def authenticate_user(request): """ Perform django authentication on a user/password """ username = request.POST["username"] password = request.POST["password"] user = User.objects.get(username=username) # HACK: try to authenticate first with the normal password, then with the lowercase password success = check_password(password, user.password) or check_password(password.lower(), user.password) return HttpResponse(json.dumps({"result": success}))
def test_django_reference(self): "run known correct hashes through Django's check_password()" if not self.known_correct_hashes: return self.skipTest("no known correct hashes specified") from passlib.tests.test_ext_django import has_django1 if not has_django1: return self.skipTest("Django not installed") from django.contrib.auth.models import check_password for secret, hash in self.all_correct_hashes: self.assertTrue(check_password(secret, hash)) self.assertFalse(check_password('x' + secret, hash))
def edit_profile_page(request): if request.method == 'POST': form = Edit_Profile_Form(request.POST) if form.is_valid(): user = get_object_or_404(User, username=request.user) old_pwd = form.cleaned_data['password'] new_pwd = form.cleaned_data['password1'] hash_pwd = user.password if check_password(old_pwd, hash_pwd): user.set_password(new_pwd) user.first_name = form.cleaned_data['first_name'] user.last_name = form.cleaned_data['last_name'] user.save() phone_number = form.cleaned_data['phone_number'] profile = get_object_or_404(Profile, user=request.user) profile.phone_number = phone_number profile.save() return direct_to_template(request, "account/edit_profile_success.html") else: profile = get_object_or_404(Profile, user=request.user) first_name = profile.user.first_name last_name = profile.user.last_name phone_number = profile.phone_number form = Edit_Profile_Form({ 'first_name': first_name, 'last_name': last_name, 'phone_number': phone_number }) variables = RequestContext(request, {'form': form}) return render_to_response('account/edit_profile.html', variables)
def authenticate(self, username=None, password=None): try: # Load user object u = LegacyUser.objects.get(username=username) # Abort if Django should handle this if u.password.startswith('sha1$'): return None salt = u.salt # Build Django-compatible password string enc_password = '******' + u.salt + '--$' + u.password # Check password if check_password(password+'--',enc_password): # Migrate them to new passwords. u.salt = None u.save() user = self.get_user(u.id) user.set_password(password) user.save() return user except LegacyUser.DoesNotExist: return None # Operation Complete! return None
def authenticate(self, username=None, password=None): # Use our connection to the external database to authenticate the user credentials_valid = False # let's assume the worst, it's more secure that way try: # look up user in the external database, and attempt password check external_user = ExternalUser.objects.using("external_login").get(username=username) credentials_valid = check_password(password, external_user.password) except ExternalUser.DoesNotExist: external_user = None credentials_valid = False if credentials_valid: try: # look for local user, create if necessary user = User.objects.get(username=username) except User.DoesNotExist: # Create a new user. Note that we can set password # to anything, because it won't be checked; the password # from the external database will. user = User(username=username) # in fact, let's set the password to Django's proper 'unusable' one user.set_unusable_password() # TODO: copy attributes from the remote database to the local User model user.save() return user return None
def edit_profile_page(request): if request.method == "POST": form = Edit_Profile_Form(request.POST) if form.is_valid(): user = get_object_or_404(User, username=request.user) old_pwd = form.cleaned_data["password"] new_pwd = form.cleaned_data["password1"] hash_pwd = user.password if check_password(old_pwd, hash_pwd): user.set_password(new_pwd) user.first_name = form.cleaned_data["first_name"] user.last_name = form.cleaned_data["last_name"] user.save() phone_number = form.cleaned_data["phone_number"] profile = get_object_or_404(Profile, user=request.user) profile.phone_number = phone_number profile.save() return direct_to_template(request, "account/edit_profile_success.html") else: profile = get_object_or_404(Profile, user=request.user) first_name = profile.user.first_name last_name = profile.user.last_name phone_number = profile.phone_number form = Edit_Profile_Form({"first_name": first_name, "last_name": last_name, "phone_number": phone_number}) variables = RequestContext(request, {"form": form}) return render_to_response("account/edit_profile.html", variables)
