def login_receiver(store, username, password): """ This login receiver need to collect also the amount of unsuccessful consecutive logins, because this element may bring to password lockdown. """ receiver_user = store.find(User, User.username == username).one() if not receiver_user or receiver_user.role != 'receiver': log.debug("Receiver: Fail auth, username %s do not exists" % username) return False if not security.check_password(password, receiver_user.password, receiver_user.salt): receiver_user.failed_login_count += 1 log.debug("Receiver login: Invalid password (failed: %d)" % receiver_user.failed_login_count) if username in GLSetting.failed_login_attempts: GLSetting.failed_login_attempts[username] += 1 else: GLSetting.failed_login_attempts[username] = 1 return False else: log.debug("Receiver: Authorized receiver %s" % username) receiver_user.last_login = datetime_now() receiver = store.find(Receiver, (Receiver.user_id == receiver_user.id)).one() return receiver.id
def login(store, username, password, using_tor2web): """ login returns a tuple (user_id, state, pcn) """ user = store.find( User, And(User.username == username, User.state != u'disabled')).one() if not user or not security.check_password(password, user.salt, user.password): log.debug("Login: Invalid credentials") GLSettings.failed_login_attempts += 1 raise errors.InvalidAuthentication if using_tor2web and not GLSettings.memory_copy.accept_tor2web_access[ user.role]: log.err("Denied login request on Tor2web for role '%s'" % user.role) raise errors.TorNetworkRequired else: log.debug("Accepted login request on Tor2web for role '%s'" % user.role) log.debug("Login: Success (%s)" % user.role) user.last_login = datetime_now() store.commit( ) # the transact was read only! on success we apply the commit() return user.id, user.state, user.role, user.password_change_needed
def test_valid_password(self): dummy_password = dummy_salt_input = \ "http://blog.transparency.org/wp-content/uploads/2010/05/A2_Whistelblower_poster.jpg" dummy_salt = get_salt(dummy_salt_input) hashed_once = binascii.b2a_hex(scrypt.hash(dummy_password, dummy_salt)) hashed_twice = binascii.b2a_hex(scrypt.hash(dummy_password, dummy_salt)) self.assertTrue(hashed_once, hashed_twice) self.assertTrue(check_password(dummy_password, hashed_once, dummy_salt_input))
def test_003_valid_password(self): dummy_password = dummy_salt_input = \ "http://blog.transparency.org/wp-content/uploads/2010/05/A2_Whistelblower_poster.jpg" dummy_salt = get_salt(dummy_salt_input) hashed_once = binascii.b2a_hex(scrypt.hash(dummy_password, dummy_salt)) hashed_twice = binascii.b2a_hex(scrypt.hash(dummy_password, dummy_salt)) self.assertTrue(hashed_once, hashed_twice) self.assertTrue(check_password(dummy_password, hashed_once, dummy_salt_input))
def login(store, username, password, role): """ login returns a tuple (user_id, state, pcn) """ user = store.find(User, And(User.username == username, User.role == role, User.state != u'disabled')).one() if not user or not security.check_password(password, user.password, user.salt): log.debug("Login: Invalid credentials (%s)" % role) return None, None, None log.debug("Login: Success (%s)" % role) user.last_login = utility.datetime_now() store.commit() # the transact was read only! on success we apply the commit() return user.id, user.state, user.password_change_needed
def login_admin(store, username, password): """ login_admin returns a tuple (user_id, state, pcn) """ user = store.find( User, And(User.username == username, User.role == u'admin', User.state != u'disabled')).one() if not user or not security.check_password(password, user.password, user.salt): log.debug("Admin login: Invalid credentials") return False, None, None log.debug("Admin login: Authorized admin") user.last_login = utility.datetime_now() store.commit( ) # the transact was read only! on success we apply the commit() return user.id, user.state, user.password_change_needed
def login_admin(store, username, password): """ login_admin return the 'username' of the administrator """ admin_user = store.find(User, User.username == username).one() if not admin_user or admin_user.role != 'admin': log.debug("Receiver: Fail auth, username %s do not exists" % username) return False if not security.check_password(password, admin_user.password, admin_user.salt): log.debug("Admin login: Invalid password") return False else: log.debug("Admin: Authorized admin %s" % username) admin_user.last_login = utility.datetime_now() store.commit() # the transact was read only! on success we apply the commit() return username
