Пример #1
0
def password(report, user, password):
    print(authenticate(user, password, service='sshd'))
    if authenticate(user, password, service='sshd') == False:
        report.write("\n<li>Insecure password changed for %s\n" % user)
        print("Insecure password changed for %s" % user)
        global found
        found += 1
    return
Пример #2
0
        def pam_authenticate(resource, req, resp, *args, **kwargs):
            """
            Authenticate against PAM with WWW Basic Auth credentials
            """

            if optional and not req.get_param_as_bool("authenticate"):
                return func(resource, req, resp, *args, **kwargs)

            if not req.auth:
                raise falcon.HTTPUnauthorized("Forbidden",
                                              "Please authenticate",
                                              ("Basic", ))

            if not req.auth.startswith("Basic "):
                raise falcon.HTTPBadRequest("Bad request",
                                            "Bad header: %s" % req.auth)

            basic, token = req.auth.split(" ", 1)
            user, passwd = b64decode(token).decode("ascii").split(":", 1)

            import simplepam
            if not simplepam.authenticate(user, passwd, "sshd"):
                logger.critical(
                    "Basic authentication failed for user %s from  %s, "
                    "are you sure server process has read access to /etc/shadow?",
                    repr(user), req.context.get("remote_addr"))
                raise falcon.HTTPUnauthorized("Forbidden", "Invalid password",
                                              ("Basic", ))

            req.context["user"] = User.objects.get(user)
            return func(resource, req, resp, *args, **kwargs)
Пример #3
0
        def pam_authenticate(resource, req, resp, *args, **kwargs):
            """
            Authenticate against PAM with WWW Basic Auth credentials
            """

            if optional and not req.get_param_as_bool("authenticate"):
                return func(resource, req, resp, *args, **kwargs)

            if not req.auth:
                raise falcon.HTTPUnauthorized("Forbidden", "Please authenticate", ("Basic",))

            if not req.auth.startswith("Basic "):
                raise falcon.HTTPForbidden("Forbidden", "Bad header: %s" % req.auth)

            from base64 import b64decode
            basic, token = req.auth.split(" ", 1)
            user, passwd = b64decode(token).split(":", 1)

            import simplepam
            if not simplepam.authenticate(user, passwd, "sshd"):
                logger.critical(u"Basic authentication failed for user %s from  %s",
                    repr(user), req.context.get("remote_addr"))
                raise falcon.HTTPForbidden("Forbidden", "Invalid password")

            req.context["user"] = User.objects.get(user)
            return func(resource, req, resp, *args, **kwargs)
def accept_the_request():
    file_list = file_to_list()
    show_list(file_list)
    try:
        selected_command = input("please select which one do you want to approve or deny or 0 for cancelation: ")
        if selected_command != 0: 
            if file_list[selected_command-1][3] != "Yes": #if it is not already done
                admin_name = raw_input("username: "******"password: "******"Press a to Accept, d to Deny and c to cancel confirming this request: ")
                    if select_accept_deny.upper() != "C" and len(select_accept_deny)!= 0:
                        if select_accept_deny.upper() == "A":
                            if admin_name != file_list[selected_command-1][1]:  #if the person does not want to accept his own request
                                file_list[selected_command-1][2] = admin_name
                            else:
                                print colors.BOLD+" You cannot accept your own request!"+colors.END 
                        if select_accept_deny.upper() == "D":
                            file_list[selected_command-1][3] = "Denied"
                            file_list[selected_command-1][2] = admin_name                          
                else:
                    print colors.BOLD+"Authentication failed"+ colors.END
            else:
                print colors.BOLD+" This request has been implemented successfully!"+colors.END                         
        joining_list(file_list)
        list_to_file(file_list)
        print ""
                        
    except:
        print""
        print colors.BOLD+" You must insert a number"+ colors.END
def login():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        if authenticate(str(username), str(password)):
            session['username'] = request.form['username']
            return redirect(url_for('annotering'))
        else:
            return """
                <head>
                <style type="text/css">
                    body {
                    text-align: center;
                    background-size: 100%;
                    }
                    h1, h2 {
                    color: black;
                    font-family: "Courier New";
                    }
                </style>
                </head>
                <h2>Forkert kode indtastet - <br> Hændelsen er logført<h2>
                <form action="/login">
                        <input type="submit" value="Prøv igen" />
                </form>
            """
            'Invalid username/password'
    return render_template("login.html")
Пример #6
0
def login():
    params = request.json
    auth_users = app.config.get('AUTH_USER', [])
    try:
        username = str(params.get('username', '').strip())
        password = str(params.get('password', '').strip())

