL] = by_login['before'] = 'UUID'
POST = MultiDict([
('login_name', 'after'),
('email', NEW_EMAIL),
('old_password', 'old_password'),
('__start__', 'password:mapping'),
('value', 'newpassword'),
('confirm', 'newpassword'),
('__end__', 'password:mapping'),
('__start__', 'security:mapping'),
('question', 'petname'),
('answer', 'Fido'),
('__end__', 'security:mapping'),
('update', ''),
])
request = self._makeRequest(POST=POST,
environ=ENVIRON,
view_name='edit_account.html')
response = self._callFUT(request=request)
self.failUnless(isinstance(response, HTTPFound))
self.assertEqual(response.location, 'http://example.com/')
new_record = by_uuid['UUID']
self.assertEqual(new_record.login, 'after')
self.failUnless(
pwd_mgr.checkPassword(new_record.password, 'newpassword'))
self.assertEqual(new_record.security_question, 'petname')
self.assertEqual(new_record.security_answer, 'Fido')
self.failIf(OLD_EMAIL in by_email)
self.assertEqual(by_email[NEW_EMAIL], 'UUID')
self.failIf('before' in by_login)
self.assertEqual(by_login['after'], 'UUID')
def test_hit_w_password_utility(self):
import re
from repoze.sendmail.interfaces import IMailDelivery
from zope.password.password import SSHAPasswordManager
from cartouche.interfaces import IPasswordGenerator
GENERATED = re.compile(r'Your new password is:\s+(?P<password>[^\s]+)',
re.MULTILINE)
FROM_EMAIL = '*****@*****.**'
TO_EMAIL = '*****@*****.**'
def _password():
return 'PASSWORD'
self.config.registry.registerUtility(_password, IPasswordGenerator)
self.config.registry.settings['cartouche.from_addr'] = FROM_EMAIL
delivery = DummyMailer()
self.config.registry.registerUtility(delivery, IMailDelivery)
confirmed = DummyConfirmed()
confirmed.set(
'UUID',
email=TO_EMAIL,
login='******',
password='******',
security_question='question',
security_answer='answer',
token=None,
)
self._callFUT(userid='UUID', confirmed=confirmed)
record = confirmed.get('UUID')
self.assertEqual(record.uuid, 'UUID')
self.assertEqual(record.email, TO_EMAIL)
self.assertEqual(record.login, 'phred')
password = record.password
self.assertNotEqual(password, 'old_password')
self.failUnless(password.startswith('{SSHA}'))
self.assertEqual(record.security_question, 'question')
self.assertEqual(record.security_answer, 'answer')
self.assertEqual(record.token, None)
login_url = 'http://example.com/login.html'
self.assertEqual(delivery._sent[0], FROM_EMAIL)
self.assertEqual(list(delivery._sent[1]), [TO_EMAIL])
payload = delivery._sent[2].get_payload()
self.failUnless(login_url in payload)
found = GENERATED.search(payload)
generated = found.group('password')
self.assertEqual(generated, 'PASSWORD')
pwd_mgr = SSHAPasswordManager()
self.failUnless(pwd_mgr.checkPassword(password, generated))
def test_POST_w_password_match_w_after_edit_url(self):
from webob.exc import HTTPFound
from webob.multidict import MultiDict
from zope.password.password import SSHAPasswordManager
AFTER = '/'
OLD_EMAIL = '*****@*****.**'
NEW_EMAIL = '*****@*****.**'
ENVIRON = {'repoze.who.identity': {'repoze.who.userid': 'UUID'}}
self.config.registry.settings['cartouche.after_edit_url'] = AFTER
pwd_mgr = SSHAPasswordManager()
encoded = pwd_mgr.encodePassword('old_password')
by_uuid, by_login, by_email = self._registerConfirmed()
by_uuid['UUID'] = Dummy(login='******',
email=OLD_EMAIL,
password=encoded,
security_question='borncity',
security_answer='FXBG')
