Пример #1
0
    def _auth(self, result, credentials):
        if not result:
            # Username not found in db
            return defer.fail(
                error.UnauthorizedLogin('Username or Password mismatch'))
        else:
            id = result.id
            password = result.password

        if IUsernameHashedPassword.providedBy(credentials):
            if credentials.checkPassword(password):
                return defer.succeed(id)
            else:
                return defer.fail(
                    error.UnauthorizedLogin('Username or Password mismatch'))
        elif IUsernamePassword.providedBy(credentials):
            m = hashlib.md5()
            m.update(credentials.password)
            #if password==m.hexdigest():
            if password == credentials.password:
                from goliat.session.usermanager import UserManager
                if not UserManager().exists(id):
                    return defer.succeed(id)
                else:
                    return defer.succeed(id)
                    #return defer.fail(
                    #    error.LoginFailed('Already Logged'))
            else:
                return defer.fail(
                    error.UnauthorizedLogin('Username or Password mismatch'))
        else:
            # Wooops!
            return defer.fail(
                error.UnhandledCredentials(
                    'Revise the protocol configuration'))
Пример #2
0
    def _auth(self, result, credentials):
        if not result:
            # Username not found in db            
            return defer.fail(
                error.UnauthorizedLogin('Username or Password mismatch'))
        else:
            id=result.id
            password=result.password

        if IUsernameHashedPassword.providedBy(credentials):
            if credentials.checkPassword(password):
                return defer.succeed(id)
            else:
                return defer.fail(
                    error.UnauthorizedLogin('Username or Password mismatch'))
        elif IUsernamePassword.providedBy(credentials):
            m=hashlib.md5()
            m.update(credentials.password)
            #if password==m.hexdigest():
            if password==credentials.password:
                from goliat.session.usermanager import UserManager
                if not UserManager().exists(id):
                    return defer.succeed(id)
                else:
                    return defer.succeed(id)
                    #return defer.fail(
                    #    error.LoginFailed('Already Logged'))
            else:
                return defer.fail(
                    error.UnauthorizedLogin('Username or Password mismatch'))
        else:
            # Wooops!            
            return defer.fail(
                error.UnhandledCredentials('Revise the protocol configuration'))
Пример #3
0
	def checkPassword(self, credentials):
		try:
			pw = self.__users[str(credentials.username)][0]

		except KeyError:
			return False

		return credentials.checkPassword(pw)
Пример #4
0
    def checkPassword(self, credentials):
        try:
            pw = self.__users[str(credentials.username)][0]

        except KeyError:
            return False

        return credentials.checkPassword(pw)
Пример #5
0
 def requestAvatarId(self, credentials):
     username = credentials.username
     if self.passwords.has_key(username):
         if credentials.checkPassword(self.passwords[username]):
             return defer.succeed(username)
         else:
             return defer.fail(credError.UnauthorizedLogin("Bad password"))
     else:
         return defer.fail(credError.UnauthorizedLogin("No such user"))
Пример #6
0
 def requestAvatarId(self, credentials):
     username = credentials.username
     if username in self.tokens:
         if credentials.checkPassword(self.tokens[username]):
             return defer.succeed(username)
         else:
             return defer.fail(
                 credError.UnauthorizedLogin("Bad session token"))
     else:
         return defer.fail(credError.UnauthorizedLogin("No such user"))
Пример #7
0
 def requestAvatarId(self, credentials):
     username = credentials.username
     if username in self.passwords:
         # if credentials.password == self.passwords[username]:
         if credentials.checkPassword(self.passwords[username]):
             return defer.succeed(username)
         else:
             return defer.fail(credError.UnauthorizedLogin("Bad password"))
     else:
         return defer.fail(credError.UnauthorizedLogin("No such user"))
Пример #8
0
 def checkValidUser(self, result, credentials):
     """Toma el resultado de una consulta y una credencial y
     chequea si el password de la credencial coincide con el
     de la consulta (a traves de checkPassword)
     """
     if len(result) > 0:
         d = self._checkKind(result[0][0], result[0][3])
         d.addCallback(self._checkPassword, credentials, result)
         return d
     else: 
         #el usuario no existe. 
         if DEMO_MODE:
             if credentials.checkPassword ('demoCreate:TUTOR'):
                 kind = TUTOR
             elif credentials.checkPassword ('demoCreate:PUPIL'):
                 kind = PUPIL
             else: #se ofrece crear un usuario temporal. 
                 return failure.Failure(error.UnauthorizedLogin('no_existe'))
             demo = DemoMaker(credentials.username, kind, self.db)
             d = demo.createDemo()
             return d
         else:     
             return failure.Failure(error.UnauthorizedLogin(_('Nombre de usuario o clave incorrecta')))
Пример #9
0
	def _cbAuthenticate(self, result, cred, deferred):
		"""
		Checks to see if authentication was good. Called once the info has
		been retrieved from the DB.
		"""
		if len(result) == 0:
			#username not found in db
			deferred.errback(credError.UnauthorizedLogin('username unknown'))
		else:
			userid, password = result[0]
			if self.customCheckFunc:
				# ownder do the checking
				if self.customCheckFunc(
					userid, cred.password, password):
					deferred.callback(userid)
				else:
					deferred.errback(
						credError.UnauthorizedLogin('password mismatch'))
			else:
				# it's up to us or the credentials object to do checking
				if credentials.IUsernameHashedPassword.providedBy(cred):
					# Let the hashed password checker do the checking
					if credentials.checkPassword(password):
						deferred.callback(userid)
					else:
						deferred.errback(
							error.UnauthorizedLogin('password mismatch'))
				elif credentials.IUsernamePassword.providedBy(cred):
					# Compare passwords, deviding whether to use case sensitivity
					if self.caseSensitivePasswords:
						passOk = (
							password.lower() == cred.password.lower())
					else:
						passOk = password == cred.password
					# See if they match
					if passOk:
						deferred.callback(userid)
					else:
						deferred.errback(
							credError.UnauthorizedLogin('password mismatch'))
				else:
					# We don't know how to check this
					deferred.errback(credError.UnhandledCredentials())
Пример #10
0
    def assertServerAuthenticated(self, loginArgs, username="******", password="******"):
        """
        Assert that a login attempt has been made, that the credentials and
        interfaces passed to it are correct, and that when the login request
        is satisfied, a successful response is sent by the ESMTP server
        instance.

