def requestAvatarId(self, loginCredentials): """ Attempts to authenticate with the given credentials, producing a token. :param loginCredentials: The credentials being used to log in: a user identifier, and the user's password. :type loginCredentials: ``twisted.cred.credentials.IUsernamePassword`` :returns: A deferred token value, for which there will be a matching token in the user's store. :rtype: ``Deferred str`` """ identifier = loginCredentials.username lockDirectory = directory.IWriteLockDirectory(self.store) try: lock = yield lockDirectory.acquire(["users", identifier]) except directory.AlreadyAcquiredException: pass # TODO: do something useful here except exceptions.NoSuchStoreException: log.msg("unknown user identifier: {0}".format(identifier)) raise UnauthorizedLogin("Unknown user identifier") storedCredentials = IUsernameHashedPassword(lock.store) if (yield storedCredentials.checkPassword(loginCredentials.password)): defer.returnValue(identifier) else: raise UnauthorizedLogin("Wrong password")
def test_interface(self): """ L{CramMD5Credentials} implements the L{IUsernameHashedPassword} interface. """ self.assertTrue( IUsernameHashedPassword.implementedBy(CramMD5Credentials))
def test_interface(self): """ L{CramMD5Credentials} implements the L{IUsernameHashedPassword} interface. """ self.assertTrue( IUsernameHashedPassword.implementedBy(CramMD5Credentials))
def requestAvatarId(self, credentials): try: username, domain = credentials.username.split('@', 1) except ValueError: self.failedLogins += 1 raise MissingDomainPart(credentials.username) username = unicode(username) domain = unicode(domain) acct = self.accountByAddress(username, domain) if acct is not None: # Awful hack if isinstance(credentials, Preauthenticated): return acct.storeID elif IUsernameHashedPassword.providedBy(credentials): warnings.warn( 'Authenticating IUsernameHashedPassword credentials with ' 'axiom.userbase is deprecated; use IUsernamePassword ' 'instead', DeprecationWarning) if credentials.checkPassword(acct.password): return acct.storeID else: self.failedLogins += 1 raise BadCredentials() else: if unicode(credentials.password) == acct.password: return succeed(acct.storeID) else: self.failedLogins += 1 return fail(BadCredentials()) self.failedLogins += 1 raise NoSuchUser(credentials.username)
def requestAvatarId(self, credentials): passwordSecure = IUsernameHashedPassword(credentials, None) is not None # ^ need to do something with this. security warning perhaps? try: username, domain = credentials.username.split('@', 1) except ValueError: self.failedLogins += 1 raise MissingDomainPart(credentials.username) username = unicode(username) domain = unicode(domain) acct = self.accountByAddress(username, domain) if acct is not None: if IPreauthCredentials.providedBy(credentials): return acct.storeID else: password = acct.password if credentials.checkPassword(password): return acct.storeID else: self.failedLogins += 1 raise BadCredentials() self.failedLogins += 1 raise NoSuchUser(credentials.username)
def _auth(self, result, credentials): if not result: # Username not found in db return defer.fail( error.UnauthorizedLogin('Username or Password mismatch')) else: id = result.id password = result.password if IUsernameHashedPassword.providedBy(credentials): if credentials.checkPassword(password): return defer.succeed(id) else: return defer.fail( error.UnauthorizedLogin('Username or Password mismatch')) elif IUsernamePassword.providedBy(credentials): m = hashlib.md5() m.update(credentials.password) #if password==m.hexdigest(): if password == credentials.password: from goliat.session.usermanager import UserManager if not UserManager().exists(id): return defer.succeed(id) else: return defer.succeed(id) #return defer.fail( # error.LoginFailed('Already Logged')) else: return defer.fail( error.UnauthorizedLogin('Username or Password mismatch')) else: # Wooops! return defer.fail( error.UnhandledCredentials( 'Revise the protocol configuration'))
def requestAvatarId(self, credentials): for interface in self.credentialInterfaces: if interface.providedBy(credentials): break else: raise error.UnhandledCredentials() try: result = yield getUser(credentials.username) except: msg = "Database Error" raise error.UnhandledCredentials(msg) result = list(result) if not len(result): raise error.UnauthorizedLogin("Username not found.") else: password = result[0].password if IUsernameHashedPassword.providedBy(credentials): if credentials.checkPassword(password): defer.returnValue(result[0]) else: raise error.UnauthorizedLogin("Password mismatch.") elif IUsernamePassword.providedBy(credentials): if password == credentials.password: defer.returnValue(result[0]) else: raise error.UnauthorizedLogin("Password mismatch.") else: raise error.UnhandledCredentials()
