diff options
Diffstat (limited to 'mediagoblin/auth')
| -rw-r--r-- | mediagoblin/auth/__init__.py | 4 | ||||
| -rw-r--r-- | mediagoblin/auth/tools.py | 9 | ||||
| -rw-r--r-- | mediagoblin/auth/views.py | 3 |
3 files changed, 6 insertions, 10 deletions
diff --git a/mediagoblin/auth/__init__.py b/mediagoblin/auth/__init__.py index 53182eaa..ae6c4b96 100644 --- a/mediagoblin/auth/__init__.py +++ b/mediagoblin/auth/__init__.py @@ -23,8 +23,8 @@ def check_login(user, password): return False -def get_user(form): - return hook_handle("auth_get_user", form) +def get_user(username): + return hook_handle("auth_get_user", username) def create_user(register_form): diff --git a/mediagoblin/auth/tools.py b/mediagoblin/auth/tools.py index f38a292a..94a9781b 100644 --- a/mediagoblin/auth/tools.py +++ b/mediagoblin/auth/tools.py @@ -199,15 +199,12 @@ def send_fp_verification_email(user, request): def check_login_simple(username, password, username_might_be_email=False): - search = (User.username == username) - if username_might_be_email and ('@' in username): - search = or_(search, User.email == username) - user = User.query.filter(search).first() + user = auth.get_user(username) if not user: _log.info("User %r not found", username) - auth_lib.fake_login_attempt() + auth.fake_login_attempt() return None - if not auth_lib.bcrypt_check_password(password, user.pw_hash): + if not auth.check_password(password, user.pw_hash): _log.warn("Wrong password for %r", username) return None _log.info("Logging %r in", username) diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py index 109763ce..b62602b3 100644 --- a/mediagoblin/auth/views.py +++ b/mediagoblin/auth/views.py @@ -22,7 +22,6 @@ from mediagoblin.db.models import User from mediagoblin.tools.response import render_to_response, redirect, render_404 from mediagoblin.tools.translate import pass_to_ugettext as _ from mediagoblin.tools.mail import email_debug_message -from mediagoblin.auth import lib as auth_lib from mediagoblin.auth import forms as auth_forms from mediagoblin.auth.tools import (send_verification_email, register_user, @@ -301,7 +300,7 @@ def verify_forgot_password(request): cp_form = auth_forms.ChangePassForm(formdata_vars) if request.method == 'POST' and cp_form.validate(): - user.pw_hash = auth_lib.bcrypt_gen_password_hash( + user.pw_hash = auth.gen_password_hash( cp_form.password.data) user.fp_verification_key = None user.fp_token_expire = None |