diff options
author | Rodney Ewing <ewing.rj@gmail.com> | 2013-05-25 07:59:03 -0700 |
---|---|---|
committer | Elrond <elrond+mediagoblin.org@samba-tng.org> | 2013-05-28 00:11:36 +0200 |
commit | 75fc93686d0763ced6a5769e99e570a4c8fd3273 (patch) | |
tree | 232f206490f8a69b97eeaa391f1ffe05970e7676 /mediagoblin/auth/tools.py | |
parent | 02b6892c290671ac956144a212785d98ae579ef4 (diff) | |
download | mediagoblin-75fc93686d0763ced6a5769e99e570a4c8fd3273.tar.lz mediagoblin-75fc93686d0763ced6a5769e99e570a4c8fd3273.tar.xz mediagoblin-75fc93686d0763ced6a5769e99e570a4c8fd3273.zip |
created a check_login_simple function
cherry-picked from rodney757, fixed few conflicts due to
out of order cherry-picking. Thanks to rodney757 for making
my idea even better.
Diffstat (limited to 'mediagoblin/auth/tools.py')
-rw-r--r-- | mediagoblin/auth/tools.py | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/mediagoblin/auth/tools.py b/mediagoblin/auth/tools.py index 52095d8a..bb7d2683 100644 --- a/mediagoblin/auth/tools.py +++ b/mediagoblin/auth/tools.py @@ -14,13 +14,20 @@ # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. +import logging + import wtforms +from sqlalchemy import or_ from mediagoblin import mg_globals +from mediagoblin.auth import lib as auth_lib +from mediagoblin.db.models import User from mediagoblin.tools.mail import normalize_email, send_email from mediagoblin.tools.template import render_template from mediagoblin.tools.translate import lazy_pass_to_ugettext as _ +_log = logging.getLogger(__name__) + def normalize_user_or_email_field(allow_email=True, allow_user=True): """ @@ -85,3 +92,19 @@ def send_verification_email(user, request): # example "GNU MediaGoblin @ Wandborg - [...]". 'GNU MediaGoblin - Verify your email!', rendered_email) + + +def check_login_simple(username, password, username_might_be_email=False): + search = (User.username == username) + if username_might_be_email and ('@' in username): + search = or_(search, User.email == username) + user = User.query.filter(search).first() + if not user: + _log.info("User %r not found", username) + auth_lib.fake_login_attempt() + return None + if not auth_lib.bcrypt_check_password(password, user.pw_hash): + _log.warn("Wrong password for %r", username) + return None + _log.info("Logging %r in", username) + return user |