Mercurial > p > roundup > code
comparison roundup/password.py @ 2277:c9e52addda42
added MD5 scheme for password hiding
| author | Richard Jones <richard@users.sourceforge.net> |
|---|---|
| date | Mon, 10 May 2004 22:32:17 +0000 |
| parents | 18addf2a8596 |
| children | 1f860b50fa5f |
comparison
equal
deleted
inserted
replaced
| 2275:3197e37346de | 2277:c9e52addda42 |
|---|---|
| 13 # BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS | 13 # BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS |
| 14 # FOR A PARTICULAR PURPOSE. THE CODE PROVIDED HEREUNDER IS ON AN "AS IS" | 14 # FOR A PARTICULAR PURPOSE. THE CODE PROVIDED HEREUNDER IS ON AN "AS IS" |
| 15 # BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE, | 15 # BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE, |
| 16 # SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS. | 16 # SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS. |
| 17 # | 17 # |
| 18 # $Id: password.py,v 1.12 2004-03-22 07:45:39 richard Exp $ | 18 # $Id: password.py,v 1.13 2004-05-10 22:32:17 richard Exp $ |
| 19 | 19 |
| 20 """Password handling (encoding, decoding). | 20 """Password handling (encoding, decoding). |
| 21 """ | 21 """ |
| 22 __docformat__ = 'restructuredtext' | 22 __docformat__ = 'restructuredtext' |
| 23 | 23 |
| 24 import sha, re, string, random | 24 import sha, md5, re, string, random |
| 25 try: | 25 try: |
| 26 import crypt | 26 import crypt |
| 27 except: | 27 except: |
| 28 crypt = None | 28 crypt = None |
| 29 pass | 29 pass |
| 37 ''' | 37 ''' |
| 38 if plaintext is None: | 38 if plaintext is None: |
| 39 plaintext = "" | 39 plaintext = "" |
| 40 if scheme == 'SHA': | 40 if scheme == 'SHA': |
| 41 s = sha.sha(plaintext).hexdigest() | 41 s = sha.sha(plaintext).hexdigest() |
| 42 elif scheme == 'MD5': | |
| 43 s = md5.md5(plaintext).hexdigest() | |
| 42 elif scheme == 'crypt' and crypt is not None: | 44 elif scheme == 'crypt' and crypt is not None: |
| 43 if other is not None: | 45 if other is not None: |
| 44 salt = other[:2] | 46 salt = other[:2] |
| 45 else: | 47 else: |
| 46 saltchars = './0123456789'+string.letters | 48 saltchars = './0123456789'+string.letters |
| 57 return ''.join([random.choice(chars) for x in range(length)]) | 59 return ''.join([random.choice(chars) for x in range(length)]) |
| 58 | 60 |
| 59 class Password: | 61 class Password: |
| 60 '''The class encapsulates a Password property type value in the database. | 62 '''The class encapsulates a Password property type value in the database. |
| 61 | 63 |
| 62 The encoding of the password is one if None, 'SHA' or 'plaintext'. The | 64 The encoding of the password is one if None, 'SHA', 'MD5' or 'plaintext'. |
| 63 encodePassword function is used to actually encode the password from | 65 The encodePassword function is used to actually encode the password from |
| 64 plaintext. The None encoding is used in legacy databases where no | 66 plaintext. The None encoding is used in legacy databases where no |
| 65 encoding scheme is identified. | 67 encoding scheme is identified. |
| 66 | 68 |
| 67 The scheme is stored with the encoded data in the database: | 69 The scheme is stored with the encoded data in the database: |
| 68 {scheme}data | 70 {scheme}data |
| 140 assert p == 'sekrit' | 142 assert p == 'sekrit' |
| 141 assert p != 'not sekrit' | 143 assert p != 'not sekrit' |
| 142 assert 'sekrit' == p | 144 assert 'sekrit' == p |
| 143 assert 'not sekrit' != p | 145 assert 'not sekrit' != p |
| 144 | 146 |
| 147 # MD5 | |
| 148 p = Password('sekrit', 'MD5') | |
| 149 assert p == 'sekrit' | |
| 150 assert p != 'not sekrit' | |
| 151 assert 'sekrit' == p | |
| 152 assert 'not sekrit' != p | |
| 153 | |
| 145 # crypt | 154 # crypt |
| 146 p = Password('sekrit', 'crypt') | 155 p = Password('sekrit', 'crypt') |
| 147 assert p == 'sekrit' | 156 assert p == 'sekrit' |
| 148 assert p != 'not sekrit' | 157 assert p != 'not sekrit' |
| 149 assert 'sekrit' == p | 158 assert 'sekrit' == p |