by_email[OLD_EMAIL] = by_login['before'] = 'UUID'
POST = MultiDict([('login_name', 'after'),
('email', NEW_EMAIL),
('old_password', 'old_password'),
('__start__', 'password:mapping'),
('password', 'newpassword'),
('password-confirm', 'newpassword'),
('__end__', 'password:mapping'),
('__start__', 'security:mapping'),
('question', 'petname'),
('answer', 'Fido'),
('__end__', 'security:mapping'),
('update', ''),
])
request = self._makeRequest(POST=POST, environ=ENVIRON,
view_name='edit_account.html')
response = self._callFUT(request=request)
self.failUnless(isinstance(response, HTTPFound))
self.assertEqual(response.location, 'http://example.com/')
new_record = by_uuid['UUID']
self.assertEqual(new_record.login, 'after')
self.failUnless(pwd_mgr.checkPassword(new_record.password,
'newpassword'))
self.assertEqual(new_record.security_question, 'petname')
self.assertEqual(new_record.security_answer, 'Fido')
self.failIf(OLD_EMAIL in by_email)
self.assertEqual(by_email[NEW_EMAIL], 'UUID')
self.failIf('before' in by_login)
self.assertEqual(by_login['after'], 'UUID')
def authenticate(self, environ, identity):
login = self.get_login(identity)
password = self.get_pw(identity)
if login is None or password is None:
return
users = self.users
doc = users.find_one({'username': login})
if doc is None:
return
manager = SSHAPasswordManager()
hashed = doc.get('password')
result = manager.checkPassword(str(hashed), str(password))
if result:
return login
return None
def _registerConfirmed(self):
from zope.password.password import SSHAPasswordManager
from cartouche.interfaces import IRegistrations
pwd_mgr = SSHAPasswordManager()
encoded = pwd_mgr.encodePassword('password')
class DummyConfirmed:
def __init__(self, context):
pass
def get_by_login(self, login, default=None):
if login == 'login':
return Dummy(uuid='UUID', password=encoded)
return default
self.config.registry.registerAdapter(DummyConfirmed,
(None,), IRegistrations,
name='confirmed')
class WhoPlugin(object):
implements(IAuthenticator)
_finder = None
def __init__(self, zodb_uri):
self._zodb_uri = zodb_uri
self._pwd_mgr = SSHAPasswordManager()
def _getFinder(self):
if self._finder is None:
self._finder = PersistentApplicationFinder(self._zodb_uri, appmaker)
return self._finder
def authenticate(self, environ, identity):
""" See IAuthenticator.
"""
login = identity.get('login')
password = identity.get('password')
if login is not None and password is not None:
request = get_current_request()
context = getattr(request, 'context', None)
registry = get_current_registry()
confirmed = registry.queryAdapter(context, IRegistrations,
name='confirmed')
if confirmed is None:
if getattr(context, '_p_jar', None) is None:
context = self._getFinder()(environ)
while context.__parent__ is not None:
context = context.__parent__
confirmed = ConfirmedRegistrations(context)
record = confirmed.get_by_login(login)
if record and self._pwd_mgr.checkPassword(record.password,
password):
return record.uuid
def test_hit_wo_password_utility(self):
import re
from repoze.sendmail.interfaces import IMailDelivery
from zope.password.password import SSHAPasswordManager
GENERATED = re.compile(r'Your new password is:\s+(?P<password>[^\s]+)',
re.MULTILINE)
RANDOM_PATTERN = re.compile(r'[A-Za-z0-9]{6,8}'
'[~!@#$%^&*]'
'[A-Za-z0-9]{6,8}'
)
FROM_EMAIL = '*****@*****.**'
TO_EMAIL = '*****@*****.**'
self.config.registry.settings['cartouche.from_addr'] = FROM_EMAIL
