本文整理汇总了Python中AccessControl.AuthEncoding类的典型用法代码示例。如果您正苦于以下问题:Python AuthEncoding类的具体用法?Python AuthEncoding怎么用?Python AuthEncoding使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了AuthEncoding类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: doChangeUser
def doChangeUser(self, principal_id, password):
"""
Update user's password date and store passwords history.
"""
user = api.user.get(username=principal_id)
portal = api.portal.get()
current_time = portal.ZopeTime()
user.setMemberProperties({'password_date': current_time})
self._invalidatePrincipalCache(principal_id)
# Remember passwords here
max_history_pws = api.portal.get_registry_record(
'collective.pwexpiry.password_history_size'
)
if max_history_pws == 0:
# disabled, return here.
return
enc_pw = password
if not AuthEncoding.is_encrypted(enc_pw):
enc_pw = AuthEncoding.pw_encrypt(enc_pw)
pw_history = list(user.getProperty('password_history', tuple()))
pw_history.append(enc_pw)
if len(pw_history) > max_history_pws:
# Truncate the history
pw_history = pw_history[-max_history_pws:]
user.setMemberProperties({'password_history': tuple(pw_history)})示例2: authenticateCredentials
def authenticateCredentials( self, credentials ):
""" See IAuthenticationPlugin.
o We expect the credentials to be those returned by
ILoginPasswordExtractionPlugin.
"""
login = credentials.get( 'login' )
password = credentials.get( 'password' )
if login is None or password is None:
return None
userid = self._login_to_userid.get( login, login )
reference = self._user_passwords.get(userid)
if reference is None:
return None
if AuthEncoding.is_encrypted( reference ):
if AuthEncoding.pw_validate( reference, password ):
return userid, login
# Support previous naive behavior
digested = sha.sha( password ).hexdigest()
if reference == digested:
return userid, login
return None示例3: authenticateCredentials
def authenticateCredentials(self, credentials):
""" Fulfill AuthenticationPlugin requirements """
acl = self._getUserFolder()
login = credentials.get('login', '')
password = credentials.get('password', '')
if not acl or not login or not password:
return (None, None)
if (
login == emergency_user.getUserName() and
AuthEncoding.pw_validate(
emergency_user._getPassword(),
password
)
):
return (login, login)
user = acl.getUser(login)
if user is None:
return (None, None)
elif user and AuthEncoding.pw_validate(user._getPassword(),
password):
return (user.getId(), login)
return (None, None)示例4: testBlankPassword
def testBlankPassword(self):
pw = ''
for id in AuthEncoding.listSchemes():
enc = AuthEncoding.pw_encrypt(pw, id)
assert enc != pw
assert AuthEncoding.pw_validate(enc, pw)
assert not AuthEncoding.pw_validate(enc, enc)
assert not AuthEncoding.pw_validate(enc, 'xxx')示例5: _pw_encrypt
def _pw_encrypt(self, password):
"""Returns the AuthEncoding encrypted password
If 'password' is already encrypted, it is returned
as is and not encrypted again.
"""
if AuthEncoding.is_encrypted(password):
return password
return AuthEncoding.pw_encrypt(password)示例6: authenticateCredentials
def authenticateCredentials(self, credentials):
""" See IAuthenticationPlugin.
o We expect the credentials to be those returned by
ILoginPasswordExtractionPlugin.
"""
login = credentials.get('login')
password = credentials.get('password')
if login is None or password is None:
return None
# The original implementation does this, which unhelpfully
# falls back to giving the login as userid when the login does
# not match a user. This means you will seem to login: you
# get a message "welcome, you are now logged in". But you are
# not actually logged in.
#userid = self._login_to_userid.get(login, login)
# Instead, we do some more checking ourself.
userid = None
if '@' not in login or login == login.lower():
userid = self._login_to_userid.get(login)
logger.debug("Standard authentication for %s gives userid %s",
login, userid)
else:
# So at this point we have e-mail address as login and it
# is not lowercase. We try the given login and then the
# lowercase version if nothing is found.
userid = self._login_to_userid.get(login)
logger.debug("Original case authentication for %s gives "
"userid %r", login, userid)
if not userid:
login = login.lower()
userid = self._login_to_userid.get(login)
logger.debug("Lower case authentication for %s gives "
"userid %r", login, userid)
if userid:
# Might not be needed, but just in case.
credentials['login'] = login
if not userid:
return None
reference = self._user_passwords.get(userid)
if reference is None:
return None
if AuthEncoding.is_encrypted(reference):
if AuthEncoding.pw_validate(reference, password):
return userid, login
# Support previous naive behavior
digested = sha.sha(password).hexdigest()
if reference == digested:
return userid, login
return None示例7: setAttempt
def setAttempt(self, login, password):
"increment attempt count and record date stamp last attempt and IP"
root = self.getRootPlugin()
count, last, IP, reference = root._login_attempts.get(login, (0, None, '', None))
if reference and AuthEncoding.pw_validate(reference, password):
return # we don't count repeating same password in case its correct
else:
count += 1
IP = self.remote_ip()
log.info("user '%s' attempt #%i %s last: %s", login, count, IP, last)
last = DateTime()
reference = AuthEncoding.pw_encrypt(password)
root._login_attempts[login] = (count, last, IP, reference)示例8: authenticateCredentials
def authenticateCredentials(self, credentials):
""" See IAuthenticationPlugin.