        if auth_users and username not in auth_users:
            abort(401, msg='user {0} has no privilege login'.format(username))

        if username and password:
            auth = authenticate(username,
                                password,
                                service='login',
                                encoding='utf-8',
                                resetcred=True)
            if auth:
                app.logger.info('user {0} login from {1}'.format(
                    username, session['remote_address']))
                session['login'] = '******'.format(username, time.time())
                return make_response(
                    jsonify(code=200, data={
                        'user': username,
                        'code': 200
                    }), 200)
        else:
            abort(401, msg='username and password is required')
    except Exception as e:
        abort(401, msg=str(e))

    abort(401, msg='auth failed')
def run_accepted_request():
    file_list = file_to_list()
    show_list(file_list)
    try:
        selected_command = input("please select one one of your request for running or select or 0 for cancelation: ")
        if selected_command != 0:
            admin_name = raw_input("username: "******"password: "******"Denied" and file_list[selected_command-1][2] != "":
                        if file_list[selected_command-1][3] != "Yes": #if it is not already done
                            accepted_request = file_list[selected_command-1][0].split(" ")
                            running_accepted_request = call(accepted_request)
                            if running_accepted_request == 0:
                                file_list[selected_command-1][3] = "Yes"
                            else:
                                file_list[selected_command-1][3] = "Problem"  
                        else:
                            print colors.BOLD+" This request is already successfully done!"+colors.END
                    else:
                        print colors.BOLD+"Your request is not accepted!"+ colors.END                                          
                else:
                    print colors.BOLD+"This is not your reuest!"+ colors.END
            else:
                    print colors.BOLD+"Authentication failed"+ colors.END
                  
        joining_list(file_list)
        list_to_file(file_list)
        print ""               
    except:
        print""
        print colors.BOLD+" You must insert a number"+ colors.END
Пример #8
0
def login():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        if authenticate(str(username), str(password)):
            session['username'] = request.form['username']
            return (redirect(url_for('index')))
        else:
            return ('Invalid username/password')
Пример #9
0
def checkUser(user, password):
    """Authenticate user using PAM."""
    auth = authenticate(user, password)
    if auth:
        logging.info("%s authenticated." % user)
        return True
    else:
        logging.info("%s failed to authenticate: %s" % (user, auth))
        return False
Пример #10
0
def login():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        if authenticate(str(username), str(password)):
            session['username'] = request.form['username']
            return redirect(url_for('index'))
        else:
            return 'Invalid username/password'
    else:
         return render_template("login.html")
Пример #11
0
def authenticate(name):
    print("Authenticating",name, end=" ")
    data = request.json
    if not data:
        print("FAIL (no password)")
        abort(401, "Unable to authenticate: no password given.")
    elif simplepam.authenticate(name, request.json['password']):
        print("OK")
        return None
    print("FAIL (wrong password)")
    abort(401, "Unable to authenticate.")
Пример #12
0
def login():
    if request.method == "POST":
        username = request.form.get('username', None)
        password = request.form.get('password', None)
        if authenticate(str(username), str(password)):
            session['username'] = username
            flash("Successful login")
            return redirect(url_for("index"))
        else:
            abort(403)
    else:
        return render_template("login.html")
Пример #13
0
 def authenticate(self, handler, data):
     """Authenticate with PAM, and return the username if login is successful.
 