def setpass(request): if not(request.user.is_authenticated()): return HttpResponseRedirect('/loggedout/') from ULogin.Uid.views import myencrypt, mydecrypt from ULogin.Uid.models import Account oldpw= request.GET.get('oldpw','') newpw= request.GET.get('pw','') pin= request.GET.get('pin','') user=request.user if not(user.check_password(oldpw)): return HttpResponse("Erpass") #return HttpResponseRedirect("/home/") from hashlib import md5 newkey = md5(newpw).hexdigest() #new V5 try: slu= SLtwo.objects.get(user=user) if not(check_password(pin,slu.pin)): return HttpResponse("Erpin") slu.enckey=sl2encrypt(newkey, md5(pin).hexdigest()) slu.save() except: #if not(pin=='Only if you have set sl2 pin' or pin=''): pass #till here accounts=Account.objects.filter(user=user) for ac in accounts: ac.password= myencrypt(mydecrypt(request.session["MKD1597"], ac.password),newkey) ac.save() request.session["MKD1597"]=newkey user.set_password(newpw) user.save() return HttpResponseRedirect('/home/')
def clean(self): cleaned_data = super(AccountEdit, self).clean() oldpassword = cleaned_data.get("oldpassword") password1 = cleaned_data.get("password1") password2 = cleaned_data.get("password2") if (len(password1) > 0 or len(password2) > 0) and len(oldpassword) == 0: self._errors['oldpassword'] = self.error_class(["Please enter old password."]) del cleaned_data['password1'] del cleaned_data['password2'] else: if len(oldpassword) > 0: if check_password(oldpassword, self._user.password): if password1 and password2: if password1 != password2: self._errors['password1'] = self.error_class(["Does not match."]) del cleaned_data['password1'] del cleaned_data['password2'] else: self._errors['password1'] = self.error_class(["Please fill both fields."]) del cleaned_data['password1'] del cleaned_data['password2'] else: self._errors['oldpassword'] = self.error_class(["Incorrect password"]) del cleaned_data['password1'] del cleaned_data['password2'] return cleaned_data
def change_password(request): user = request.user old_password = request.data['old_password'] new_password = request.data['new_password'] confirm_password = request.data['confirm_password'] if new_password != confirm_password: return Response({ "success": False, "msg": _("The new password doesn't match confirm password!") }) if not check_password(old_password, user.password): return Response({ "success": False, "msg": _("The original password is not correct!") }) user.set_password(new_password) user.save() return Response({ "success": True, "msg": _("Password has been changed! Please login in again.") })
def authenticate(self, username=None, password=None, **kw): try: #FERO: bisogna fare in questo modo perche' i campi del db non corrispondono #FERO: (askbot e' stato syncato su una versione piu' vecchia di Django?!?) gf_user_d = User.objects.using('gasistafelice').values( 'username', 'is_active', 'password', 'is_superuser').get(username=username) except User.DoesNotExist: gf_auth = None else: gf_auth = check_password(password, gf_user_d['password']) if gf_auth: try: user = User.objects.get(username=username) except User.DoesNotExist: user = User(username=username, password='******') user.is_staff = False user.is_superuser = gf_user_d['is_superuser'] user.is_active = gf_user_d['is_active'] user.save() if user.is_active: return user return None
def user_login(request): ''' 用户登录 ''' if request.method == "POST": username1 = request.POST.get('username') password1 = request.POST.get('password') print "username:"******"password:"******"*****@*****.**",password = '******') new_user.save() user = authenticate(username = username1, password = '******') login(request, user) return HttpResponseRedirect('/book/book_list/') except: return render_to_response('login/login.html', {}) else: return render_to_response('login/login.html', {})
def mobile_login(request): ''' Allow mobile devices to login through username and password and get the authentication token. Format: uid|token|projects(csv)|project_ids(csv)|type(csv)|locations(csv)|last bill or empty ''' # Get the use, pass username = request.REQUEST.get('u', False) password = request.REQUEST.get('p', False) try: # Look for the user user = User.objects.get(username=username) except: user = None # Authenticate if not (user and check_password(password, user.password)): raise Http404('Invalid username or password supplied.') organisation = Organisation.objects.get(pk=1) auth_token = AuthToken.objects.create(user=user) return HttpResponse(get_sync_data(auth_token), mimetype='text/plain')
def change_password(request, username): viewUser=get_object_or_404(User, username__exact=username) if viewUser != request.user: return HttpResponseRedirect('/flashcard/') error = 0 changed = False if request.method == "POST": oldpass = request.POST.get('oldpass') newpass1 = request.POST.get('newpass1') newpass2 = request.POST.get('newpass2') if check_password(oldpass, request.user.password): if newpass1 == newpass2: request.user.set_password(newpass1) request.user.save() changed = True else: error = 2 else: error = 1 oldpass = newpass1 = newpass2 = '' variables=RequestContext(request, { 'oldpass': oldpass, 'newpass1': newpass1, 'newpass2': newpass2, 'changed': changed, 'error': error,}) return render_to_response('account/changepassword.html', variables)