delivery = DummyMailer()
self.config.registry.registerUtility(delivery, IMailDelivery)
confirmed = DummyConfirmed()
confirmed.set('UUID',
email=TO_EMAIL,
login='******',
password='******',
security_question='question',
security_answer='answer',
token=None,
)
self._callFUT(userid='UUID', confirmed=confirmed)
record = confirmed.get('UUID')
self.assertEqual(record.uuid, 'UUID')
self.assertEqual(record.email, TO_EMAIL)
self.assertEqual(record.login, 'phred')
password = record.password
self.assertNotEqual(password, 'old_password')
self.failUnless(password.startswith('{SSHA}'))
self.assertEqual(record.security_question, 'question')
self.assertEqual(record.security_answer, 'answer')
self.assertEqual(record.token, None)
login_url = 'http://example.com/login.html'
self.assertEqual(delivery._sent[0], FROM_EMAIL)
self.assertEqual(list(delivery._sent[1]), [TO_EMAIL])
payload = delivery._sent[2].get_payload()
self.failUnless(login_url in payload)
found = GENERATED.search(payload)
generated = found.group('password')
pwd_mgr = SSHAPasswordManager()
self.failUnless(pwd_mgr.checkPassword(password, generated))
self.failUnless(RANDOM_PATTERN.match(generated))
def test_POST_w_password_match_new_login_not_unique(self):
import re
from webob.multidict import MultiDict
from zope.password.password import SSHAPasswordManager
SUMMARY_ERROR = re.compile('<h3[^>]*>There was a problem',
re.MULTILINE)
FIELD_ERROR = re.compile('<p class="errorMsg"', re.MULTILINE)
OLD_EMAIL = '*****@*****.**'
NEW_EMAIL = '*****@*****.**'
ENVIRON = {'repoze.who.identity': {'repoze.who.userid': 'UUID'}}
pwd_mgr = SSHAPasswordManager()
encoded = pwd_mgr.encodePassword('old_password')
by_uuid, by_login, by_email = self._registerConfirmed()
by_uuid['UUID'] = Dummy(login='******',
email=OLD_EMAIL,
password=encoded,
security_question='borncity',
security_answer='FXBG')
by_email[OLD_EMAIL] = by_login['before'] = 'UUID'
by_uuid['OTHER_UUID'] = Dummy(login='******')
by_login['taken'] = 'OTHER_UUID'
POST = MultiDict([
('login_name', 'taken'),
('email', NEW_EMAIL),
('old_password', 'old_password'),
('__start__', 'password:mapping'),
('value', 'newpassword'),
('confirm', 'newpassword'),
('__end__', 'password:mapping'),
('__start__', 'security:mapping'),
('question', 'petname'),
('answer', 'Fido'),
('__end__', 'security:mapping'),
('update', ''),
])
request = self._makeRequest(POST=POST, environ=ENVIRON)
info = self._callFUT(request=request)
rendered_form = info['rendered_form']
self.failUnless(SUMMARY_ERROR.search(rendered_form))
self.failUnless(FIELD_ERROR.search(rendered_form))
self.failUnless(OLD_EMAIL in by_email)
self.failIf(NEW_EMAIL in by_email)
self.assertEqual(by_login['before'], 'UUID')
self.assertEqual(by_login['taken'], 'OTHER_UUID')
def test_POST_w_password_match_new_login_not_unique(self):
import re
from webob.multidict import MultiDict
from zope.password.password import SSHAPasswordManager
SUMMARY_ERROR = re.compile('<div class="errorMsgLbl[^>]*>'
'There was a problem', re.MULTILINE)
FIELD_ERROR = re.compile('<p class="errorMsg"', re.MULTILINE)
OLD_EMAIL = '*****@*****.**'
NEW_EMAIL = '*****@*****.**'
ENVIRON = {'repoze.who.identity': {'repoze.who.userid': 'UUID'}}
pwd_mgr = SSHAPasswordManager()
encoded = pwd_mgr.encodePassword('old_password')
by_uuid, by_login, by_email = self._registerConfirmed()
by_uuid['UUID'] = Dummy(login='******',
email=OLD_EMAIL,
