def add(self, userid, login, cleartext_password, groups=None): self._upgrade() salt = get_random_string() encrypted_password = pbkdf2(cleartext_password, salt) if groups is None: groups = [] newgroups = set() for group in groups: group = self._convert(group) newgroups.add(group) userid = self._convert(userid) login = self._convert(login) info = { 'login': login, 'id': userid, 'salt': salt, 'password': encrypted_password, 'groups': newgroups } if userid in self.data: raise ValueError('User ID "%s" already exists' % userid) if login in self.logins: raise ValueError('Login "%s" already exists' % login) self.logins[login] = userid self.data[userid] = info for group in newgroups: userids = self.groups.get(group, set()) self.groups[group] = userids # trigger persistence userids.add(userid)
def __init__(self, path, ct, size): from karl.utils import get_random_string self.code = get_random_string(25) self.blob = Blob() self.path = path self.ct = ct self.size = size
def check_password(self, password, userid=None, login=None): if userid is None and login is None: raise ValueError("Must provide userid or login") if userid is not None: user = self.get(userid=userid) else: login = self._convert(login) userid = self.logins.get(login) user = self.get(login=login) if user['password'].startswith('SHA1:'): # old style password, need to upgrade but will check it first enc_password = get_sha_password(password) if strings_same(enc_password, user['password']): # upgrade this password... salt = get_random_string() user.update({'password': pbkdf2(password, salt), 'salt': salt}) self.data[userid] = user # trigger persistence return True else: return False else: # should be 'pbkdf2' encrypted now return strings_same(pbkdf2(password, user['salt']), user['password'])
def add(self, userid, login, cleartext_password, groups=None): self._upgrade() salt = get_random_string() encrypted_password = pbkdf2(cleartext_password, salt) if groups is None: groups = [] newgroups = set() for group in groups: group = self._convert(group) newgroups.add(group) userid = self._convert(userid) login = self._convert(login) info = { 'login': login, 'id': userid, 'salt': salt, 'password': encrypted_password, 'groups': newgroups} if userid in self.data: raise ValueError('User ID "%s" already exists' % userid) if login in self.logins: raise ValueError('Login "%s" already exists' % login) self.logins[login] = userid self.data[userid] = info for group in newgroups: userids = self.groups.get(group, set()) self.groups[group] = userids # trigger persistence userids.add(userid)
def check_password(self, password, userid=None, login=None): if userid is None and login is None: raise ValueError("Must provide userid or login") if userid is not None: user = self.get(userid=userid) else: login = self._convert(login) userid = self.logins.get(login) user = self.get(login=login) if user['password'].startswith('SHA1:'): # old style password, need to upgrade but will check it first enc_password = get_sha_password(password) if strings_same(enc_password, user['password']): # upgrade this password... salt = get_random_string() user.update({ 'password': pbkdf2(password, salt), 'salt': salt }) self.data[userid] = user # trigger persistence return True else: return False else: # should be 'pbkdf2' encrypted now return strings_same( pbkdf2(password, user['salt']), user['password'])
def change_password(self, userid, password): self._upgrade() userid = self._convert(userid) info = self.data[userid] if 'salt' not in info: info['salt'] = get_random_string() self.data[userid] = info # trigger persistence info['password'] = pbkdf2(password, info['salt'])