aboutsummaryrefslogtreecommitdiffstats
path: root/mediagoblin/auth/tools.py
diff options
context:
space:
mode:
authorRodney Ewing <ewing.rj@gmail.com>2013-05-25 07:59:03 -0700
committerElrond <elrond+mediagoblin.org@samba-tng.org>2013-05-28 00:11:36 +0200
commit75fc93686d0763ced6a5769e99e570a4c8fd3273 (patch)
tree232f206490f8a69b97eeaa391f1ffe05970e7676 /mediagoblin/auth/tools.py
parent02b6892c290671ac956144a212785d98ae579ef4 (diff)
downloadmediagoblin-75fc93686d0763ced6a5769e99e570a4c8fd3273.tar.lz
mediagoblin-75fc93686d0763ced6a5769e99e570a4c8fd3273.tar.xz
mediagoblin-75fc93686d0763ced6a5769e99e570a4c8fd3273.zip
created a check_login_simple function
cherry-picked from rodney757, fixed few conflicts due to out of order cherry-picking. Thanks to rodney757 for making my idea even better.
Diffstat (limited to 'mediagoblin/auth/tools.py')
-rw-r--r--mediagoblin/auth/tools.py23
1 files changed, 23 insertions, 0 deletions
diff --git a/mediagoblin/auth/tools.py b/mediagoblin/auth/tools.py
index 52095d8a..bb7d2683 100644
--- a/mediagoblin/auth/tools.py
+++ b/mediagoblin/auth/tools.py
@@ -14,13 +14,20 @@
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
+import logging
+
import wtforms
+from sqlalchemy import or_
from mediagoblin import mg_globals
+from mediagoblin.auth import lib as auth_lib
+from mediagoblin.db.models import User
from mediagoblin.tools.mail import normalize_email, send_email
from mediagoblin.tools.template import render_template
from mediagoblin.tools.translate import lazy_pass_to_ugettext as _
+_log = logging.getLogger(__name__)
+
def normalize_user_or_email_field(allow_email=True, allow_user=True):
"""
@@ -85,3 +92,19 @@ def send_verification_email(user, request):
# example "GNU MediaGoblin @ Wandborg - [...]".
'GNU MediaGoblin - Verify your email!',
rendered_email)
+
+
+def check_login_simple(username, password, username_might_be_email=False):
+ search = (User.username == username)
+ if username_might_be_email and ('@' in username):
+ search = or_(search, User.email == username)
+ user = User.query.filter(search).first()
+ if not user:
+ _log.info("User %r not found", username)
+ auth_lib.fake_login_attempt()
+ return None
+ if not auth_lib.bcrypt_check_password(password, user.pw_hash):
+ _log.warn("Wrong password for %r", username)
+ return None
+ _log.info("Logging %r in", username)
+ return user