Code

Ticket #14390: 14390.diff.txt

File 14390.diff.txt, 3.9 KB (added by subsume, 4 years ago)

Creation of a utils.py

Line 
1Index: utils.py
2===================================================================
3--- utils.py    (revision 0)
4+++ utils.py    (revision 0)
5@@ -0,0 +1,35 @@
6+def get_hexdigest(algorithm, salt, raw_password):
7+    from django.utils.encoding import smart_str
8+    from django.utils.hashcompat import md5_constructor, sha_constructor
9+    """
10+    Returns a string of the hexdigest of the given plaintext password and salt
11+    using the given algorithm ('md5', 'sha1' or 'crypt').
12+    """
13+    raw_password, salt = smart_str(raw_password), smart_str(salt)
14+    if algorithm == 'crypt':
15+        try:
16+            import crypt
17+        except ImportError:
18+            raise ValueError('"crypt" password algorithm not supported in this environment')
19+        return crypt.crypt(raw_password, salt)
20+
21+    if algorithm == 'md5':
22+        return md5_constructor(salt + raw_password).hexdigest()
23+    elif algorithm == 'sha1':
24+        return sha_constructor(salt + raw_password).hexdigest()
25+    raise ValueError("Got unknown password algorithm type in password.")
26+
27+def set_password(raw_password):
28+    import random
29+    algo = 'sha1'
30+    salt = get_hexdigest(algo, str(random.random()), str(random.random()))[:5]
31+    hsh = get_hexdigest(algo, salt, raw_password)
32+    return '%s$%s$%s' % (algo, salt, hsh)
33+
34+def check_password(raw_password, enc_password):
35+    """
36+    Returns a boolean of whether the raw_password was correct. Handles
37+    encryption formats behind the scenes.
38+    """
39+    algo, salt, hsh = enc_password.split('$')
40+    return hsh == get_hexdigest(algo, salt, raw_password)
41Index: models.py
42===================================================================
43--- models.py   (revision 14203)
44+++ models.py   (working copy)
45@@ -2,44 +2,17 @@
46 import urllib
47
48 from django.contrib import auth
49+from django.contrib.auth.utils import set_password, get_hexdigest, check_password
50 from django.core.exceptions import ImproperlyConfigured
51 from django.db import models
52 from django.db.models.manager import EmptyManager
53 from django.contrib.contenttypes.models import ContentType
54 from django.utils.encoding import smart_str
55-from django.utils.hashcompat import md5_constructor, sha_constructor
56 from django.utils.translation import ugettext_lazy as _
57
58
59 UNUSABLE_PASSWORD = '!' # This will never be a valid hash
60
61-def get_hexdigest(algorithm, salt, raw_password):
62-    """
63-    Returns a string of the hexdigest of the given plaintext password and salt
64-    using the given algorithm ('md5', 'sha1' or 'crypt').
65-    """
66-    raw_password, salt = smart_str(raw_password), smart_str(salt)
67-    if algorithm == 'crypt':
68-        try:
69-            import crypt
70-        except ImportError:
71-            raise ValueError('"crypt" password algorithm not supported in this environment')
72-        return crypt.crypt(raw_password, salt)
73-
74-    if algorithm == 'md5':
75-        return md5_constructor(salt + raw_password).hexdigest()
76-    elif algorithm == 'sha1':
77-        return sha_constructor(salt + raw_password).hexdigest()
78-    raise ValueError("Got unknown password algorithm type in password.")
79-
80-def check_password(raw_password, enc_password):
81-    """
82-    Returns a boolean of whether the raw_password was correct. Handles
83-    encryption formats behind the scenes.
84-    """
85-    algo, salt, hsh = enc_password.split('$')
86-    return hsh == get_hexdigest(algo, salt, raw_password)
87-
88 class SiteProfileNotAvailable(Exception):
89     pass
90
91@@ -237,11 +210,7 @@
92         if raw_password is None:
93             self.set_unusable_password()
94         else:
95-            import random
96-            algo = 'sha1'
97-            salt = get_hexdigest(algo, str(random.random()), str(random.random()))[:5]
98-            hsh = get_hexdigest(algo, salt, raw_password)
99-            self.password = '%s$%s$%s' % (algo, salt, hsh)
100+           self.password = set_password(raw_password)
101
102     def check_password(self, raw_password):