diff options
| -rw-r--r-- | mediagoblin/auth/__init__.py | 4 | ||||
| -rw-r--r-- | mediagoblin/auth/lib.py | 16 | ||||
| -rw-r--r-- | mediagoblin/edit/views.py | 1 | ||||
| -rw-r--r-- | mediagoblin/gmg_commands/users.py | 6 | ||||
| -rw-r--r-- | mediagoblin/plugins/basic_auth/__init__.py | 8 |
5 files changed, 13 insertions, 22 deletions
diff --git a/mediagoblin/auth/__init__.py b/mediagoblin/auth/__init__.py index abb18d2d..4bbecc16 100644 --- a/mediagoblin/auth/__init__.py +++ b/mediagoblin/auth/__init__.py @@ -42,3 +42,7 @@ def get_login_form(request): def get_registration_form(request): return hook_handle("auth_get_registration_form", request) + + +def gen_password_hash(raw_pass, extra_salt=None): + return hook_handle("auth_gen_password_hash", raw_pass, extra_salt) diff --git a/mediagoblin/auth/lib.py b/mediagoblin/auth/lib.py index 1a9416fc..45d0a63f 100644 --- a/mediagoblin/auth/lib.py +++ b/mediagoblin/auth/lib.py @@ -23,22 +23,6 @@ from mediagoblin.tools.template import render_template from mediagoblin import mg_globals -def bcrypt_gen_password_hash(raw_pass, extra_salt=None): - """ - Generate a salt for this new password. - - Args: - - raw_pass: user submitted password - - extra_salt: (optional) If this password is with stored with a - non-database extra salt - """ - if extra_salt: - raw_pass = u"%s:%s" % (extra_salt, raw_pass) - - return unicode( - bcrypt.hashpw(raw_pass.encode('utf-8'), bcrypt.gensalt())) - - def fake_login_attempt(): """ Pretend we're trying to login. diff --git a/mediagoblin/edit/views.py b/mediagoblin/edit/views.py index ad3cbaca..9db1c3f9 100644 --- a/mediagoblin/edit/views.py +++ b/mediagoblin/edit/views.py @@ -22,7 +22,6 @@ from werkzeug.utils import secure_filename from mediagoblin import messages from mediagoblin import mg_globals -from mediagoblin.auth import lib as auth_lib from mediagoblin import auth from mediagoblin.edit import forms from mediagoblin.edit.lib import may_edit_media diff --git a/mediagoblin/gmg_commands/users.py b/mediagoblin/gmg_commands/users.py index 024c8498..1f329459 100644 --- a/mediagoblin/gmg_commands/users.py +++ b/mediagoblin/gmg_commands/users.py @@ -15,7 +15,7 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. from mediagoblin.gmg_commands import util as commands_util -from mediagoblin.auth import lib as auth_lib +from mediagoblin import auth from mediagoblin import mg_globals def adduser_parser_setup(subparser): @@ -52,7 +52,7 @@ def adduser(args): entry = db.User() entry.username = unicode(args.username.lower()) entry.email = unicode(args.email) - entry.pw_hash = auth_lib.bcrypt_gen_password_hash(args.password) + entry.pw_hash = auth.gen_password_hash(args.password) entry.status = u'active' entry.email_verified = True entry.save() @@ -96,7 +96,7 @@ def changepw(args): user = db.User.one({'username': unicode(args.username.lower())}) if user: - user.pw_hash = auth_lib.bcrypt_gen_password_hash(args.password) + user.pw_hash = auth.gen_password_hash(args.password) user.save() print 'Password successfully changed' else: diff --git a/mediagoblin/plugins/basic_auth/__init__.py b/mediagoblin/plugins/basic_auth/__init__.py index 68e331ff..f11d255a 100644 --- a/mediagoblin/plugins/basic_auth/__init__.py +++ b/mediagoblin/plugins/basic_auth/__init__.py @@ -18,7 +18,6 @@ import uuid import forms as auth_forms import tools as auth_tools -from mediagoblin.auth import lib as auth_lib from mediagoblin.db.models import User from mediagoblin.tools.translate import pass_to_ugettext as _ from mediagoblin.tools import pluginapi @@ -47,7 +46,7 @@ def create_user(registration_form): user = User() user.username = registration_form.data['username'] user.email = registration_form.data['email'] - user.pw_hash = auth_lib.bcrypt_gen_password_hash( + user.pw_hash = auth_tools.bcrypt_gen_password_hash( registration_form.password.data) user.verification_key = unicode(uuid.uuid4()) user.save() @@ -82,6 +81,10 @@ def get_registration_form(request): return auth_forms.RegistrationForm(request.form) +def gen_password_hash(raw_pass, extra_salt): + return auth_tools.bcrypt_gen_password_hash(raw_pass, extra_salt) + + def auth(): return True @@ -95,4 +98,5 @@ hooks = { 'auth_extra_validation': extra_validation, 'auth_get_login_form': get_login_form, 'auth_get_registration_form': get_registration_form, + 'auth_gen_password_hash': gen_password_hash, } |