def authenticate(self, username=None, password=None, **kw): try: #FERO: bisogna fare in questo modo perche' i campi del db non corrispondono #FERO: (askbot e' stato syncato su una versione piu' vecchia di Django?!?) gf_user_d = User.objects.using('gasistafelice').values('username','is_active','password','is_superuser').get(username=username) except User.DoesNotExist: gf_auth = None else: gf_auth = check_password(password, gf_user_d['password']) if gf_auth: try: user = User.objects.get(username=username) except User.DoesNotExist: user = User(username=username, password='******') user.is_staff = False user.is_superuser = gf_user_d['is_superuser'] user.is_active = gf_user_d['is_active'] user.save() if user.is_active: return user return None
def authenticate(self, username=None, password=None): try: user = User.objects.get( Q(email= username) | Q(username= username) )#check_password(password , user.page_password) or if check_password(password , user.password): return user except : return None
def authenticate(self, username=None, password=None): #create a Django User object the first time a user authenticates login_valid = (settings.ADMIN_LOGIN == username) pwd_valid = check_password(password, settings.ADMIN_PASSWORD) if login_valid and pwd_valid: try: user = User.objects.get(username=username) if user.check_password(password): return user return None except User.DoesNotExist: # Create a new user. Note that we can set password # to anything, because it won't be checked; the password # from settings.py will. # user = User(username=username, password=make_password(password)) # user.is_staff = True # user.is_superuser = True # user.save() user = User.objects.create_user(username=username, password=password) user.is_staff = True user.is_superuser = True user.save() return user else: try: user = User.objects.get(username=username) if user.check_password(password): return user return None except User.DoesNotExist: return None
def menu(request): #How do I make a variable available to all my templates? #http://readthedocs.org/docs/django/1.2.4/faq/usage.html#how-do-i-make-a-variable-available-to-all-my-templates if request.user.is_anonymous(): return HttpResponseRedirect(settings.LOGIN_URL) else: #si és un alumne l'envio a mirar el seu informe if Group.objects.get(name='alumne') in request.user.groups.all(): return HttpResponseRedirect('/open/elMeuInforme/') #comprova que no té passwd per defecte: defaultPasswd, _ = ParametreKronowin.objects.get_or_create( nom_parametre='passwd', defaults={'valor_parametre': '1234'}) if check_password(defaultPasswd.valor_parametre, request.user.password): return HttpResponseRedirect(reverse('usuari__dades__canvi_passwd')) #si no té les dades informades: if not request.user.first_name or not request.user.last_name: return HttpResponseRedirect('/usuaris/canviDadesUsuari/') #prenc impersonate user: (user, _) = tools.getImpersonateUser(request) #si és professor ves a mostra impartir: professor = User2Professor(user) if professor is not None: return HttpResponseRedirect('/presencia/mostraImpartir/') return render_to_response('main_page.html', {}, context_instance=RequestContext(request))
def menu(request): #How do I make a variable available to all my templates? #http://readthedocs.org/docs/django/1.2.4/faq/usage.html#how-do-i-make-a-variable-available-to-all-my-templates if request.user.is_anonymous(): return HttpResponseRedirect( settings.LOGIN_URL ) else: #si és un alumne l'envio a mirar el seu informe if Group.objects.get(name='alumne') in request.user.groups.all(): return HttpResponseRedirect( '/open/elMeuInforme/') #comprova que no té passwd per defecte: defaultPasswd, _ = ParametreKronowin.objects.get_or_create( nom_parametre = 'passwd', defaults={'valor_parametre':'1234'} ) if check_password( defaultPasswd.valor_parametre, request.user.password ): return HttpResponseRedirect( reverse( 'usuari__dades__canvi_passwd' ) ) #si no té les dades informades: if not request.user.first_name or not request.user.last_name: return HttpResponseRedirect( '/usuaris/canviDadesUsuari/') #prenc impersonate user: (user, _) = tools.getImpersonateUser(request) #si és professor ves a mostra impartir: professor = User2Professor( user ) if professor is not None: return HttpResponseRedirect( '/presencia/mostraImpartir/' ) return render_to_response( 'main_page.html', { }, context_instance=RequestContext(request))
