本文整理汇总了Python中AccessControl.AuthEncoding.pw_validate方法的典型用法代码示例。如果您正苦于以下问题:Python AuthEncoding.pw_validate方法的具体用法?Python AuthEncoding.pw_validate怎么用?Python AuthEncoding.pw_validate使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类AccessControl.AuthEncoding的用法示例。
在下文中一共展示了AuthEncoding.pw_validate方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: authenticateCredentials
# 需要导入模块: from AccessControl import AuthEncoding [as 别名]
# 或者: from AccessControl.AuthEncoding import pw_validate [as 别名]
def authenticateCredentials(self, credentials):
""" Fulfill AuthenticationPlugin requirements """
acl = self._getUserFolder()
login = credentials.get('login', '')
password = credentials.get('password', '')
if not acl or not login or not password:
return (None, None)
if (
login == emergency_user.getUserName() and
AuthEncoding.pw_validate(
emergency_user._getPassword(),
password
)
):
return (login, login)
user = acl.getUser(login)
if user is None:
return (None, None)
elif user and AuthEncoding.pw_validate(user._getPassword(),
password):
return (user.getId(), login)
return (None, None)示例2: testBlankPassword
# 需要导入模块: from AccessControl import AuthEncoding [as 别名]
# 或者: from AccessControl.AuthEncoding import pw_validate [as 别名]
def testBlankPassword(self):
pw = ''
for id in AuthEncoding.listSchemes():
enc = AuthEncoding.pw_encrypt(pw, id)
assert enc != pw
assert AuthEncoding.pw_validate(enc, pw)
assert not AuthEncoding.pw_validate(enc, enc)
assert not AuthEncoding.pw_validate(enc, 'xxx')示例3: testBadPasword
# 需要导入模块: from AccessControl import AuthEncoding [as 别名]
# 或者: from AccessControl.AuthEncoding import pw_validate [as 别名]
def testBadPasword(self):
pw = 'OK_pa55w0rd \n'
for id in AuthEncoding.listSchemes():
enc = AuthEncoding.pw_encrypt(pw, id)
assert enc != pw
assert not AuthEncoding.pw_validate(enc, 'xxx')
assert not AuthEncoding.pw_validate(enc, enc)
if id != 'CRYPT':
# crypt truncates passwords and would fail this test.
assert not AuthEncoding.pw_validate(enc, pw[:-1])
assert not AuthEncoding.pw_validate(enc, pw[1:])
assert AuthEncoding.pw_validate(enc, pw)示例4: testLongPassword
# 需要导入模块: from AccessControl import AuthEncoding [as 别名]
# 或者: from AccessControl.AuthEncoding import pw_validate [as 别名]
def testLongPassword(self):
pw = 'Pw' * 2000
for id in AuthEncoding.listSchemes():
enc = AuthEncoding.pw_encrypt(pw, id)
assert enc != pw
assert AuthEncoding.pw_validate(enc, pw)
assert not AuthEncoding.pw_validate(enc, enc)
assert not AuthEncoding.pw_validate(enc, 'xxx')
if id != 'CRYPT':
# crypt truncates passwords and would fail these tests.
assert not AuthEncoding.pw_validate(enc, pw[:-2])
assert not AuthEncoding.pw_validate(enc, pw[2:])示例5: testLongPassword
# 需要导入模块: from AccessControl import AuthEncoding [as 别名]
# 或者: from AccessControl.AuthEncoding import pw_validate [as 别名]
def testLongPassword(self):
pw = 'Pw' * 2000
for id in AuthEncoding.listSchemes():
enc = AuthEncoding.pw_encrypt(pw, id)
assert enc != pw
assert AuthEncoding.pw_validate(enc, pw)
assert not AuthEncoding.pw_validate(enc, enc)
assert not AuthEncoding.pw_validate(enc, 'xxx')
if id not in ('CRYPT', 'BCRYPT'):
