Mercurial > p > roundup > code

annotate roundup/password.py @ 302:d1fb3fcdb11b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Catch errors in login - no username or password supplied. Fixed editing of password (Password property type) thanks Roch'e Compaan.
author Richard Jones <richard@users.sourceforge.net>
date Sat, 20 Oct 2001 11:58:48 +0000
parents 1cc866cec608
children bdc2ea127ae9
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
270
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1 #
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
2 # Copyright (c) 2001 Bizar Software Pty Ltd (http://www.bizarsoftware.com.au/)
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
3 # This module is free software, and you may redistribute it and/or modify
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
4 # under the same terms as Python, so long as this copyright message and
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
5 # disclaimer are retained in their original form.
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
6 #
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
7 # IN NO EVENT SHALL BIZAR SOFTWARE PTY LTD BE LIABLE TO ANY PARTY FOR
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
8 # DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
9 # OUT OF THE USE OF THIS CODE, EVEN IF THE AUTHOR HAS BEEN ADVISED OF THE
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
10 # POSSIBILITY OF SUCH DAMAGE.
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
11 #
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
12 # BIZAR SOFTWARE PTY LTD SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING,
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
13 # BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
14 # FOR A PARTICULAR PURPOSE. THE CODE PROVIDED HEREUNDER IS ON AN "AS IS"
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
15 # BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE,
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
16 # SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
17 #
302
d1fb3fcdb11b Catch errors in login - no username or password supplied.
Richard Jones <richard@users.sourceforge.net>
parents: 275
diff changeset
18 # $Id: password.py,v 1.3 2001-10-20 11:58:48 richard Exp $
270
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
19
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
20 import sha, re
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
21
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
22 def encodePassword(plaintext, scheme):
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
23 '''Encrypt the plaintext password.
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
24 '''
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
25 if scheme == 'SHA':
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
26 s = sha.sha(plaintext).hexdigest()
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
27 elif scheme == 'plaintext':
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
28 pass
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
29 else:
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
30 raise ValueError, 'Unknown encryption scheme "%s"'%scheme
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
31 return s
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
32
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
33 class Password:
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
34 '''The class encapsulates a Password property type value in the database.
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
35
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
36 The encoding of the password is one if None, 'SHA' or 'plaintext'. The
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
37 encodePassword function is used to actually encode the password from
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
38 plaintext. The None encoding is used in legacy databases where no
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
39 encoding scheme is identified.
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
40
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
41 The scheme is stored with the encoded data in the database:
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
42 {scheme}data
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
43
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
44 Example usage:
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
45 >>> p = Password('sekrit')
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
46 >>> p == 'sekrit'
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
47 1
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
48 >>> p != 'not sekrit'
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
49 1
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
50 >>> 'sekrit' == p
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
51 1
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
52 >>> 'not sekrit' != p
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
53 1
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
54 '''
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
55
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
56 default_scheme = 'SHA' # new encryptions use this scheme
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
57 pwre = re.compile(r'{(\w+)}(.+)')
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
58
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
59 def __init__(self, plaintext=None):
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
60 '''Call setPassword if plaintext is not None.'''
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
61 if plaintext is not None:
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
62 self.password = encodePassword(plaintext, self.default_scheme)
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
63 self.scheme = self.default_scheme
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
64 else:
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
65 self.password = None
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
66 self.scheme = self.default_scheme
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
67
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
68 def unpack(self, encrypted):
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
69 '''Set the password info from the scheme:<encryted info> string
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
70 (the inverse of __str__)
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
71 '''
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
72 m = self.pwre.match(encrypted)
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
73 if m:
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
74 self.scheme = m.group(1)
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
75 self.password = m.group(2)
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
76 else:
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
77 # currently plaintext - encrypt
275
1cc866cec608 Moved the data stringification up into the hyperdb.Class class's...
Richard Jones <richard@users.sourceforge.net>
parents: 270
diff changeset
78 self.password = encodePassword(encrypted, self.default_scheme)
270
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
79 self.scheme = self.default_scheme
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
80
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
81 def setPassword(self, plaintext):
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
82 '''Sets encrypts plaintext.'''
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
83 self.password = encodePassword(plaintext, self.scheme)
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
84
302
d1fb3fcdb11b Catch errors in login - no username or password supplied.
Richard Jones <richard@users.sourceforge.net>
parents: 275
diff changeset
85 def __cmp__(self, other):
d1fb3fcdb11b Catch errors in login - no username or password supplied.