def _auth(self, result, credentials): if not result: # Username not found in db return defer.fail( error.UnauthorizedLogin('Username or Password mismatch')) else: id=result.id password=result.password if IUsernameHashedPassword.providedBy(credentials): if credentials.checkPassword(password): return defer.succeed(id) else: return defer.fail( error.UnauthorizedLogin('Username or Password mismatch')) elif IUsernamePassword.providedBy(credentials): m=hashlib.md5() m.update(credentials.password) #if password==m.hexdigest(): if password==credentials.password: from goliat.session.usermanager import UserManager if not UserManager().exists(id): return defer.succeed(id) else: return defer.succeed(id) #return defer.fail( # error.LoginFailed('Already Logged')) else: return defer.fail( error.UnauthorizedLogin('Username or Password mismatch')) else: # Wooops! return defer.fail( error.UnhandledCredentials('Revise the protocol configuration'))
def test_interface(self): """ L{UsernameHashedPassword} implements L{IUsernameHashedPassword}. """ UsernameHashedPassword = self.getDeprecatedModuleAttribute( 'twisted.cred.credentials', 'UsernameHashedPassword', _uhpVersion) self.assertTrue( IUsernameHashedPassword.implementedBy(UsernameHashedPassword))
def _cbAuthenticate(self, result, credentials, deferred): """ Checks to see if authentication was good. Called once the info has been retrieved from the DB. """ if len(result) == 0: # Username not found in db deferred.errback(error.UnauthorizedLogin('Username unknown')) else: username, password = result[0] if self.customCheckFunc: # Let the owner do the checking if self.customCheckFunc( username, credentials.password, password): deferred.callback(credentials.username) else: deferred.errback( error.UnauthorizedLogin('Password mismatch')) else: # It's up to us or the credentials object to do the checking # now if IUsernameHashedPassword.providedBy(credentials): # Let the hashed password checker do the checking if credentials.checkPassword(password): deferred.callback(credentials.username) else: deferred.errback( error.UnauthorizedLogin('Password mismatch')) elif IUsernamePassword.providedBy(credentials): # Compare the passwords, deciging whether or not to use # case sensitivity if self.caseSensitivePasswords: passOk = ( password.lower() == credentials.password.lower()) else: passOk = password == credentials.password # See if they match if passOk: deferred.callback(credentials.username) else: deferred.errback( error.UnauthorizedLogin('Password mismatch')) else: # OK, we don't know how to check this deferred.errback(error.UnhandledCredentials())
def _cbAuthenticate(self, result, credentials, deferred): """ Checks to see if authentication was good. Called once the info has been retrieved from the DB. """ if len(result) == 0: # Username not found in db deferred.errback(error.UnauthorizedLogin('Username unknown')) else: username, password = result[0] if self.customCheckFunc: # Let the owner do the checking if self.customCheckFunc(username, credentials.password, password): deferred.callback(credentials.username) else: deferred.errback( error.UnauthorizedLogin('Password mismatch')) else: # It's up to us or the credentials object to do the checking # now if IUsernameHashedPassword.providedBy(credentials): # Let the hashed password checker do the checking if credentials.checkPassword(password): deferred.callback(credentials.username) else: deferred.errback( error.UnauthorizedLogin('Password mismatch')) elif IUsernamePassword.providedBy(credentials): # Compare the passwords, deciging whether or not to use # case sensitivity if self.caseSensitivePasswords: passOk = ( password.lower() == credentials.password.lower()) else: passOk = password == credentials.password # See if they match if passOk: deferred.callback(credentials.username) else: deferred.errback( error.UnauthorizedLogin('Password mismatch')) else: # OK, we don't know how to check this deferred.errback(error.UnhandledCredentials())
def test_interface(self): """ L{UsernameHashedPassword} implements L{IUsernameHashedPassword}. """ self.assertTrue( IUsernameHashedPassword.implementedBy(UsernameHashedPassword))
def test_interface(self): """ L{UsernameHashedPassword} implements L{IUsernameHashedPassword}. """ self.assertTrue( IUsernameHashedPassword.implementedBy(UsernameHashedPassword))