def check_password(self, secret): """Check the passed password for this user.""" if not self.password: return False # Old-style separate salt. # # TODO: remove this deprecated code path when a suitable proportion of # users have updated their password by logging-in. (Check how many # users still have a non-null salt in the database.) if self.salt is not None: verified = password_context.verify(secret + self.salt, self.password) # If the password is correct, take this opportunity to upgrade the # password and remove the salt. if verified: self.password = secret return verified verified, new_hash = password_context.verify_and_update(secret, self.password) if not verified: return False if new_hash is not None: self._password = text_type(new_hash) return verified
def check_password(self, value): """Check the passed password for this user.""" if self.password is None: return False # Old-style separate salt. # # TODO: remove this deprecated code path when a suitable proportion of # users have updated their password by logging-in. (Check how many # users still have a non-null salt in the database.) if self.salt is not None: verified = password_context.verify(value + self.salt, self.password) # If the password is correct, take this opportunity to upgrade the # password and remove the salt. if verified: self.password = value return verified verified, new_hash = password_context.verify_and_update( value, self.password) if not verified: return False if new_hash is not None: self._password = text_type(new_hash) return verified