def check_pin(token, passw, user=None, options=None): ''' check the provided pin w.r.t. the policy definition :param passw: the to be checked pass :param user: if otppin==1, this is the user, which resolver should be checked :param options: the optional request parameters :return: boolean, if pin matched True ''' res = False pin_policies = linotp.lib.policy.get_pin_policies(user) if 1 in pin_policies: # We check the Users Password as PIN log.debug("[check_pin] pin policy=1: checking the users" " password as pin") if (user is None or not user.login): log.info("[check_pin] - fail for pin policy == 1 " "with user = None") return False (uid, _resolver, resolver_class) = getUserId(user) r_obj = getResolverObject(resolver_class) if r_obj.checkPass(uid, passw): log.debug("[__checkToken] Successfully authenticated user %r." % uid) res = True else: log.info("[__checkToken] user %r failed to authenticate." % uid) elif 2 in pin_policies: # NO PIN should be entered atall log.debug("[__checkToken] pin policy=2: checking no pin") if len(passw) == 0: res = True else: # old stuff: We check The fixed OTP PIN log.debug("[__checkToken] pin policy=0: checkin the PIN") res = token.checkPin(passw, options=options) return res
def check_pin(token, passw, user=None, options=None): ''' check the provided pin w.r.t. the policy definition :param passw: the to be checked pass :param user: if otppin==1, this is the user, which resolver should be checked :param options: the optional request parameters :return: boolean, if pin matched True ''' res = False context = token.context pin_policies = linotp.lib.policy.get_pin_policies(user, context=context) if 1 in pin_policies: # We check the Users Password as PIN log.debug("[check_pin] pin policy=1: checking the users" " password as pin") if (user is None or not user.login): log.info("[check_pin] - fail for pin policy == 1 " "with user = None") return False (uid, _resolver, resolver_class) = getUserId(user) r_obj = getResolverObject(resolver_class) if r_obj.checkPass(uid, passw): log.debug("[__checkToken] Successfully authenticated user %r." % uid) res = True else: log.info("[__checkToken] user %r failed to authenticate." % uid) elif 2 in pin_policies: # NO PIN should be entered atall log.debug("[__checkToken] pin policy=2: checking no pin") if len(passw) == 0: res = True else: # old stuff: We check The fixed OTP PIN log.debug("[__checkToken] pin policy=0: checkin the PIN") res = token.checkPin(passw, options=options) return res