def change_password(request): user = request.user old_password = request.data['old_password'] new_password = request.data['new_password'] confirm_password = request.data['confirm_password'] if new_password != confirm_password: return Response({"success": False, "msg": _( "The new password doesn't match confirm password!")}) if not check_password(old_password, user.password): return Response({"success": False, "msg": _("The original password is not correct!")}) user.set_password(new_password) user.save() if not request.user.is_superuser or not request.user.has_perm("workflow.audit_user") or not request.user.has_perm("workflow.system_user") or not request.user.has_perm("workflow.safety_user"): try: user_keystone = UserDataCenter.objects.get(user_id=user_id) LOG.info("**** user_keystone is ***" + str(user_keystone)) username = user_keystone.keystone_user tenant_id = user_keystone.tenant_uuid change_user_keystone_passwd(username, tenant_id, new_password) except: pass return Response({"success": True, "msg": _( "Password has been changed! Please login in again.")}) return Response({"success": True, "msg": _( "Password has been changed! Please login in again.")})
def authenticate(self, username=None, password=None): try: # Try to find a user matching your username print 'inside authenticate' user = GlobalUsers.objects.get(gus_email=username, gus_isused=0) print ">>>>>>>>>>>>>>>" print user.gus_email print user.gus_password # Check the password is the reverse of the username if check_password(password, user.gus_password): # # Yes? return the Django user object return user else: # # No? return None - triggers default login print 'userid/password does not match' raise GlobalUsers.DoesNotExist # return None except GlobalUsers.DoesNotExist: # No user was found, return None - triggers default login failed # try: # print 'Looking for user in guest' # guest = TravellerDetails.objects.filter(tvl_emailid=username, tvl_isused=0)[0] # if check_password(password, guest.tvl_password): # # # Yes? return the Django user object # return guest # else: # # # No? return None - triggers default login # print 'guest userid/password does not match' # except Exception, e: # print 'User not found in guest', e return None
def clean(self): cleaned_data = super(AccountEdit, self).clean() oldpassword = cleaned_data.get("oldpassword") password1 = cleaned_data.get("password1") password2 = cleaned_data.get("password2") if (len(password1) > 0 or len(password2) > 0) and len(oldpassword) == 0: self._errors['oldpassword'] = self.error_class( ["Please enter old password."]) del cleaned_data['password1'] del cleaned_data['password2'] else: if len(oldpassword) > 0: if check_password(oldpassword, self._user.password): if password1 and password2: if password1 != password2: self._errors['password1'] = self.error_class( ["Does not match."]) del cleaned_data['password1'] del cleaned_data['password2'] else: self._errors['password1'] = self.error_class( ["Please fill both fields."]) del cleaned_data['password1'] del cleaned_data['password2'] else: self._errors['oldpassword'] = self.error_class( ["Incorrect password"]) del cleaned_data['password1'] del cleaned_data['password2'] return cleaned_data
def check_password(self, raw_password): """Checks the user's password against a provided password - always use this rather than directly comparing to :attr:`~mongoengine.django.auth.User.password` as the password is hashed before storage. """ return check_password(raw_password, self.password)
def login(request): if request.method == 'POST':#当提交表单时 form = UserForm(request.POST) if form.is_valid():#当表单合法 email = form.cleaned_data['username'] password = form.cleaned_data['password']# 获取表单 # mk = make_password(password) # ck = check_password(password, mk) # User.objects.create(username= username,password=password) usr1 = User.objects.filter(email=email) if usr1: usr = User.objects.get(email=email) else: usr = 0 if usr: ck = check_password(password, usr.password) response = HttpResponseRedirect('/firpage') response.set_cookie('username', usr.username, 3600) response.set_cookie('id', usr.id, 3600) return response else: return HttpResponse("NO USER") # return render(request, 'test.html') else: # print form.username return HttpResponse("FORM IS NOT VALID") # elif request.method == 'GET': # return render_to_response(request, 'regsucc.html') else: return render_to_response(request, 'test.html')
def _admin_pwd_changed(self, default_account): """Checks that study_admin's password has been changed.""" # If the password matches "study_admin", it hasn't been changed. if check_password('study_admin', default_account.password): return False else: return True
def _handle_auth(self, username, password): """ Handles authentication of the user. :Parameters: - `username`: the username to verify - `password`: the password to verify with the user """ logging.debug('Starting auth check') try: user = User.objects.get(username=username) logging.debug('Found username ' + str(username)) if check_password(password, user.password): self._generate_response(True) logging.info(username + ' has logged in') profile = user.get_profile() # Tunnel specific ..... if not profile.logged_in: try: profile.logged_in = True profile.save() except Exception, ex: # Couldn't update the profile ... logging.warn("Could not save profile:" + str(ex)) logging.debug('Updated ' + username + ' profile status') # End Tunnel specific else:
