Esempio n. 1
0
 def get_password_hash(self, password_hash, one_time_salt, data=None):
     password_hash = crypto.hash(
         crypto.from_string(password_hash),
         crypto.from_string(one_time_salt),
     )
     if data is not None:
         password_hash = crypto.hash(data, password_hash)
     return crypto.to_string(password_hash)
Esempio n. 2
0
 def authenticate(self, request, user, salt, one_time_salt, password_hash, data=None):
     password = crypto.parse_password(user.password)
     try:
         session_one_time_salt = request.session['one_time_salt']
     except KeyError:
         return
     if crypto.from_string(session_one_time_salt) == one_time_salt and password['salt'] == salt:
         valid_password_hash = crypto.hash(password['hash'], one_time_salt)
         if data:
             valid_password_hash = crypto.hash(data, valid_password_hash)
         if crypto.constant_time_compare(valid_password_hash, password_hash):
             request.user = user
             return user
Esempio n. 3
0
 def authenticate(self,
                  request,
                  user,
                  salt,
                  one_time_salt,
                  password_hash,
                  data=None):
     password = crypto.parse_password(user.password)
     try:
         session_one_time_salt = request.session['one_time_salt']
     except KeyError:
         return
     if crypto.from_string(session_one_time_salt
                           ) == one_time_salt and password['salt'] == salt:
         valid_password_hash = crypto.hash(password['hash'], one_time_salt)
         if data:
             valid_password_hash = crypto.hash(data, valid_password_hash)
         if crypto.constant_time_compare(valid_password_hash,
                                         password_hash):
             request.user = user
             return user
Esempio n. 4
0
 def assertSalt(self, salt, previous_salt=None):
     salt = crypto.from_string(salt)
     self.assertEqual(len(salt), crypto.SALT_BITS_COUNT / 8)
     if previous_salt is not None:
         previous_salt = crypto.from_string(previous_salt)
         self.assertNotEqual(salt, previous_salt)