def get_password_hash(self, password_hash, one_time_salt, data=None):
password_hash = crypto.hash(
crypto.from_string(password_hash),
crypto.from_string(one_time_salt),
)
if data is not None:
password_hash = crypto.hash(data, password_hash)
return crypto.to_string(password_hash)
def authenticate(self, request, user, salt, one_time_salt, password_hash, data=None):
password = crypto.parse_password(user.password)
try:
session_one_time_salt = request.session['one_time_salt']
except KeyError:
return
if crypto.from_string(session_one_time_salt) == one_time_salt and password['salt'] == salt:
valid_password_hash = crypto.hash(password['hash'], one_time_salt)
if data:
valid_password_hash = crypto.hash(data, valid_password_hash)
if crypto.constant_time_compare(valid_password_hash, password_hash):
request.user = user
return user
def authenticate(self,
request,
user,
salt,
one_time_salt,
password_hash,
data=None):
password = crypto.parse_password(user.password)
try:
session_one_time_salt = request.session['one_time_salt']
except KeyError:
return
if crypto.from_string(session_one_time_salt
) == one_time_salt and password['salt'] == salt:
valid_password_hash = crypto.hash(password['hash'], one_time_salt)
if data:
valid_password_hash = crypto.hash(data, valid_password_hash)
if crypto.constant_time_compare(valid_password_hash,
password_hash):
request.user = user
return user
def assertSalt(self, salt, previous_salt=None):
salt = crypto.from_string(salt)
self.assertEqual(len(salt), crypto.SALT_BITS_COUNT / 8)
if previous_salt is not None:
previous_salt = crypto.from_string(previous_salt)
self.assertNotEqual(salt, previous_salt)