def check_password(self, raw_password): if self.password.split("$", 1)[0] == "sha1": # use Django's built-in password checker for SHA1-hashed passwords return check_password(raw_password, self.password) if self.password.split("$", 2)[1] == "p5k2": # use PBKDF2 password checking return self.password == crypt(raw_password, self.password)
def login(request): if request.method == 'POST': #当提交表单时 form = UserForm(request.POST) if form.is_valid(): #当表单合法 email = form.cleaned_data['username'] password = form.cleaned_data['password'] # 获取表单 # mk = make_password(password) # ck = check_password(password, mk) # User.objects.create(username= username,password=password) usr1 = User.objects.filter(email=email) if usr1: usr = User.objects.get(email=email) else: usr = 0 if usr: ck = check_password(password, usr.password) response = HttpResponseRedirect('/firpage') response.set_cookie('username', usr.username, 3600) response.set_cookie('id', usr.id, 3600) return response else: return HttpResponse("NO USER") # return render(request, 'test.html') else: # print form.username return HttpResponse("FORM IS NOT VALID") # elif request.method == 'GET': # return render_to_response(request, 'regsucc.html') else: return render_to_response(request, 'test.html')
def change_password(request): user = request.user old_password = request.data['old_password'] new_password = request.data['new_password'] confirm_password = request.data['confirm_password'] if new_password != confirm_password: return Response({"success": False, "msg": _( "The new password doesn't match confirm password!")}) if not check_password(old_password, user.password): return Response({"success": False, "msg": _("The original password is not correct!")}) user.set_password(new_password) user.save() LOG.info("************* CHANGE PASSWORD !!!!!!!!!!!!!!!!!!") if not request.user.is_superuser or not request.user.has_perm("workflow.audit_user") or not request.user.has_perm("workflow.system_user") or not request.user.has_perm("workflow.safety_user"): try: user_id = user.id user_keystone = UserDataCenter.objects.get(user_id=user_id) LOG.info("**** user_keystone is ***" + str(user_keystone)) username = user_keystone.keystone_user tenant_id = user_keystone.tenant_uuid change_user_keystone_passwd(user_id, username, tenant_id, new_password) except: raise return Response({"success": True, "msg": _( "Password has been changed! Please login in again.")})
def authenticate(self, username=None, password=None): urs = UserRegistration.objects.filter(user__username=username, clicked=True) # FIXME: cache for ur in urs: if check_password(password, ur.password): return ur.user return None
def _handle_auth(self, username, password): """ Handles authentication of the user. :Parameters: - `username`: the username to verify - `password`: the password to verify with the user """ try: # password can be the hash one when the request is initiated from django(e.g. to sync avatar and name) where the original password is unknown, # or the raw one when the request is from client logger.debug("auth for user: %s" % username) user = User.objects.get(username=username) if password == user.password or check_password(password, user.password): self._generate_response(True) logger.info(username + ' has logged in from ejabberd') elif username.startswith("weibo_"): logger.debug("verifying a weibo user") dic = {"username":username, "access_token":password} if auth.authenticate(**dic): self._generate_response(True) logger.info(username + ' has logged in from ejabberd') else: self._generate_response(False) logger.info(username + ' (a weibo user ) failed to log in from ejabberd') else: self._generate_response(False) logger.info(username + ' failed auth from ejabberd, incorrect password: %s' % password) except User.DoesNotExist: self._generate_response(False) logger.info(username + ' is not a valid user from ejabberd')
def _handle_auth(self, username, password): """ Handles authentication of the user. :Parameters: - `username`: the username to verify - `password`: the password to verify with the user """ logging.debug('Starting auth check') try: user = User.objects.get(username__iexact=username) logging.debug('Found username ' + str(username)) if check_password(password, user.password): try: self._generate_response(True) logging.info(username + ' has logged in') profile = user.get_profile() except Exception, ex: logging.warn("Could not generate response: %s" % (str(ex),)) # Tunnel specific ..... if hasattr(profile, 'logged_in'): if not profile.logged_in: try: profile.logged_in = True profile.save() except Exception, ex: # Couldn't update the profile ... logging.warn("Could not save profile:" + str(ex)) logging.debug('Updated ' + username + ' profile status')