Richard Jones <richard@users.sourceforge.net>
parents: 275
diff changeset
86 '''Compare this password against another password.'''
d1fb3fcdb11b Catch errors in login - no username or password supplied.
Richard Jones <richard@users.sourceforge.net>
parents: 275
diff changeset
87 # check to see if we're comparing instances
d1fb3fcdb11b Catch errors in login - no username or password supplied.
Richard Jones <richard@users.sourceforge.net>
parents: 275
diff changeset
88 if isinstance(other, Password):
d1fb3fcdb11b Catch errors in login - no username or password supplied.
Richard Jones <richard@users.sourceforge.net>
parents: 275
diff changeset
89 if self.scheme != other.scheme:
d1fb3fcdb11b Catch errors in login - no username or password supplied.
Richard Jones <richard@users.sourceforge.net>
parents: 275
diff changeset
90 return
d1fb3fcdb11b Catch errors in login - no username or password supplied.
Richard Jones <richard@users.sourceforge.net>
parents: 275
diff changeset
91 return cmp(self.password, other.password)
d1fb3fcdb11b Catch errors in login - no username or password supplied.
Richard Jones <richard@users.sourceforge.net>
parents: 275
diff changeset
92
d1fb3fcdb11b Catch errors in login - no username or password supplied.
Richard Jones <richard@users.sourceforge.net>
parents: 275
diff changeset
93 # assume password is plaintext
270
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
94 if self.password is None:
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
95 raise ValueError, 'Password not set'
302
d1fb3fcdb11b Catch errors in login - no username or password supplied.
Richard Jones <richard@users.sourceforge.net>
parents: 275
diff changeset
96 return cmp(self.password, encodePassword(other, self.scheme))
270
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
97
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
98 def __str__(self):
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
99 '''Stringify the encrypted password for database storage.'''
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
100 if self.password is None:
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
101 raise ValueError, 'Password not set'
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
102 return '{%s}%s'%(self.scheme, self.password)
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
103
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
104 def test():
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
105 p = Password('sekrit')
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
106 assert p == 'sekrit'
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
107 assert p != 'not sekrit'
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
108 assert 'sekrit' == p
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
109 assert 'not sekrit' != p
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
110
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
111 if __name__ == '__main__':
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
112 test()
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
113
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
114 #
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
115 # $Log: not supported by cvs2svn $
302
d1fb3fcdb11b Catch errors in login - no username or password supplied.
Richard Jones <richard@users.sourceforge.net>
parents: 275
diff changeset
116 # Revision 1.2 2001/10/09 23:58:10 richard
d1fb3fcdb11b Catch errors in login - no username or password supplied.
Richard Jones <richard@users.sourceforge.net>
parents: 275
diff changeset
117 # Moved the data stringification up into the hyperdb.Class class' get, set
d1fb3fcdb11b Catch errors in login - no username or password supplied.
Richard Jones <richard@users.sourceforge.net>
parents: 275
diff changeset
118 # and create methods. This means that the data is also stringified for the
d1fb3fcdb11b Catch errors in login - no username or password supplied.
Richard Jones <richard@users.sourceforge.net>
parents: 275
diff changeset
119 # journal call, and removes duplication of code from the backends. The
d1fb3fcdb11b Catch errors in login - no username or password supplied.
Richard Jones <richard@users.sourceforge.net>
parents: 275
diff changeset
120 # backend code now only sees strings.
d1fb3fcdb11b Catch errors in login - no username or password supplied.
Richard Jones <richard@users.sourceforge.net>
parents: 275
diff changeset
121 #
275
1cc866cec608 Moved the data stringification up into the hyperdb.Class class's...
Richard Jones <richard@users.sourceforge.net>
parents: 270
diff changeset
122 # Revision 1.1 2001/10/09 07:25:59 richard
1cc866cec608 Moved the data stringification up into the hyperdb.Class class's...
Richard Jones <richard@users.sourceforge.net>
parents: 270
diff changeset
123 # Added the Password property type. See "pydoc roundup.password" for
1cc866cec608 Moved the data stringification up into the hyperdb.Class class's...
Richard Jones <richard@users.sourceforge.net>
parents: 270
diff changeset
124 # implementation details. Have updated some of the documentation too.
1cc866cec608 Moved the data stringification up into the hyperdb.Class class's...
Richard Jones <richard@users.sourceforge.net>
parents: 270
diff changeset
125 #
270
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
126 #
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
127 #
a4241ddd22d7 Added the Password property type.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
128 # vim: set filetype=python ts=4 sw=4 et si
Roundup Issue Tracker: http://roundup-tracker.org/