Basically this is like the same method from ZODBUserManager except that we preprocess
the password before digesting is, since the migration hashed an already-hashed value.
Oh, and we look up the proper plugin by id provided by property.
o We expect the credentials to be those returned by
ILoginPasswordExtractionPlugin.
"""
login = credentials.get( 'login' )
password = credentials.get( 'password' )
if login is None or password is None:
return None
targetname = self.target_id
target = getattr(self, targetname)
userid = target._login_to_userid.get(login, login)
reference = target._user_passwords.get(userid)
if reference is None: return None
salt = userid[:2]
hashed = crypt.crypt(password, salt)
if AuthEncoding.pw_validate(reference, hashed): # it would normally be reference, password here
return userid, login
return None示例9: authenticate
def authenticate(self, password, request):
passwrd=self._getPassword()
result = AuthEncoding.pw_validate(passwrd, password)
domains=self.getDomains()
if domains:
return result and domainSpecMatch(domains, request)
return result示例10: _createLDAPPassword
def _createLDAPPassword(password, encoding='SHA'):
""" Create a password string suitable for the userPassword attribute
"""
encoding = encoding.upper()
if encoding in ('SSHA', 'SHA', 'CRYPT'):
pwd_str = AuthEncoding.pw_encrypt(password, encoding)
elif encoding == 'MD5':
m = md5_new(password)
pwd_str = '{MD5}' + base64.encodestring(m.digest())
elif encoding == 'CLEAR':
pwd_str = password
else:
pwd_str = AuthEncoding.pw_encrypt(password, 'SSHA')
return pwd_str.strip()示例11: password
def password(self, password):
# When editing, the password field is empty in the browser; do
# not do anything then.
if password is not None:
self.context.password = AuthEncoding.pw_encrypt(
safe_encode(password),
encoding='BCRYPT'
)示例12: updateUserPassword
def updateUserPassword( self, user_id, password ):
if self._user_passwords.get( user_id ) is None:
raise KeyError, 'Invalid user ID: %s' % user_id
if password:
digested = AuthEncoding.pw_encrypt( password )
self._user_passwords[ user_id ] = digested示例13: setPasswordForUser
def setPasswordForUser(self, login, password):
"""Add password to the list of previously used passwords for a user.
"""
hashes = self._user_passwords.get(login, [])
hash = AuthEncoding.pw_encrypt(password)
hashes.append(hash)
self._user_passwords[login] = hashes
log.info("Password '%s' for user '%s' stored" % (password, login))示例14: authenticateCredentials
def authenticateCredentials( self, credentials ):
""" See IAuthenticationPlugin.
o We expect the credentials to be those returned by
ILoginPasswordExtractionPlugin.
"""
login = credentials.get( 'login' )
password = credentials.get( 'password' )
if login is None or password is None:
return None
# Do we have a link between login and userid? Do NOT fall
# back to using the login as userid when there is no match, as
# that gives a high chance of seeming to log in successfully,
# but in reality failing.
userid = self._login_to_userid.get(login)
if userid is None:
# Someone may be logging in with a userid instead of a
# login name and the two are not the same. We could try
# turning those around, but really we should just fail.
#
# userid = login
# login = self._userid_to_login.get(userid)
# if login is None:
# return None
return None
reference = self._user_passwords.get(userid)
if reference is None:
return None
if AuthEncoding.is_encrypted( reference ):
if AuthEncoding.pw_validate( reference, password ):
return userid, login
# Support previous naive behavior
digested = sha( password ).hexdigest()
if reference == digested:
return userid, login
return None示例15: test_reset_password
def test_reset_password(self):
from AccessControl import AuthEncoding
member = self._createType(
self.layer['portal'],
'dexterity.membrane.member',
'joe',
)
member.email = '[email protected]'
self.layer['portal'].membrane_tool.reindexObject(member)
user_id = get_user_id_for_email(
self.layer['portal'],
'[email protected]',
)
self.layer['portal'].acl_users.userSetPassword(user_id, b'foobar')
self.assertTrue(AuthEncoding.is_encrypted(member.password))
scheme_prefix = '{BCRYPT}'
self.assertTrue(member.password.startswith(scheme_prefix))
self.assertTrue(AuthEncoding.pw_validate(member.password, b'foobar'))