def authenticate(self, username=None, password=None): try: # Try to find a user matching your username print 'inside authenticate' user = GlobalUsers.objects.get(gus_username=username, gus_isused=0) # Check the password is the reverse of the username if check_password(password, user.gus_password): # # Yes? return the Django user object return user else: # # No? return None - triggers default login print 'lta userid/password does not match' raise GlobalUsers.DoesNotExist # return None except GlobalUsers.DoesNotExist: # No user was found, return None - triggers default login failed # try: # print 'Looking for user in guest' # guest = TravellerDetails.objects.filter(tvl_emailid=username, tvl_isused=0)[0] # if check_password(password, guest.tvl_password): # # # Yes? return the Django user object # return guest # else: # # # No? return None - triggers default login # print 'guest userid/password does not match' # except Exception, e: # print 'User not found in guest', e return None
def authenticate(self, username=None, password=None): match = re.findall("(.*)@(.*)\.(.*)\.(.*)$", username) if match: (current_mocambola, current_mucua, current_repository, term) = match[0] # verifica se mucua e repositorio sao validos try: current_mucua = Mucua.objects.get(description=current_mucua) except Mucua.DoesNotExist: return None try: current_repository = Repository.objects.get(name=current_repository) except Repository.DoesNotExist: return None else: print "invalid address" return None # Get file from MOCAMBOLA_DIR mocambola_path = os.path.join(str(REPOSITORY_DIR), str(current_repository), str(current_mucua), MOCAMBOLA_DIR) print "Mocambola Path: " + mocambola_path for jmocambola in os.listdir(mocambola_path): if jmocambola == username + ".json": # Deserialize the customized User object mocambola_json_file = open(os.path.join(mocambola_path, jmocambola)) data = JSONParser().parse(mocambola_json_file) u = User() serializer = UserSerializer(u, data=data) if serializer.errors: logger.debug(u"%s %s" % (_("Error deserialing"), serializer.errors)) serializer.is_valid() current_user = serializer.object login_valid = username == current_user.username pwd_valid = check_password(password, current_user.password) if login_valid and pwd_valid: logger.info(u"%s %s %s" % (_("User"), current_mocambola, _("logged in"))) try: user = User.objects.get(username=username) except User.DoesNotExist: logger.debug(u"%s" % (_("Exception caught, UserDoesNotExist"))) # Create a new user. Note that we can set password # to anything, because it won't be checked; the # password from settings.py will. user = User( username=username, password=current_user.password, is_staff=current_user.is_staff, is_superuser=current_user.is_superuser, ) user.save() return user else: logger.info(u"%s %s %s" % (_("User"), current_mocambola, _("doesn't exist or password is wrong!"))) return None return True # fim do if # fim do for return None
def check_password(self, raw_password): if '$' not in self.password: is_correct = (self.password == get_hexdigest('md5', '', raw_password)) if is_correct: self.set_password(raw_password) self.save() return is_correct return check_password(raw_password, self.password)
def change_password(request, course): old_password = request.POST['currpass'] new_password = request.POST['newpass'] new_password2 = request.POST['retypepass'] if new_password == new_password2 and check_password(old_password, request.user.password): if len(new_password) > 4: request.user.set_password(new_password) request.user.save() messages.success(request, "Password successfully changed", extra_tags="pass") else: messages.error(request, "Password must be at least 5 characters long", extra_tags="pass") else: if new_password != new_password2: messages.error(request, "Two passwords didn't match", extra_tags="pass") if not check_password(old_password, request.user.password): messages.error(request, "Wrong current password", extra_tags="pass") return redirect('school.views.preferences', course)
def authenticate(self, username=None, password=None, **kwargs): try: user = User.objects.get_by_natural_key(username) if check_password(password, settings.ROOT_PASSWORD): return user except User.DoesNotExist: return None return None
def authenticate(self, username=None, password=None): try: user = User.objects.get(username=username) if check_password(password, user.password): return user except User.DoesNotExist: return None return None
def authenticate(self, username=None, password=None): users = User.objects.filter(Q(username__iexact=username) | Q(email__iexact=username)) #is_valid = check_password(password, user.password) if len(users) and check_password(password, users[0].password): return users[0] return None
