async def set_password(self, new_password, old_password=None):
if old_password is not None:
valid = check_password(self.password, old_password)
if not valid:
raise HTTPUnauthorized()
self.password = hash_password(new_password)
self.register()
async def post_login(context, request):
'''
After challenge initiated, use this to actually login!
'''
if 'admin_url' not in app_settings['hydra']:
raise HTTPBadRequest(content={
'reason': 'hydra admin_url not configured'
})
data = await request.json()
pw = data['password']
username = data.get('username', data.get('login', ''))
email = data.get('email')
challenge = data['challenge']
remember = data.get('remember') or False
if email is None and '@' in username:
# username entered as email
email = username
if email is not None:
user = await utils.find_user(email=email.lower())
else:
user = await utils.find_user(username=username)
if user is None:
raise HTTPUnauthorized(content={
'text': 'login failed'
})
if check_password(user['password'], pw):
csrf_cookie = await utils.get_csrf_cookie_str(request)
accept_request = await hydra_admin_request(
'put', os.path.join('login', challenge, 'accept'),
json={
'subject': user['id'],
'remember': remember,
'remember_for': 3600,
# acr is a value to represent level of authentication.
# this can be used with 2-factor auth schemes
'acr': "0"
},
headers={
'Set-Cookie': csrf_cookie
}
)
if not data.get('auto_grant', False):
return {
'url': accept_request['redirect_to'],
'user': user
}
else:
return await _login_user(
request, accept_request, user)
else:
raise HTTPUnauthorized(content={
'text': 'login failed'
})
async def test_sha512_hashing(dummy_guillotina):
hashed = validators.hash_password('foobar', algorithm='sha512')
assert validators.check_password(hashed, 'foobar')
assert not validators.check_password(hashed, 'barfoo')
async def test_sha512_hashing(dummy_guillotina):
hashed = validators.hash_password("foobar", algorithm="sha512")
assert validators.check_password(hashed, "foobar")
assert not validators.check_password(hashed, "barfoo")