def login_admin(store, username, password): admin_user = store.find(User, User.username == username).one() if not admin_user or admin_user.role != 'admin': log.debug("Receiver: Fail auth, username %s do not exists" % username) return False if not security.check_password(password, admin_user.password, admin_user.salt): admin_user.failed_login_count += 1 log.debug("Admin login: Invalid password (failed: %d)" % admin_user.failed_login_count) if username in GLSetting.failed_login_attempts: GLSetting.failed_login_attempts[username] += 1 else: GLSetting.failed_login_attempts[username] = 1 return False else: log.debug("Admin: Authorized receiver %s" % username) admin_user.last_login = datetime_now() return username
def login(store, username, password, using_tor2web): """ login returns a tuple (user_id, state, pcn) """ user = store.find(User, And(User.username == username, User.state != u'disabled')).one() if not user or not security.check_password(password, user.salt, user.password): log.debug("Login: Invalid credentials") GLSettings.failed_login_attempts += 1 raise errors.InvalidAuthentication if using_tor2web and not GLSettings.memory_copy.accept_tor2web_access[user.role]: log.err("Denied login request on Tor2web for role '%s'" % user.role) raise errors.TorNetworkRequired else: log.debug("Accepted login request on Tor2web for role '%s'" % user.role) log.debug("Login: Success (%s)" % user.role) user.last_login = datetime_now() return user.id, user.state, user.role, user.password_change_needed
def login(store, username, password, client_using_tor): """ login returns a tuple (user_id, state, pcn) """ user = store.find( User, And(User.username == username, User.state != u'disabled')).one() if not user or not security.check_password(password, user.salt, user.password): log.debug("Login: Invalid credentials") Settings.failed_login_attempts += 1 raise errors.InvalidAuthentication if not client_using_tor and not State.tenant_cache[ 1].accept_tor2web_access[user.role]: log.err("Denied login request over Web for role '%s'" % user.role) raise errors.TorNetworkRequired log.debug("Login: Success (%s)" % user.role) user.last_login = datetime_now() return user.id, user.state, user.role, user.password_change_needed
def login_receiver(store, username, password): """ This login receiver need to collect also the amount of unsuccessful consecutive logins, because this element may bring to password lockdown. login_receiver return the receiver.id """ receiver_user = store.find(User, User.username == username).one() if not receiver_user or receiver_user.role != 'receiver': log.debug("Receiver: Fail auth, username %s do not exists" % username) return False if not security.check_password(password, receiver_user.password, receiver_user.salt): log.debug("Receiver login: Invalid password") return False else: log.debug("Receiver: Authorized receiver %s" % username) receiver_user.last_login = utility.datetime_now() receiver = store.find(Receiver, (Receiver.user_id == receiver_user.id)).one() store.commit() # the transact was read only! on success we apply the commit() return receiver.id
def login_receiver(store, receiver_id, password): """ This login receiver need to collect also the amount of unsuccessful consecutive logins, because this element may bring to password lockdown. login_receivers returns a tuple (receiver_id, state, pcn) """ receiver = store.find(Receiver, (Receiver.id == receiver_id)).one() if not receiver or \ receiver.user.role != u'receiver' or \ receiver.user.state == u'disabled' or \ not security.check_password(password, receiver.user.password, receiver.user.salt): log.debug("Receiver login: Invalid credentials") return False, None, None log.debug("Receiver login: Authorized receiver") receiver.user.last_login = utility.datetime_now() store.commit() # the transact was read only! on success we apply the commit() return receiver.id, receiver.user.state, receiver.user.password_change_needed
def login_receiver(store, receiver_id, password): """ This login receiver need to collect also the amount of unsuccessful consecutive logins, because this element may bring to password lockdown. login_receivers returns a tuple (receiver_id, state, pcn) """ receiver = store.find(Receiver, (Receiver.id == receiver_id)).one() if not receiver or \ receiver.user.role != u'receiver' or \ receiver.user.state == u'disabled' or \ not security.check_password(password, receiver.user.password, receiver.user.salt): log.debug("Receiver login: Invalid credentials") return False, None, None log.debug("Receiver login: Authorized receiver") receiver.user.last_login = utility.datetime_now() store.commit( ) # the transact was read only! on success we apply the commit() return receiver.id, receiver.user.state, receiver.user.password_change_needed