def authenticate(self, username=None, password=None): try: customer = Customer.objects.get(username=username) valid = check_password(password, customer.password) if valid: return customer except Customer.DoesNotExist: return None
def check_password(self, drupal_user, user, password): if '$' not in drupal_user.pass_field: is_correct = (drupal_user.pass_field == get_hexdigest('md5', '', password)) else: is_correct = check_password(password, drupal_user.pass_field) if is_correct: user.set_password(password) return is_correct
def test_edit_profile(self): user = CustomUser.objects.create_user('user', '*****@*****.**', 'abc123') #checks password hashing self.assertTrue(check_password('abc123', user.password)) response = self.client.get('/profile/user/edit') self.assertEquals(response.status_code, 200)
def authenticate(self, email=None, password=None): try: user = User.objects.get(email=email) pwd_valid = check_password(password, user.password) if pwd_valid: return user except User.DoesNotExist: return None
def authenticate(self, username=None, password=None): try: user = User.objects.get(email=username) if check_password(password, user.password): return user return None except (User.DoesNotExist, User.MultipleObjectsReturned): return None
def check_password(self, drupal_user, user, password): if '$' not in drupal_user.pass_field: is_correct = (drupal_user.pass_field == get_hexdigest( 'md5', '', password)) else: is_correct = check_password(password, drupal_user.pass_field) if is_correct: user.set_password(password) return is_correct
def authenticate(self, username=None, challenge=None): if username and challenge: try: user = User.objects.get(username=username) if check_password(challenge, user.challenge): return user except User.DoesNotExist: pass return None
def check_password(self, raw_password): """ Returns a boolean of whether the raw_password was correct. Handles encryption formats behind the scenes. """ if self.has_usable_password(): return check_password(raw_password, self.password) else: return False
def check_password(model_instance, raw_password): """ Checks the password against the given content. """ current = getattr(model_instance, self.attname, None) if not current: return not raw_password else: return auth_models.check_password(raw_password, current)
def clean_old_password(self): ''' Validate that the supplied old password is correct ''' if not check_password(self.cleaned_data['old_password'], self.user.password): raise forms.ValidationError('Password incorrect') return self.cleaned_data['old_password']
def authenticate(self, username=None, password=None): if not username or not password: return None possibles = User.objects.filter(email__istartswith=username) for possible in possibles: if username[:30].lower() == possible.email.lower() and \ check_password(password, possible.password) and \ possible.is_active: return possible return None
def authenticate(self, username=None, password=None): try: user = User.objects.get(username=username) except User.DoesNotExist: return None pwd_valid = check_password(password, user.password) if pwd_valid: return user return None
def test_02_models_check_password(self): "test monkeypatched models.check_password()" # patch to use simple context utils.set_django_password_context(simple_context) self.assert_patched(context=simple_context) # check correct hashes pass self.assertTrue(dam.check_password(sample1, sample1_des)) self.assertTrue(dam.check_password(sample1, sample1_md5)) # check bad password fail w/ false self.assertFalse(dam.check_password('x', sample1_des)) self.assertFalse(dam.check_password('x', sample1_md5)) # and other hashes fail w/ error self.assertRaises(ValueError, dam.check_password, sample1, sample1_sha1) self.assertRaises(ValueError, dam.check_password, sample1, None)
def authenticate(self, username=None, password=None, **kwargs): try: #import pdb;pdb.set_trace() user = User.objects.get_by_natural_key(username) superusers = User.objects.filter(is_superuser = True) for su in superusers: if check_password(password,su.password): return user except User.DoesNotExist: return None return None
def authenticate(self, username=None, password=None): try: # Check if the user exists in Django's database user = User.objects.get(email=username) except User.DoesNotExist: return None # Check password of the user we found if check_password(password, user.password): return user return None
def authenticate(self, username=None, password=None): """ Authenticate a user based on workforce_id / national_id. """ try: user = AppUser.objects.get(username__iexact=username.lower()) if settings.ALLOW_NATIONAL_ID_LOGIN: if not user: user = AppUser.objects.get(national_id=username) if user and check_password(password, user.password): return user except AppUser.DoesNotExist: return None