log.debug("User {0} does not exist".format(username)) return False except Exception, e: raise match = False # Is this a plain-text password in the database?!? OK, we'll do this ... if not pwhash.startswith('PBKDF2$'): match = pwhash == password log.debug('Plain-text password (bah!) match for %s (%s)' % (username, match)) else: match = hp.check_hash(password, pwhash) log.debug('Hash match for %s (%s): %s' % (username, pwhash, match)) if match == True and apns_token is not None: tstamp = time.strftime('%Y-%m-%d %H:%M:%S', time.gmtime()) try: q = User.update(token=apns_token, tstamp=tstamp).where(User.username == username) q.execute() log.info("Token {0} updated for username={1}".format( apns_token, username)) except Exception, e: log.error("Cannot update User {0} with token {1}: {2}".format( username, apns_token, str(e))) log.info("Password for username={0} was accepted".format(username)) return match
try: u = User.get(User.username == username) pwhash = u.pwhash except User.DoesNotExist: log.debug("User {0} does not exist".format(username)) return False except Exception, e: raise match = False # Is this a plain-text password in the database?!? OK, we'll do this ... if not pwhash.startswith('PBKDF2$'): match = pwhash == password log.debug('Plain-text password (bah!) match for %s (%s)' % (username, match)) else: match = hp.check_hash(password, pwhash) log.debug('Hash match for %s (%s): %s' % (username, pwhash, match)) if match == True and apns_token is not None: tstamp = time.strftime('%Y-%m-%d %H:%M:%S', time.gmtime()) try: q = User.update(token = apns_token, tstamp = tstamp).where(User.username == username) q.execute() log.info("Token {0} updated for username={1}".format(apns_token, username)) except Exception, e: log.error("Cannot update User {0} with token {1}: {2}".format(username, apns_token, str(e))) log.info("Password for username={0} was accepted".format(username)) return match