     Return None otherwise.
     """
     username = data['username']
     # simplepam wants bytes, not unicode
     # see 
     busername = username.encode(self.encoding)
     bpassword = data['password'].encode(self.encoding)
     if simplepam.authenticate(busername, bpassword, service=self.service):
         raise gen.Return(username)
def login():
    if request.method == "POST":
        username = request.form.get('username', None)
        password = request.form.get('password', None)
        print("Before authenticate {} {}".format(username, password))
        if authenticate(str(username), str(password)):
            session['username'] = username
            return redirect(url_for("index"))
        else:
            abort(403)
    else:
        return render_template("login.html")
Пример #15
0
def home():
    if request.method == 'POST':
            userid = request.form.get('userid', None)
            password = request.form.get('pwd', None)
            print userid
            print password
            if authenticate(str(userid), str(password)):
                session['userid'] = userid
                return redirect(url_for('.summary'))
            else:
                return 'Invalid user id or password'
    return render_template('home.html')
Пример #16
0
 async def post(self):
     username = self.get_argument("username", "")
     password = self.get_argument("password", "")
     if authenticate(username, password):
         # `key` is the cookie name of code-server.
         # We use the same cookie name so that user can exit
         # code-server-hub when he click "logout" on the web page
         # of code-server.
         # The cookie would be overrided
         # when we proxy the request to code-server.
         self.set_secure_cookie("key", username)
         return self.redirect("/")
     return self.render_template("login.html", login_fail=True)
Пример #17
0
def login():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        error = None

        if authenticate(str(username), str(password)):
            session.clear()
            session['logged_in'] = True
            return redirect(url_for('index'))
        else:
            flash('Invalid credentials.')

    return render_template('auth/login.html')
Пример #18
0
 def authenticate(self, handler, data):
     """Authenticate with PAM, and return the username if login is successful.
 
     Return None otherwise.
     """
     username = data['username']
     if self.whitelist and username not in self.whitelist:
         return
     # simplepam wants bytes, not unicode
     # see simplepam#3
     busername = username.encode(self.encoding)
     bpassword = data['password'].encode(self.encoding)
     if simplepam.authenticate(busername, bpassword, service=self.service):
         return username
Пример #19
0
def login():
    form = LoginForm()
    if form.validate_on_submit():
        username = form.username.data
        password = form.password.data
        # User simple pam authentication.
        if authenticate(str(username), str(password)):
            session['username'] = username
            return redirect(url_for('index'))
        else:
            flash('Invalid username or password')
            return redirect(url_for('login'))

    return render_template('login.html', title='Sign in', form=form)
Пример #20
0
    def post(self):
        un = self.get_argument('username')
        pw = str(self.get_argument('password'))

        if simplepam.authenticate(un, str(pw), service='login'):
            self.set_secure_cookie('user', un)
            self.redirect(settings.URL_PREFIX + "/")
        else:
            failed_attempts = self.get_secure_cookie("failedattempts")
            if failed_attempts == False or failed_attempts == None:
                failed_attempts = 0
            self.set_secure_cookie("failedattempts",
                                   str(int(failed_attempts) + 1))
            self.set_status(403)
            self.render('lib/templates/login.html',
                        error='Username or Password incorrect!')
Пример #21
0
def index():
    #    if 'username' in session:
    #        return 'Logged in as %s' % escape(session['username'])
    #    return 'You are not logged in'
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        if authenticate(str(username), str(password)):
            session['username'] = request.form['username']
            return render_template('sassy.html',
                                   item=escape(session['username']))
        return 'NOOO'
    else:
        if 'username' in session:
            return render_template('sassy.html',
                                   item=escape(session['username']))
        return render_template('index.html')
Пример #22
0
def login():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']

        if authenticate(str(username), str(password)):
            username = request.form['username']
            session['username'] = username
            print(session['username'])
            if username == 'root':
                return render_template("home.html", username=username)
            else:
                return render_template("user_home.html", username=username)
        else:
            return redirect('/')

    return redirect('index')
def request_for_running():
    command = raw_input("Please insert the full command or press c for cancelation: ") 
    if command.upper() != "C" and len(command)!= 0 and command != " ":
        admin_name = raw_input("username: "******"password: "******""
        admin_permission = ""
        running_checker = "Not Yet"
        real_user = authenticate(admin_name, password)
        if real_user == True:
            requst_command = command + ";" + admin_name + ";" + admin_permission + ";"+ running_checker +  "\n" 
            check_file = open("check_file.txt", "a")
            check_file.write(requst_command)
            check_file.close()
            print colors.BOLD + "your request was successfully recorded, ask other administrators to accept it" + colors.END
        else:
            print colors.BOLD+"Authentication failed"+ colors.END
Пример #24
0
def index():
    #    if 'username' in session:
    #        return 'Logged in as %s' % escape(session['username'])
    #    return 'You are not logged in'
    if request.method == 'POST':
        username = request.args.get('uname')
        password = request.args.get('pwd')
        if authenticate(str(username), str(password)):
            session['username'] = request.args.get('uname')
            # deprecated            render_template('sassy.html', item = escape(session['username']))
            return 'loginSuccess'
        return 'loginFailure'
    else:
        if 'username' in session:
            return render_template('loggedHeader.html',
                                   item=escape(session['username']))
        return render_template('index.html')
Пример #25
0
    def post(self):
        creds = tornado.escape.json_decode(self.request.body)
        un = creds['username']
        pw = creds['password']
        token = None