# crypt truncates passwords and would fail these tests.
# bcrypt works with password inputs where len(pw) <= 50
assert not AuthEncoding.pw_validate(enc, pw[:-2]), (
'%r Failed: %s %s' % (id, enc, pw[:-2])
)
assert not AuthEncoding.pw_validate(enc, pw[2:])示例6: authenticate
# 需要导入模块: from AccessControl import AuthEncoding [as 别名]
# 或者: from AccessControl.AuthEncoding import pw_validate [as 别名]
def authenticate(self, password, request):
passwrd=self._getPassword()
result = AuthEncoding.pw_validate(passwrd, password)
domains=self.getDomains()
if domains:
return result and domainSpecMatch(domains, request)
return result示例7: authenticateCredentials
# 需要导入模块: from AccessControl import AuthEncoding [as 别名]
# 或者: from AccessControl.AuthEncoding import pw_validate [as 别名]
def authenticateCredentials(self, credentials):
""" See IAuthenticationPlugin.
Basically this is like the same method from ZODBUserManager except that we preprocess
the password before digesting is, since the migration hashed an already-hashed value.
Oh, and we look up the proper plugin by id provided by property.
o We expect the credentials to be those returned by
ILoginPasswordExtractionPlugin.
"""
login = credentials.get( 'login' )
password = credentials.get( 'password' )
if login is None or password is None:
return None
targetname = self.target_id
target = getattr(self, targetname)
userid = target._login_to_userid.get(login, login)
reference = target._user_passwords.get(userid)
if reference is None: return None
salt = userid[:2]
hashed = crypt.crypt(password, salt)
if AuthEncoding.pw_validate(reference, hashed): # it would normally be reference, password here
return userid, login
return None示例8: authenticateCredentials
# 需要导入模块: from AccessControl import AuthEncoding [as 别名]
# 或者: from AccessControl.AuthEncoding import pw_validate [as 别名]
def authenticateCredentials( self, credentials ):
""" See IAuthenticationPlugin.
o We expect the credentials to be those returned by
ILoginPasswordExtractionPlugin.
"""
login = credentials.get( 'login' )
password = credentials.get( 'password' )
if login is None or password is None:
return None
userid = self._login_to_userid.get( login, login )
reference = self._user_passwords.get(userid)
if reference is None:
return None
if AuthEncoding.is_encrypted( reference ):
if AuthEncoding.pw_validate( reference, password ):
return userid, login
# Support previous naive behavior
digested = sha.sha( password ).hexdigest()
if reference == digested:
return userid, login
return None示例9: testGoodPassword
# 需要导入模块: from AccessControl import AuthEncoding [as 别名]
# 或者: from AccessControl.AuthEncoding import pw_validate [as 别名]
def testGoodPassword(self):
pw = 'good_password'
assert len(AuthEncoding.listSchemes()) > 0 # At least one must exist!
for id in AuthEncoding.listSchemes():
enc = AuthEncoding.pw_encrypt(pw, id)
assert enc != pw
assert AuthEncoding.pw_validate(enc, pw)
assert AuthEncoding.is_encrypted(enc)
assert not AuthEncoding.is_encrypted(pw)示例10: test_createLDAPPassword_crypt
# 需要导入模块: from AccessControl import AuthEncoding [as 别名]
# 或者: from AccessControl.AuthEncoding import pw_validate [as 别名]
def test_createLDAPPassword_crypt(self):
try:
# Crypt is not available on all platforms
import crypt
encoded = utils._createLDAPPassword(self.pwd, 'crypt')
self.failUnless(encoded.startswith('{CRYPT}'))
self.failUnless(AuthEncoding.pw_validate(encoded, self.pwd))
except ImportError:
pass示例11: isPasswordUsed
# 需要导入模块: from AccessControl import AuthEncoding [as 别名]
# 或者: from AccessControl.AuthEncoding import pw_validate [as 别名]
def isPasswordUsed(self, login, password, history_size=0):
"""Query password store to see if password has been previously used.