password=encoded,
security_question='borncity',
security_answer='FXBG')
by_email[OLD_EMAIL] = by_login['before'] = 'UUID'
by_uuid['OTHER_UUID'] = Dummy(login='******')
by_login['taken'] = 'OTHER_UUID'
POST = MultiDict([('login_name', 'taken'),
('email', NEW_EMAIL),
('old_password', 'old_password'),
('__start__', 'password:mapping'),
('password', 'newpassword'),
('password-confirm', 'newpassword'),
('__end__', 'password:mapping'),
('__start__', 'security:mapping'),
('question', 'petname'),
('answer', 'Fido'),
('__end__', 'security:mapping'),
('update', ''),
])
request = self._makeRequest(POST=POST, environ=ENVIRON)
info = self._callFUT(request=request)
rendered_form = info['rendered_form']
self.assertTrue(SUMMARY_ERROR.search(rendered_form))
self.assertTrue(FIELD_ERROR.search(rendered_form))
self.assertTrue(OLD_EMAIL in by_email)
self.assertFalse(NEW_EMAIL in by_email)
self.assertEqual(by_login['before'], 'UUID')
self.assertEqual(by_login['taken'], 'OTHER_UUID')
def _registerConfirmed(self):
from zope.password.password import SSHAPasswordManager
from cartouche.interfaces import IRegistrations
pwd_mgr = SSHAPasswordManager()
encoded = pwd_mgr.encodePassword('password')
class DummyConfirmed:
def __init__(self, context):
pass
def get_by_login(self, login, default=None):
if login == 'login':
return Dummy(uuid='UUID', password=encoded)
return default
self.config.registry.registerAdapter(DummyConfirmed, (None, ),
IRegistrations,
name='confirmed')
def old_password_validator(node, kw):
old_password = kw.get('old_password')
if old_password is not None:
pwd_mgr = SSHAPasswordManager()
def _check(node, value):
if not pwd_mgr.checkPassword(old_password, value):
raise Invalid('Old password incorrect')
return _check
def test_GET_w_known_credentials_later_edit(self):
import re
from zope.password.password import SSHAPasswordManager
INPUT = re.compile(
'<input.* name="(?P<name>\w+)" '
'value="(?P<value>[^"]*)"', re.MULTILINE)
SELECT = re.compile('<select.* name="(?P<name>\w+)"', re.MULTILINE)
EMAIL = '*****@*****.**'
ENVIRON = {'repoze.who.identity': {'repoze.who.userid': 'UUID'}}
pwd_mgr = SSHAPasswordManager()
encoded = pwd_mgr.encodePassword('old_password')
by_uuid, by_login, by_email = self._registerConfirmed()
by_uuid['UUID'] = Dummy(
login='******',
email=EMAIL,
password=encoded,
security_question='borncity',
security_answer='FXBG',
)
by_email[EMAIL] = by_login['login'] = '******'
mtr = self.config.testing_add_template('templates/main.pt')
request = self._makeRequest(environ=ENVIRON)
info = self._callFUT(request=request)
self.failUnless(info['main_template'] is mtr.implementation())
rendered_form = info['rendered_form']
inputs = [
x for x in INPUT.findall(rendered_form) if not x[0].startswith('_')
]
self.assertEqual(inputs, [
('login_name', 'before'),
('email', EMAIL),
('old_password', ''),
('value', ''),
('confirm', ''),
('answer', 'FXBG'),
])
selects = [x for x in SELECT.findall(rendered_form)]
self.assertEqual(selects, ['question'])
def test_GET_w_known_credentials_later_edit(self):
from io import StringIO
from xml.etree import ElementTree as ET
from zope.password.password import SSHAPasswordManager
from .._compat import u
BLANK = u('')
BEFORE = u('before')
FXBG = u('FXBG')
EMAIL = u('*****@*****.**')
ENVIRON = {'repoze.who.identity': {'repoze.who.userid': 'UUID'}}
pwd_mgr = SSHAPasswordManager()
encoded = pwd_mgr.encodePassword('old_password')
