diff options
| -rw-r--r-- | mediagoblin/auth/tools.py | 1 | ||||
| -rw-r--r-- | mediagoblin/plugins/basic_auth/__init__.py | 12 | ||||
| -rw-r--r-- | mediagoblin/plugins/basic_auth/tools.py (renamed from mediagoblin/plugins/basic_auth/lib.py) | 0 | ||||
| -rw-r--r-- | mediagoblin/tests/test_basic_auth.py | 20 |
4 files changed, 16 insertions, 17 deletions
diff --git a/mediagoblin/auth/tools.py b/mediagoblin/auth/tools.py index 94a9781b..db1a6297 100644 --- a/mediagoblin/auth/tools.py +++ b/mediagoblin/auth/tools.py @@ -20,7 +20,6 @@ import wtforms from sqlalchemy import or_ from mediagoblin import mg_globals -from mediagoblin.auth import lib as auth_lib from mediagoblin.db.models import User from mediagoblin.tools.mail import (normalize_email, send_email, email_debug_message) diff --git a/mediagoblin/plugins/basic_auth/__init__.py b/mediagoblin/plugins/basic_auth/__init__.py index edbfacb5..fe314504 100644 --- a/mediagoblin/plugins/basic_auth/__init__.py +++ b/mediagoblin/plugins/basic_auth/__init__.py @@ -16,7 +16,7 @@ import uuid from mediagoblin.plugins.basic_auth import forms as auth_forms -from mediagoblin.plugins.basic_auth import lib as auth_lib +from mediagoblin.plugins.basic_auth import tools as auth_tools from mediagoblin.db.models import User from mediagoblin.tools import pluginapi from sqlalchemy import or_ @@ -28,7 +28,7 @@ def setup_plugin(): def check_login(user, password): if user.pw_hash: - result = auth_lib.bcrypt_check_password(password, user.pw_hash) + result = check_password(password, user.pw_hash) if result: return result return None @@ -49,7 +49,7 @@ def create_user(registration_form): user = User() user.username = registration_form.username.data user.email = registration_form.email.data - user.pw_hash = auth_lib.bcrypt_gen_password_hash( + user.pw_hash = igen_password_hash( registration_form.password.data) user.verification_key = unicode(uuid.uuid4()) user.save() @@ -65,11 +65,11 @@ def get_registration_form(request): def gen_password_hash(raw_pass, extra_salt): - return auth_lib.bcrypt_gen_password_hash(raw_pass, extra_salt) + return auth_tools.bcrypt_gen_password_hash(raw_pass, extra_salt) def check_password(raw_pass, stored_hash, extra_salt): - return auth_lib.bcrypt_check_password(raw_pass, stored_hash, extra_salt) + return auth_tools.bcrypt_check_password(raw_pass, stored_hash, extra_salt) def auth(): @@ -96,7 +96,7 @@ hooks = { 'auth_get_registration_form': get_registration_form, 'auth_gen_password_hash': gen_password_hash, 'auth_check_password': check_password, - 'auth_fake_login_attempt': auth_lib.fake_login_attempt, + 'auth_fake_login_attempt': auth_tools.fake_login_attempt, 'template_global_context': append_to_global_context, ('mediagoblin.plugins.openid.register', 'mediagoblin/auth/register.html'): add_to_form_context, diff --git a/mediagoblin/plugins/basic_auth/lib.py b/mediagoblin/plugins/basic_auth/tools.py index 1300bb9a..1300bb9a 100644 --- a/mediagoblin/plugins/basic_auth/lib.py +++ b/mediagoblin/plugins/basic_auth/tools.py diff --git a/mediagoblin/tests/test_basic_auth.py b/mediagoblin/tests/test_basic_auth.py index 1b76aa3f..cdd80fca 100644 --- a/mediagoblin/tests/test_basic_auth.py +++ b/mediagoblin/tests/test_basic_auth.py @@ -13,7 +13,7 @@ # # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. -from mediagoblin.plugins.basic_auth import lib as auth_lib +from mediagoblin.plugins.basic_auth import tools as auth_tools from mediagoblin.tools.testing import _activate_testing _activate_testing() @@ -26,16 +26,16 @@ _activate_testing() def test_bcrypt_check_password(): # Check known 'lollerskates' password against check function - assert auth_lib.bcrypt_check_password( + assert auth_tools.bcrypt_check_password( 'lollerskates', '$2a$12$PXU03zfrVCujBhVeICTwtOaHTUs5FFwsscvSSTJkqx/2RQ0Lhy/nO') - assert not auth_lib.bcrypt_check_password( + assert not auth_tools.bcrypt_check_password( 'notthepassword', '$2a$12$PXU03zfrVCujBhVeICTwtOaHTUs5FFwsscvSSTJkqx/2RQ0Lhy/nO') # Same thing, but with extra fake salt. - assert not auth_lib.bcrypt_check_password( + assert not auth_tools.bcrypt_check_password( 'notthepassword', '$2a$12$ELVlnw3z1FMu6CEGs/L8XO8vl0BuWSlUHgh0rUrry9DUXGMUNWwl6', '3><7R45417') @@ -45,15 +45,15 @@ def test_bcrypt_gen_password_hash(): pw = 'youwillneverguessthis' # Normal password hash generation, and check on that hash - hashed_pw = auth_lib.bcrypt_gen_password_hash(pw) - assert auth_lib.bcrypt_check_password( + hashed_pw = auth_tools.bcrypt_gen_password_hash(pw) + assert auth_tools.bcrypt_check_password( pw, hashed_pw) - assert not auth_lib.bcrypt_check_password( + assert not auth_tools.bcrypt_check_password( 'notthepassword', hashed_pw) # Same thing, extra salt. - hashed_pw = auth_lib.bcrypt_gen_password_hash(pw, '3><7R45417') - assert auth_lib.bcrypt_check_password( + hashed_pw = auth_tools.bcrypt_gen_password_hash(pw, '3><7R45417') + assert auth_tools.bcrypt_check_password( pw, hashed_pw, '3><7R45417') - assert not auth_lib.bcrypt_check_password( + assert not auth_tools.bcrypt_check_password( 'notthepassword', hashed_pw, '3><7R45417') |