"""
for hash in self.getPasswordsForUser(login, history_size):
if AuthEncoding.pw_validate(hash, password):
log.info("Password '%s' for user '%s' not valid (already used)" % (password, login))
return True
log.info("Password '%s' for user '%s' valid" % (password, login))
return False示例12: authenticateCredentials
# 需要导入模块: from AccessControl import AuthEncoding [as 别名]
# 或者: from AccessControl.AuthEncoding import pw_validate [as 别名]
def authenticateCredentials(self, credentials):
""" See IAuthenticationPlugin.
o We expect the credentials to be those returned by
ILoginPasswordExtractionPlugin.
"""
login = credentials.get('login')
password = credentials.get('password')
if login is None or password is None:
return None
# The original implementation does this, which unhelpfully
# falls back to giving the login as userid when the login does
# not match a user. This means you will seem to login: you
# get a message "welcome, you are now logged in". But you are
# not actually logged in.
#userid = self._login_to_userid.get(login, login)
# Instead, we do some more checking ourself.
userid = None
if '@' not in login or login == login.lower():
userid = self._login_to_userid.get(login)
logger.debug("Standard authentication for %s gives userid %s",
login, userid)
else:
# So at this point we have e-mail address as login and it
# is not lowercase. We try the given login and then the
# lowercase version if nothing is found.
userid = self._login_to_userid.get(login)
logger.debug("Original case authentication for %s gives "
"userid %r", login, userid)
if not userid:
login = login.lower()
userid = self._login_to_userid.get(login)
logger.debug("Lower case authentication for %s gives "
"userid %r", login, userid)
if userid:
# Might not be needed, but just in case.
credentials['login'] = login
if not userid:
return None
reference = self._user_passwords.get(userid)
if reference is None:
return None
if AuthEncoding.is_encrypted(reference):
if AuthEncoding.pw_validate(reference, password):
return userid, login
# Support previous naive behavior
digested = sha.sha(password).hexdigest()
if reference == digested:
return userid, login
return None示例13: test_legacy_password_validates
# 需要导入模块: from AccessControl import AuthEncoding [as 别名]
# 或者: from AccessControl.AuthEncoding import pw_validate [as 别名]
def test_legacy_password_validates(self):
from AccessControl import AuthEncoding
member = self._createType(
self.layer['portal'],
'dexterity.membrane.member',
'joe',
)
member.email = '[email protected]'
self._legacy_set_password(member, b'foobar')
self.assertTrue(AuthEncoding.pw_validate(member.password, b'foobar'))示例14: test__doChangeUserSamePassword
# 需要导入模块: from AccessControl import AuthEncoding [as 别名]
# 或者: from AccessControl.AuthEncoding import pw_validate [as 别名]
def test__doChangeUserSamePassword(self):
self.suf._doChangeUser(
'test_user',
None,
['some','roles'], # roles
'', # domains
)
user = self.users['test_user']
self.failUnless(AuthEncoding.pw_validate(user.password,'password' ))
self.assertEqual(list(user.roles),['some','roles'])
self.assertEqual(list(self.suf.getUserNames()),['test_user','test_user_with_extras'])
self.assertEqual(list(self.suf.getUser('test_user').roles),['some','roles'])示例15: verifyCredentials
# 需要导入模块: from AccessControl import AuthEncoding [as 别名]
# 或者: from AccessControl.AuthEncoding import pw_validate [as 别名]
def verifyCredentials(self, credentials):
"""Returns True is password is authenticated, False if not.
"""
user = IMembraneUserObject(self.context)
if credentials.get("login") != user.getUserName():
# Should never happen, as the code should then never end
# up here, but better safe than sorry.
return False
password_provider = IProvidePasswordsSchema(self.context)
if not password_provider:
return False
return AuthEncoding.pw_validate(password_provider.password, credentials.get("password", ""))