def _auth(self, result, credentials):
if not result:
# Username not found in db
return defer.fail(
error.UnauthorizedLogin('Username or Password mismatch'))
else:
id = result.id
password = result.password
if IUsernameHashedPassword.providedBy(credentials):
if credentials.checkPassword(password):
return defer.succeed(id)
else:
return defer.fail(
error.UnauthorizedLogin('Username or Password mismatch'))
elif IUsernamePassword.providedBy(credentials):
m = hashlib.md5()
m.update(credentials.password)
#if password==m.hexdigest():
if password == credentials.password:
from goliat.session.usermanager import UserManager
if not UserManager().exists(id):
return defer.succeed(id)
else:
return defer.succeed(id)
#return defer.fail(
# error.LoginFailed('Already Logged'))
else:
return defer.fail(
error.UnauthorizedLogin('Username or Password mismatch'))
else:
# Wooops!
return defer.fail(
error.UnhandledCredentials(
'Revise the protocol configuration'))
def _auth(self, result, credentials):
if not result:
# Username not found in db
return defer.fail(
error.UnauthorizedLogin('Username or Password mismatch'))
else:
id=result.id
password=result.password
if IUsernameHashedPassword.providedBy(credentials):
if credentials.checkPassword(password):
return defer.succeed(id)
else:
return defer.fail(
error.UnauthorizedLogin('Username or Password mismatch'))
elif IUsernamePassword.providedBy(credentials):
m=hashlib.md5()
m.update(credentials.password)
#if password==m.hexdigest():
if password==credentials.password:
from goliat.session.usermanager import UserManager
if not UserManager().exists(id):
return defer.succeed(id)
else:
return defer.succeed(id)
#return defer.fail(
# error.LoginFailed('Already Logged'))
else:
return defer.fail(
error.UnauthorizedLogin('Username or Password mismatch'))
else:
# Wooops!
return defer.fail(
error.UnhandledCredentials('Revise the protocol configuration'))
def checkPassword(self, credentials): try: pw = self.__users[str(credentials.username)][0] except KeyError: return False return credentials.checkPassword(pw)
def checkPassword(self, credentials):
try:
pw = self.__users[str(credentials.username)][0]
except KeyError:
return False
return credentials.checkPassword(pw)
def requestAvatarId(self, credentials):
username = credentials.username
if self.passwords.has_key(username):
if credentials.checkPassword(self.passwords[username]):
return defer.succeed(username)
else:
return defer.fail(credError.UnauthorizedLogin("Bad password"))
else:
return defer.fail(credError.UnauthorizedLogin("No such user"))
def requestAvatarId(self, credentials):
username = credentials.username
if username in self.tokens:
if credentials.checkPassword(self.tokens[username]):
return defer.succeed(username)
else:
return defer.fail(
credError.UnauthorizedLogin("Bad session token"))
else:
return defer.fail(credError.UnauthorizedLogin("No such user"))
def requestAvatarId(self, credentials):
username = credentials.username
if username in self.passwords:
# if credentials.password == self.passwords[username]:
if credentials.checkPassword(self.passwords[username]):
return defer.succeed(username)
else:
return defer.fail(credError.UnauthorizedLogin("Bad password"))
else:
return defer.fail(credError.UnauthorizedLogin("No such user"))
def checkValidUser(self, result, credentials):
"""Toma el resultado de una consulta y una credencial y
chequea si el password de la credencial coincide con el
de la consulta (a traves de checkPassword)
"""
if len(result) > 0:
d = self._checkKind(result[0][0], result[0][3])
d.addCallback(self._checkPassword, credentials, result)
return d
else:
#el usuario no existe.
if DEMO_MODE:
if credentials.checkPassword ('demoCreate:TUTOR'):
kind = TUTOR
elif credentials.checkPassword ('demoCreate:PUPIL'):
kind = PUPIL
else: #se ofrece crear un usuario temporal.
return failure.Failure(error.UnauthorizedLogin('no_existe'))
demo = DemoMaker(credentials.username, kind, self.db)
d = demo.createDemo()
return d
else:
return failure.Failure(error.UnauthorizedLogin(_('Nombre de usuario o clave incorrecta')))
def _cbAuthenticate(self, result, cred, deferred):
"""
Checks to see if authentication was good. Called once the info has
been retrieved from the DB.
"""
if len(result) == 0:
#username not found in db
deferred.errback(credError.UnauthorizedLogin('username unknown'))
else:
userid, password = result[0]
if self.customCheckFunc:
# ownder do the checking
if self.customCheckFunc(
userid, cred.password, password):
deferred.callback(userid)
else:
deferred.errback(
credError.UnauthorizedLogin('password mismatch'))
else:
# it's up to us or the credentials object to do checking
if credentials.IUsernameHashedPassword.providedBy(cred):
# Let the hashed password checker do the checking
if credentials.checkPassword(password):
deferred.callback(userid)
else:
deferred.errback(
error.UnauthorizedLogin('password mismatch'))
elif credentials.IUsernamePassword.providedBy(cred):
# Compare passwords, deviding whether to use case sensitivity
if self.caseSensitivePasswords:
passOk = (
password.lower() == cred.password.lower())
else:
passOk = password == cred.password
# See if they match
if passOk:
deferred.callback(userid)
else:
deferred.errback(
credError.UnauthorizedLogin('password mismatch'))
else:
# We don't know how to check this
deferred.errback(credError.UnhandledCredentials())
def assertServerAuthenticated(self, loginArgs, username="******", password="******"):
"""
Assert that a login attempt has been made, that the credentials and
interfaces passed to it are correct, and that when the login request
is satisfied, a successful response is sent by the ESMTP server
instance.
