class PistaAuth(object): def __init__(self): pass def check(self, username, password, apns_token=None): if username is None or password is None: log.error("Username {0} or password are None".format(username)) return False try: db.connect() except Exception, e: log.error("%s" % str(e)) return False pwhash = None try: u = User.get(User.username == username) pwhash = u.pwhash except User.DoesNotExist: log.debug("User {0} does not exist".format(username)) return False except Exception, e: raise
def getinventorytopics(username): ''' username is probably a logged-in user. Obtain a list of TIDs that user is allowed to see ''' # First, get a list of ACL topics the user is authorized for. If the # `username' is a superuser, add '#' to the subscription list, so # that paho matches that as true in any case. (Superusers possibly # don't have ACL entries in the database.) sublist = [] superuser = False try: u = User.get(User.username == username) superuser = u.superuser except User.DoesNotExist: log.debug("User {0} does not exist".format(username)) return [] except Exception, e: raise
log.debug("User {0} does not exist".format(username)) return False except Exception, e: raise match = False # Is this a plain-text password in the database?!? OK, we'll do this ... if not pwhash.startswith('PBKDF2$'): match = pwhash == password log.debug('Plain-text password (bah!) match for %s (%s)' % (username, match)) else: match = hp.check_hash(password, pwhash) log.debug('Hash match for %s (%s): %s' % (username, pwhash, match)) if match == True and apns_token is not None: tstamp = time.strftime('%Y-%m-%d %H:%M:%S', time.gmtime()) try: q = User.update(token=apns_token, tstamp=tstamp).where(User.username == username) q.execute() log.info("Token {0} updated for username={1}".format( apns_token, username)) except Exception, e: log.error("Cannot update User {0} with token {1}: {2}".format( username, apns_token, str(e))) log.info("Password for username={0} was accepted".format(username)) return match
try: u = User.get(User.username == username) pwhash = u.pwhash except User.DoesNotExist: log.debug("User {0} does not exist".format(username)) return False except Exception, e: raise match = False # Is this a plain-text password in the database?!? OK, we'll do this ... if not pwhash.startswith('PBKDF2$'): match = pwhash == password log.debug('Plain-text password (bah!) match for %s (%s)' % (username, match)) else: match = hp.check_hash(password, pwhash) log.debug('Hash match for %s (%s): %s' % (username, pwhash, match)) if match == True and apns_token is not None: tstamp = time.strftime('%Y-%m-%d %H:%M:%S', time.gmtime()) try: q = User.update(token = apns_token, tstamp = tstamp).where(User.username == username) q.execute() log.info("Token {0} updated for username={1}".format(apns_token, username)) except Exception, e: log.error("Cannot update User {0} with token {1}: {2}".format(username, apns_token, str(e))) log.info("Password for username={0} was accepted".format(username)) return match