def update_password( self, username, password, old_password=None ): # FIXME: Make sure permissions are handled properly anywhere this gets called! # (ask for old password, etc) if old_password is not None: authenticate(username, old_password) user = self.verify(username) return auth.dbi.change_internal_password( id=user.uid, hash=hash_password(password) )
def __verify(self, username, password=False):
(user, internal_auth_info) = self._search_internal(username)
if password != False:
# Hash the user's password for comparison
hash = hash_password(password)
# Compare the retrieved hashed password to the hashed password we were given
if internal_auth_info['hash'] != hash:
# "Invalid password: %s" % password
# ;)
raise error.InvalidCredentials("Invalid password for user: %s" % username)
return User(uid=user['id'], username=user['username'], name=internal_auth_info['name'], source=auth.sources.INTERNAL, min_perms=user['min_permissions'], email=internal_auth_info['email'])
def create_user( self, username, password, name, email ): # FIXME: Make sure permissions are handled properly anywhere this gets called! return auth.dbi.create_internal_user( username=username, name=name, email=email, hash=hash_password(password) )