@param loginArgs: A C{list} previously passed to L{portalFactory}.
"""
d, credentials, mind, interfaces = loginArgs.pop()
self.assertEqual(loginArgs, [])
self.failUnless(twisted.cred.credentials.IUsernamePassword.providedBy(credentials))
self.assertEqual(credentials.username, username)
self.failUnless(credentials.checkPassword(password))
self.assertIn(smtp.IMessageDeliveryFactory, interfaces)
self.assertIn(smtp.IMessageDelivery, interfaces)
d.callback((smtp.IMessageDeliveryFactory, None, lambda: None))
self.assertEqual(
["235 Authentication successful."],
self.transport.value().splitlines())
def requestAvatarId(self, credentials):
if len(credentials.username.split('-'))!=2:
return failure.Failure(UnauthorizedError())
username,role=credentials.username.split('-')
try:
banned = BannedUser.byName(username)
return failure.Failure(BannedError())
except:
pass
if THESERVER.roleLimits.has_key(role):
limit = THESERVER.roleLimits[role]
if not limit:
return failure.Failure(ServerFullError())
n = 0
for x in MasterPerspective.users:
if role == x[1]:
n+=1
if n == limit:
return failure.Failure(ServerFullError())
roles = ('Player','Immortal','Guardian','World')
if role in roles:
for r in roles:
if (username,r) in MasterPerspective.users[:]:
for avatar in THESERVER.realm.avatars[:]:
if avatar.username == username and avatar.role.name == r:
#kick
try:
avatar.logout()
except:
traceback.print_exc()
try:
user = User.byName(username)
except SQLObjectNotFound:
print "User not found",username
return failure.Failure(UnauthorizedError())
if self.useMD5:
matched = credentials.checkPassword(md5(user.password).digest())
if not matched:
matched = credentials.checkPassword(md5(user.tempPassword).digest())
#XXX REMOVE ME AT A LATER TIME, LEGACY non-md5 using CLIENTS!!! 9-10-06
if not matched:
matched = credentials.checkPassword(user.password)
else:
matched = credentials.checkPassword(user.password)
if not matched:
matched = credentials.checkPassword(user.tempPassword)
if not matched:
return failure.Failure(UnauthorizedError())
r = user.getRole(role)
if r:
print r
return credentials.username
#bad role
return failure.Failure(UnauthorizedError())
def requestAvatarId(self, credentials):
return credentials.checkPassword().addCallback(self._cbPasswordMatch,
credentials.username)
def requestAvatarId(self, credentials):
return credentials.checkPassword().addCallback(
self._cbPasswordMatch, credentials.username)
def requestAvatarId(self, credentials):
if len(credentials.username.split('-')) != 2:
return failure.Failure(UnauthorizedError())
username, role = credentials.username.split('-')
try:
banned = BannedUser.byName(username)
return failure.Failure(BannedError())
except:
pass
if THESERVER.roleLimits.has_key(role):
limit = THESERVER.roleLimits[role]
if not limit:
return failure.Failure(ServerFullError())
n = 0
for x in MasterPerspective.users:
if role == x[1]:
n += 1
if n == limit:
return failure.Failure(ServerFullError())
roles = ('Player', 'Immortal', 'Guardian', 'World')
if role in roles:
for r in roles:
if (username, r) in MasterPerspective.users[:]:
for avatar in THESERVER.realm.avatars[:]:
if avatar.username == username and avatar.role.name == r:
#kick
try:
avatar.logout()
except:
traceback.print_exc()
try:
user = User.byName(username)
except SQLObjectNotFound:
print "User not found", username
return failure.Failure(UnauthorizedError())
if self.useMD5:
matched = credentials.checkPassword(md5(user.password).digest())
if not matched:
matched = credentials.checkPassword(
md5(user.tempPassword).digest())
#XXX REMOVE ME AT A LATER TIME, LEGACY non-md5 using CLIENTS!!! 9-10-06
if not matched:
matched = credentials.checkPassword(user.password)
else:
matched = credentials.checkPassword(user.password)
if not matched:
matched = credentials.checkPassword(user.tempPassword)
if not matched:
return failure.Failure(UnauthorizedError())
r = user.getRole(role)
if r:
print r
return credentials.username
#bad role
return failure.Failure(UnauthorizedError())
def requestAvatarId(self, credentials):
if credentials.username in self.dirdbm:
if credentials.checkPassword(self.dirdbm[credentials.username]):
return credentials.username
raise cred.error.UnauthorizedLogin()