        if un and pw:
            if authenticate(un, str(pw), service='login'):
                token = jwt.encode(
                        {'username':un},
                        global_settings.JWT_SECRET,
                        algorithm='HS256'
                    )
        if token:
            self.write({'token': token})
        else:
            raise tornado.web.HTTPError(403)
Пример #26
0
def verify_password():
    try:
        resp = errcode.get_error_result()
        data = request.get_json()
        user = data.get("user", None)
        password = data.get("password", "")
        if user:
            if not authenticate(user, password, 'system-auth'):
                resp = errcode.get_error_result(error="VerifyPasswordError")
        else:
            resp = errcode.get_error_result(error="MessageError")
        return resp
    except Exception as err:
        current_app.logger.error(err)
        current_app.logger.error(''.join(traceback.format_exc()))
        resp = errcode.get_error_result(error="SystemError")
        return resp
Пример #27
0
def login():
    print(request.method)
    if request.method == 'POST':
        password = request.form['password']
        username = request.form['username']
        if authenticate(str(username), str(password)):
            session['username'] = request.form['username']
            return redirect('/')
        else:
            flash('Invalid username or password. This is NOT a test (or is it)')
            return render_template('login.html')
    elif request.method == 'GET':
        if session.get('username'):
            return redirect('/')
        return render_template('login.html')
    else:
        return redirect('/')
Пример #28
0
def login():
    print(request.method)
    if request.method == 'POST':
        password = request.form['password']
        username = request.form['username']
        if authenticate(str(username), str(password)):
            session['username'] = request.form['username']
            return redirect('/')
        else:
            flash(
                'Invalid username or password. This is NOT a test (or is it)')
            return render_template('login.html')
    elif request.method == 'GET':
        if session.get('username'):
            return redirect('/')
        return render_template('login.html')
    else:
        return redirect('/')
Пример #29
0
    def authenticate(self, username, password, **token_context):
        """Performs authentication using simplepam
        
        This function calls simplepam's authenticate function and returns
        status of authentication using PAM and token object (of type
        self.token_type)

        :param username: username in Linux

        :param password: password for username

        :param **token_context: additional args with keys for token generator
        """
        log.info("Trying to authenticate user: '******'", username)
        if simplepam.authenticate(username, password):
            expire = datetime.now() + timedelta(seconds=self.token_lifetime)
            log.info("Token will be valid to %s", expire.strftime('%c'))

            refresh_expire = -1
            if self.refresh_token_lifetime != -1:
                refresh_expire = datetime.now() + timedelta(
                    seconds=self.refresh_token_lifetime)
                log.info("Refresh token will be valid to %s",
                         refresh_expire.strftime('%c'))

            token = self.token_type(self.app.secret_key, username, expire,
                                    **token_context)
            token.context['salt'] = urandom(120).encode('base-64')

            refresh_context = token_context.copy()
            refresh_context['refresh_salt'] = urandom(120).encode('base-64')
            refresh_token = self.token_type(self.app.secret_key, username,
                                            refresh_expire, **refresh_context)

            self.token_storage.set(token)
            self.refresh_token_storage.set(refresh_token)
            return (True, token, refresh_token)

        log.warning("Couldn't authenticate user: %s", username)
        return (False, None, None)
Пример #30
0
    def validate(self):
        """Validate the form."""
        initial_validation = super(LoginForm, self).validate()
        if not initial_validation:
            return False

        self.user = User.query.filter_by(username=self.username.data).first()
        if not self.user:
            # Here, check against simplepam to see if the user name does in fact exist and can log in
            if simplepam.authenticate(self.username.data, self.password.data):
                return True
            self.username.errors.append("Unknown username")
            return False

        if not self.user.check_password(self.password.data):
            self.password.errors.append("Invalid password")
            return False

        if not self.user.active:
            self.username.errors.append("User not activated")
            return False
        return True
Пример #31
0
def login():
    """
    Uses simplepam to authenticate against Linux users
    """
    username = request.form["username"]
    password = request.form["password"]

