Ticket #273: auth.py.diff
File auth.py.diff, 2.8 KB (added by , 19 years ago) |
---|
-
auth.py
old new 29 29 first_name = meta.CharField(maxlength=30, blank=True) 30 30 last_name = meta.CharField(maxlength=30, blank=True) 31 31 email = meta.EmailField('e-mail address', blank=True) 32 password _md5 = meta.CharField('password', maxlength=32, help_text="Use an MD5 hash -- not the raw password.")32 password = meta.CharField('password', maxlength=128, help_text="Use a hash like '[algo]$[salt]$[hexdigest]'") 33 33 is_staff = meta.BooleanField('staff status', help_text="Designates whether the user can log into this admin site.") 34 34 is_active = meta.BooleanField('active', default=True) 35 35 is_superuser = meta.BooleanField('superuser status') … … 46 46 exceptions = ('SiteProfileNotAvailable',) 47 47 admin = meta.Admin( 48 48 fields = ( 49 (None, {'fields': ('username', 'password _md5')}),49 (None, {'fields': ('username', 'password')}), 50 50 ('Personal info', {'fields': ('first_name', 'last_name', 'email')}), 51 51 ('Permissions', {'fields': ('is_staff', 'is_active', 'is_superuser', 'user_permissions')}), 52 52 ('Important dates', {'fields': ('last_login', 'date_joined')}), … … 59 59 60 60 def __repr__(self): 61 61 return self.username 62 62 63 63 def get_absolute_url(self): 64 64 return "/users/%s/" % self.username 65 65 66 66 def is_anonymous(self): 67 67 return False 68 68 69 69 def get_full_name(self): 70 70 full_name = '%s %s' % (self.first_name, self.last_name) 71 71 return full_name.strip() 72 72 73 73 def set_password(self, raw_password): 74 import md5 75 self.password_md5 = md5.new(raw_password).hexdigest() 74 import sha, random 75 algo = 'sha1' 76 salt = sha.new(str(random.random())).hexdigest()[:5] 77 hash = sha.new(salt+raw_password).hexdigest() 78 self.password = '%s$%s$%s' % (algo, salt, hash) 76 79 77 80 def check_password(self, raw_password): 78 "Returns a boolean of whether the raw_password was correct." 79 import md5 80 return self.password_md5 == md5.new(raw_password).hexdigest() 81 '''Returns a boolean of whether the raw_password was correct, 82 while considering other encryption formats, and salt. A typical 83 password hash looks like <algo>$<salt>$<hash>''' 84 pass_string = self.password 85 86 (algo, salt, hash) = pass_string.split('$') 87 if algo == 'md5': 88 import md5 89 return hash == md5.new(salt+raw_password).hexdigest() 90 elif algo == 'sha1': 91 import sha 92 return hash == sha.new(salt+raw_password).hexdigest() 81 93 82 94 def get_group_permissions(self): 83 95 "Returns a list of permission strings that this user has through his/her groups."