by_uuid, by_login, by_email = self._registerConfirmed()
by_uuid['UUID'] = Dummy(login=BEFORE,
email=EMAIL,
password=encoded,
security_question='borncity',
security_answer=FXBG,
)
by_email[EMAIL] = by_login['login'] = '******'
mtr = self.config.testing_add_template('templates/main.pt')
request = self._makeRequest(environ=ENVIRON)
info = self._callFUT(request=request)
self.assertTrue(info['main_template'] is mtr.implementation())
rendered_form = info['rendered_form']
form_tree = ET.parse(StringIO(rendered_form))
inputs = [(x.get('name'), x.get('value'))
for x in form_tree.findall('.//input')]
inputs = [x for x in inputs if not x[0].startswith('_')]
self.assertEqual(inputs, [('login_name', BEFORE),
('email', EMAIL),
('old_password', BLANK),
('password', BLANK),
('password-confirm', BLANK),
('answer', FXBG),
])
selects = [x.get('name') for x in form_tree.findall('.//select')]
self.assertEqual(selects, ['question'])
def test_GET_w_known_credentials_later_edit(self):
import re
from zope.password.password import SSHAPasswordManager
INPUT = re.compile('<input.* name="(?P<name>[\w-]+)" '
'value="(?P<value>[^"]*)"', re.MULTILINE)
SELECT = re.compile('<select.* name="(?P<name>\w+)"', re.MULTILINE)
EMAIL = '*****@*****.**'
ENVIRON = {'repoze.who.identity': {'repoze.who.userid': 'UUID'}}
pwd_mgr = SSHAPasswordManager()
encoded = pwd_mgr.encodePassword('old_password')
by_uuid, by_login, by_email = self._registerConfirmed()
by_uuid['UUID'] = Dummy(login='******',
email=EMAIL,
password=encoded,
security_question='borncity',
security_answer='FXBG',
)
by_email[EMAIL] = by_login['login'] = '******'
mtr = self.config.testing_add_template('templates/main.pt')
request = self._makeRequest(environ=ENVIRON)
info = self._callFUT(request=request)
self.failUnless(info['main_template'] is mtr.implementation())
rendered_form = info['rendered_form']
inputs = [x for x in INPUT.findall(rendered_form)
if not x[0].startswith('_')]
self.assertEqual(inputs, [('login_name', 'before'),
('email', EMAIL),
('old_password', ''),
('password', ''),
('password-confirm', ''),
('answer', 'FXBG'),
])
selects = [x for x in SELECT.findall(rendered_form)]
self.assertEqual(selects, ['question'])
class WhoPlugin(object):
implements(IAuthenticator)
_finder = None
def __init__(self, zodb_uri):
self._zodb_uri = zodb_uri
self._pwd_mgr = SSHAPasswordManager()
def _getFinder(self):
if self._finder is None:
self._finder = PersistentApplicationFinder(self._zodb_uri,
appmaker)
return self._finder
def authenticate(self, environ, identity):
""" See IAuthenticator.
"""
login = identity.get('login')
password = identity.get('password')
if login is not None and password is not None:
request = get_current_request()
context = getattr(request, 'context', None)
registry = get_current_registry()
confirmed = registry.queryAdapter(context,
IRegistrations,
name='confirmed')
if confirmed is None:
if getattr(context, '_p_jar', None) is None:
context = self._getFinder()(environ)
while context.__parent__ is not None:
context = context.__parent__
confirmed = ConfirmedRegistrations(context)
record = confirmed.get_by_login(login)
if record and self._pwd_mgr.checkPassword(record.password,
password):
return record.uuid
def __init__(self, zodb_uri):
self._zodb_uri = zodb_uri
self._pwd_mgr = SSHAPasswordManager()
def __init__(self, zodb_uri):
self._zodb_uri = zodb_uri
self._pwd_mgr = SSHAPasswordManager()