    from simplepam import authenticate
    from grp import getgrall

    groups = [g.gr_name for g in getgrall() if username in g.gr_mem]
    if AUTH_GROUP in groups:
        if authenticate(str(username), str(password)):
            session["username"] = request.form["username"]
            return redirect(url_for("index"))
    flash(
        _(
            "You must log in with credentials for a user in the '%(group)s' group",
            group=AUTH_GROUP,
        ),
        "error",
    )
    return redirect(url_for("index"))
Пример #32
0
        def wrapped(resource, req, resp, *args, **kwargs):
            kerberized = False

            if "kerberos" in config.AUTHENTICATION_BACKENDS:
                for subnet in config.KERBEROS_SUBNETS:
                    if req.context.get("remote_addr") in subnet:
                        kerberized = True

            if not req.auth:  # no credentials provided
                if optional:  # optional allowed
                    req.context["user"] = None
                    return func(resource, req, resp, *args, **kwargs)

                if kerberized:
                    logger.debug(
                        "No Kerberos ticket offered while attempting to access %s from %s",
                        req.env["PATH_INFO"], req.context.get("remote_addr"))
                    raise falcon.HTTPUnauthorized(
                        "Unauthorized",
                        "No Kerberos ticket offered, are you sure you've logged in with domain user account?",
                        ["Negotiate"])
                else:
                    logger.debug(
                        "No credentials offered while attempting to access %s from %s",
                        req.env["PATH_INFO"], req.context.get("remote_addr"))
                    raise falcon.HTTPUnauthorized("Unauthorized",
                                                  "Please authenticate",
                                                  ("Basic", ))

            if kerberized:
                if not req.auth.startswith("Negotiate "):
                    raise falcon.HTTPBadRequest(
                        "Bad request",
                        "Bad header, expected Negotiate: %s" % req.auth)

                os.environ["KRB5_KTNAME"] = config.KERBEROS_KEYTAB

                try:
                    server_creds = gssapi.creds.Credentials(
                        usage='accept',
                        name=gssapi.names.Name('HTTP/%s' % const.FQDN))
                except gssapi.raw.exceptions.BadNameError:
                    logger.error(
                        "Failed initialize HTTP service principal, possibly bad permissions for %s or /etc/krb5.conf"
                        % config.KERBEROS_KEYTAB)
                    raise

                context = gssapi.sec_contexts.SecurityContext(
                    creds=server_creds)

                token = ''.join(req.auth.split()[1:])

                try:
                    context.step(b64decode(token))
                except binascii.Error:  # base64 errors
                    raise falcon.HTTPBadRequest("Bad request",
                                                "Malformed token")
                except gssapi.raw.exceptions.BadMechanismError:
                    raise falcon.HTTPBadRequest(
                        "Bad request",
                        "Unsupported authentication mechanism (NTLM?) was offered. Please make sure you've logged into the computer with domain user account. The web interface should not prompt for username or password."
                    )

                try:
                    username, realm = str(context.initiator_name).split("@")
                except AttributeError:  # TODO: Better exception
                    raise falcon.HTTPForbidden(
                        "Failed to determine username, are you trying to log in with correct domain account?"
                    )

                if realm != config.KERBEROS_REALM:
                    raise falcon.HTTPForbidden(
                        "Forbidden", "Cross-realm trust not supported")

                if username.endswith("$") and optional:
                    # Extract machine hostname
                    # TODO: Assert LDAP group membership
                    req.context["machine"] = username[:-1].lower()
                    req.context["user"] = None
                else:
                    # Attempt to look up real user
                    req.context["user"] = User.objects.get(username)

                logger.debug(
                    "Succesfully authenticated user %s for %s from %s",
                    req.context["user"], req.env["PATH_INFO"],
                    req.context["remote_addr"])
                return func(resource, req, resp, *args, **kwargs)

            else:
                if not req.auth.startswith("Basic "):
                    raise falcon.HTTPBadRequest(
                        "Bad request",
                        "Bad header, expected Basic: %s" % req.auth)
                basic, token = req.auth.split(" ", 1)
                user, passwd = b64decode(token).decode("ascii").split(":", 1)

