def testvalidpassword(self): """ validate user password """ hash_val = crypto.crypt_password(u"MoinMoin", salt='12345') result = crypto.valid_password(u'MoinMoin', hash_val) assert result with pytest.raises(ValueError): invalid_result = crypto.valid_password("MoinMoin", '{junk_value}')
def testvalidpassword2(self): """ validate user password """ hash_val = crypto.crypt_password(u"MoinMoin") result = crypto.valid_password('MoinMoin', hash_val) assert result result = crypto.valid_password('WrongPassword', hash_val) assert not result with pytest.raises(ValueError): invalid_result = crypto.valid_password("MoinMoin", '{junk_value}')
def _validate_password(self, data, password): """ Check user password. This is a private method and should not be used by clients. :param data: dict with user data (from storage) :param password: password to verify [unicode] :rtype: 2 tuple (bool, bool) :returns: password is valid, enc_password changed """ pw_hash = data[ENC_PASSWORD] # If we have no password set, we don't accept login with username. # Require non-empty password. if not pw_hash or not password: return False, False # check the password against the password hash if not valid_password(password, pw_hash): return False, False new_pw_hash = upgrade_password(password, pw_hash) if not new_pw_hash: return True, False data[ENC_PASSWORD] = new_pw_hash return True, True