        @param loginArgs: A C{list} previously passed to L{portalFactory}.
        """
        d, credentials, mind, interfaces = loginArgs.pop()
        self.assertEqual(loginArgs, [])
        self.failUnless(twisted.cred.credentials.IUsernamePassword.providedBy(credentials))
        self.assertEqual(credentials.username, username)
        self.failUnless(credentials.checkPassword(password))
        self.assertIn(smtp.IMessageDeliveryFactory, interfaces)
        self.assertIn(smtp.IMessageDelivery, interfaces)
        d.callback((smtp.IMessageDeliveryFactory, None, lambda: None))

        self.assertEqual(
            ["235 Authentication successful."],
            self.transport.value().splitlines())
Пример #11
0
    def requestAvatarId(self, credentials):

        if len(credentials.username.split('-'))!=2:
            return failure.Failure(UnauthorizedError())
            
            
        username,role=credentials.username.split('-')
        
        try:
            banned = BannedUser.byName(username)
            return failure.Failure(BannedError())
        except:
            pass
        
        if THESERVER.roleLimits.has_key(role):
            limit = THESERVER.roleLimits[role]
            if not limit:
                return failure.Failure(ServerFullError())
            n = 0
            for x in MasterPerspective.users:
                
                if role == x[1]:
                    n+=1
                    if n == limit:
                        return failure.Failure(ServerFullError())
                        
        
        roles = ('Player','Immortal','Guardian','World')
        if role in roles:
            for r in roles:
                if (username,r) in MasterPerspective.users[:]:
                    for avatar in THESERVER.realm.avatars[:]:
                        if avatar.username == username and avatar.role.name == r:
                            #kick
                            try:
                                avatar.logout()
                            except:
                                traceback.print_exc()
                                

        
        try:
            user = User.byName(username)

        except SQLObjectNotFound:
            print "User not found",username
            return failure.Failure(UnauthorizedError())
        
        if self.useMD5:
            matched = credentials.checkPassword(md5(user.password).digest())
            if not matched:
                matched = credentials.checkPassword(md5(user.tempPassword).digest())
                
            #XXX REMOVE ME AT A LATER TIME, LEGACY non-md5 using CLIENTS!!! 9-10-06
            if not matched:
                matched = credentials.checkPassword(user.password)

        else:
            matched = credentials.checkPassword(user.password)
            if not matched:
                matched = credentials.checkPassword(user.tempPassword)
            
        if not matched:
            return failure.Failure(UnauthorizedError())
            
        r = user.getRole(role)
        if r:
            print r
            return credentials.username
                        
        #bad role
        
        return failure.Failure(UnauthorizedError())
Пример #12
0
 def requestAvatarId(self, credentials):
     return credentials.checkPassword().addCallback(self._cbPasswordMatch,
                                                    credentials.username)
Пример #13
0
 def requestAvatarId(self, credentials):
     return credentials.checkPassword().addCallback(
            self._cbPasswordMatch, credentials.username)
Пример #14
0
    def requestAvatarId(self, credentials):

        if len(credentials.username.split('-')) != 2:
            return failure.Failure(UnauthorizedError())

        username, role = credentials.username.split('-')

        try:
            banned = BannedUser.byName(username)
            return failure.Failure(BannedError())
        except:
            pass

        if THESERVER.roleLimits.has_key(role):
            limit = THESERVER.roleLimits[role]
            if not limit:
                return failure.Failure(ServerFullError())
            n = 0
            for x in MasterPerspective.users:

                if role == x[1]:
                    n += 1
                    if n == limit:
                        return failure.Failure(ServerFullError())

        roles = ('Player', 'Immortal', 'Guardian', 'World')
        if role in roles:
            for r in roles:
                if (username, r) in MasterPerspective.users[:]:
                    for avatar in THESERVER.realm.avatars[:]:
                        if avatar.username == username and avatar.role.name == r:
                            #kick
                            try:
                                avatar.logout()
                            except:
                                traceback.print_exc()

        try:
            user = User.byName(username)

        except SQLObjectNotFound:
            print "User not found", username
            return failure.Failure(UnauthorizedError())

        if self.useMD5:
            matched = credentials.checkPassword(md5(user.password).digest())
            if not matched:
                matched = credentials.checkPassword(
                    md5(user.tempPassword).digest())

            #XXX REMOVE ME AT A LATER TIME, LEGACY non-md5 using CLIENTS!!! 9-10-06
            if not matched:
                matched = credentials.checkPassword(user.password)

        else:
            matched = credentials.checkPassword(user.password)
            if not matched:
                matched = credentials.checkPassword(user.tempPassword)

        if not matched:
            return failure.Failure(UnauthorizedError())

        r = user.getRole(role)
        if r:
            print r
            return credentials.username

        #bad role

        return failure.Failure(UnauthorizedError())
Пример #15
0
 def requestAvatarId(self, credentials):
     if credentials.username in self.dirdbm:
         if credentials.checkPassword(self.dirdbm[credentials.username]):
             return credentials.username
     raise cred.error.UnauthorizedLogin()