def getRealmUserPassword(self, realmname, username, environ): """ Return the password for the given username for the realm. Used for digest authentication. """ #if self.userPassword is None: # user has not generated password #return None # Ignore spaces username = username.replace(" ", "") carddav_password = CardDAV.getCardDAVLogin(username) if carddav_password is None: return [ u"", u"" ] else: return [ carddav_password.generatedPasswordHash, carddav_password.salt ]
def authDomainUser(self, realmname, username, password, environ): """ Returns True if this username/password pair is valid for the realm, False otherwise. Used for basic authentication. """ if realmname != "carddav": return False # Ignore spaces username = username.replace(" ", "") password = password.replace(" ", "") userPassword = CardDAV.getCardDAVLogin(username) if userPassword is None: return False passwordHash = md5.new(userPassword.salt + password).hexdigest() return (userPassword.generatedPasswordHash == passwordHash)