            if config.AUTHENTICATION_BACKENDS == {"pam"}:
                if not simplepam.authenticate(user, passwd, "sshd"):
                    logger.critical(
                        "Basic authentication failed for user %s from  %s, "
                        "are you sure server process has read access to /etc/shadow?",
                        repr(user), req.context.get("remote_addr"))
                    raise falcon.HTTPUnauthorized("Forbidden",
                                                  "Invalid password",
                                                  ("Basic", ))
                conn = None
            elif "ldap" in config.AUTHENTICATION_BACKENDS:
                upn = "%s@%s" % (user, config.KERBEROS_REALM)
                click.echo("Connecting to %s as %s" %
                           (config.LDAP_AUTHENTICATION_URI, upn))
                conn = ldap.initialize(config.LDAP_AUTHENTICATION_URI,
                                       bytes_mode=False)
                conn.set_option(ldap.OPT_REFERRALS, 0)

                try:
                    conn.simple_bind_s(upn, passwd)
                except ldap.STRONG_AUTH_REQUIRED:
                    logger.critical(
                        "LDAP server demands encryption, use ldaps:// instead of ldaps://"
                    )
                    raise
                except ldap.SERVER_DOWN:
                    logger.critical(
                        "Failed to connect LDAP server at %s, are you sure LDAP server's CA certificate has been copied to this machine?",
                        config.LDAP_AUTHENTICATION_URI)
                    raise
                except ldap.INVALID_CREDENTIALS:
                    logger.critical(
                        "LDAP bind authentication failed for user %s from  %s",
                        repr(user), req.context.get("remote_addr"))
                    raise falcon.HTTPUnauthorized(
                        "Forbidden",
                        "Please authenticate with %s domain account username" %
                        const.DOMAIN, ("Basic", ))

                req.context["ldap_conn"] = conn
            else:
                raise NotImplementedError(
                    "No suitable authentication method configured")

            try:
                req.context["user"] = User.objects.get(user)
            except User.DoesNotExist:
                raise falcon.HTTPUnauthorized("Unauthorized",
                                              "Invalid credentials",
                                              ("Basic", ))

            retval = func(resource, req, resp, *args, **kwargs)
            if conn:
                conn.unbind_s()
            return retval
def verify_pw(username, password):
    return authenticate(str(username), str(password))
Пример #34
0
import sys
from simplepam import authenticate

user = sys.argv[1]
passwd = sys.argv[2]

if authenticate(user, passwd):
    #0 => means success in exit code
    sys.exit(0)
else:
    #=>anything else is an error of somekind
    sys.exit(1)
Пример #35
0
from simplepam import authenticate
import sys
print 'OK' if authenticate(sys.argv[1], sys.argv[2]) else 'ERR'
Пример #36
0
 def check_password(self, password):
     return simplepam.authenticate(self.username, password)
Пример #37
0
    def check_auth(self, user, password):
	return authenticate(user,password, self.service_name)
Пример #38
0
def check_auth(username, password, required_scopes=None):
    if authenticate(username, password):
        return {'sub': username}
    return None
Пример #39
0
 def check_password(self, value):
     """Check password."""
     return simplepam.authenticate(self.username, self.password)
Пример #40
0
 def check_auth(cls, username, password):
     r = authenticate(str(username), str(password), service='sshd')
     if not r:
         current_app.logger.error(
             '[Account System]: %s pam auth failed return: %s', username, r)
     return r
Пример #41
0
def check_auth(username, password):
    """This function is called to check if a username /
    password combination is valid.
    """

    return simplepam.authenticate(username, password)
Пример #42
0
import sys
from simplepam import authenticate

user = sys.argv[1]
passwd = sys.argv[2]

if authenticate(user,passwd):
	#0 => means success in exit code
	sys.exit(0)	
else:
	#=>anything else is an error of somekind
	sys.exit(1)
	
Пример #43
0
 def check_auth(cls, username, password):
     r = authenticate(str(username), str(password), service='sshd')
     if not r:
         current_app.logger.error('[Account System]: %s pam auth failed return: %s',
                                  username, r)
     return r
Пример #44
0
 def authenticate(self, username, password):
     # XXX: Should we be picky and check for validity of the UID?
     import simplepam
     return simplepam.authenticate(username, password, self._service)
Пример #45
0
 def __call__(self, login, password):
     if simplepam.authenticate(login, password):
         account = pwd.getpwnam(login)
         return {"name": account.pw_gecos}
     return None