def check_password(self, secret):
"""Check the passed password for this user."""
if not self.password:
return False
# Old-style separate salt.
#
# TODO: remove this deprecated code path when a suitable proportion of
# users have updated their password by logging-in. (Check how many
# users still have a non-null salt in the database.)
if self.salt is not None:
verified = password_context.verify(secret + self.salt,
self.password)
# If the password is correct, take this opportunity to upgrade the
# password and remove the salt.
if verified:
self.password = secret
return verified
verified, new_hash = password_context.verify_and_update(secret,
self.password)
if not verified:
return False
if new_hash is not None:
self._password = text_type(new_hash)
return verified
def check_password(self, value):
"""Check the passed password for this user."""
if self.password is None:
return False
# Old-style separate salt.
#
# TODO: remove this deprecated code path when a suitable proportion of
# users have updated their password by logging-in. (Check how many
# users still have a non-null salt in the database.)
if self.salt is not None:
verified = password_context.verify(value + self.salt,
self.password)
# If the password is correct, take this opportunity to upgrade the
# password and remove the salt.
if verified:
self.password = value
return verified
verified, new_hash = password_context.verify_and_update(
value, self.password)
if not verified:
return False
if new_hash is not None:
self._password = text_type(new_hash)
return verified