def checkPassword(user, password): # First try their local password if user.password and user.password == User.crypt(user.username, password): return True # Then try Kerberos if possible if settings.kerberosRealm: try: import kerberos try: if kerberos.checkPassword(user.username, password, '', settings.kerberosRealm): return True except (kerberos.KrbError, kerberos.BasicAuthError): pass except ImportError: pass return False
def resetUserPasswordPost(handler, username, key, p_newPassword, p_newPassword2): handler.title('Reset password') user = User.load(username = username) if not user: ErrorBox.die('User', "No user named <b>%s</b>" % stripTags(username)) if user != handler.session['user'] and (not user.resetkey or user.resetkey != key): ErrorBox.die('Key', "Incorrect reset key") if p_newPassword != p_newPassword2: ErrorBox.die('Password', "New password mismatch") user.password = User.crypt(user.username, p_newPassword) user.hotpKey = '' user.resetkey = None user.save() print SuccessBox('Password changed', "Your password has been reset; you can <a href=\"/login\">login</a> now") Event.passwordReset(handler, user)