def _gotValidateQueryResults(self, rows, pw): """Callback to process successful retrieval of user info from database Arguments: - `rows`: Results - `pw`: Password from the user Returns: - `(userid, sid)`: if the password is correct, false otherwise """ if rows: userid, password, salt = rows[0] hsh_pw = hashlib.sha1(pw+salt).hexdigest() if password == hsh_pw: # Generating a random session cookie sid = auth_lib.rand_string(20) self.sessions[userid] = sid def sessionTimeout(): del self.sessions[userid] d = task.deferLater(reactor, self.timeout, sessionTimeout) # Additional debugging information def timedOut(*args): print "%d: The session for user %d has expired" % (time.time(), userid) d.addCallback(timedOut) print "uid %d logged in" % userid return (userid, sid) else: print "Wrong password for uid %d" % userid return False # wrong password else: print "No such user" return False # No such user
def xmlrpc_createUser(self, username, passwd, fname, lname): """Adds a user named `username` to the database, with the hashed password `passwd`, first name `fname`, last name `lname` Arguments: - `username`: username to add - `passwd`: Password for new user - `fname`: First name - `lname`: Last name Returns: - True on successful insertion, False otherwise """ salt = auth_lib.rand_string(10) return self.dbconn.runOperation( "INSERT INTO user (username, password, firstname, lastname, salt) VALUES (?, ?, ?, ?, ?)" , (username, hashlib.sha1(passwd+salt).hexdigest(), fname, lname, salt)).addCallback( self._addedUser).addErrback(self._anError)