Changeset 5540

Show
Ignore:
Timestamp:
10/15/08 15:48:38 (3 months ago)
Author:
faide
Message:

Fix template to make the identity enforce security.

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • projects/tg.devtools/trunk/devtools/templates/turbogears/+package+/model/identity.py_tmpl

    r5351 r5540  
    101101        algo defined in the configuration 
    102102        """ 
    103         algorithm = config.get('authorize.hashmethod', None
     103        algorithm = self.get_encryption_method(
    104104        self._password = self.__encrypt_password(algorithm, password) 
    105105 
     
    151151        return hashed_password 
    152152 
     153    def get_encryption_method(self): 
     154        """returns the encryption method from the config 
     155        If None is set, or identity is disabled this will return None 
     156        """ 
     157        identity_system = config.get('sa_auth', None) 
     158        if identity_system is None: 
     159            # if identity is not activated in the config we should warn 
     160            # the admin through the logs... and return None 
     161            return None 
     162 
     163        return identity_system.get('password_encryption_method', None) 
     164 
    153165    def validate_password(self, password): 
    154166        """Check the password against existing credentials. 
    155         """ 
    156         identity = config.get('identity', None) 
    157         if identity is None: 
    158             return password 
    159         algorithm = identity.get('password_encryption_method', None) 
     167        this method _MUST_ return a boolean. 
     168 
     169        @param password: the password that was provided by the user to 
     170        try and authenticate. This is the clear text version that we will 
     171        need to match against the (possibly) encrypted one in the database. 
     172        @type password: unicode object 
     173        """ 
     174        algorithm = self.get_encryption_method() 
    160175        return self.password == self.__encrypt_password(algorithm, password) 
    161176 
     
    253268        algo defined in the configuration 
    254269        """ 
    255         algorithm = config.get('authorize.hashmethod', None
     270        algorithm = self.get_encryption_method(
    256271        self._password = self.__encrypt_password(algorithm, password) 
    257272 
     
    302317        return hashed_password 
    303318 
     319    def get_encryption_method(self): 
     320        """returns the encryption method from the config 
     321        If None is set, or identity is disabled this will return None 
     322        """ 
     323        identity_system = config.get('sa_auth', None) 
     324        if identity_system is None: 
     325            # if identity is not activated in the config we should warn 
     326            # the admin through the logs... and return None 
     327            return None 
     328 
     329        return identity_system.get('password_encryption_method', None) 
     330 
    304331    def validate_password(self, password): 
    305332        """Check the password against existing credentials. 
    306         """ 
    307         identity = config.get('identity', None) 
    308         if identity is None: 
    309             return password 
    310         algorithm = identity.get('password_encryption_method', None) 
     333        this method _MUST_ return a boolean. 
     334 
     335        @param password: the password that was provided by the user to 
     336        try and authenticate. This is the clear text version that we will 
     337        need to match against the (possibly) encrypted one in the database. 
     338        @type password: unicode object 
     339        """ 
     340        algorithm = self.get_encryption_method() 
    311341        return self.password == self.__encrypt_password(algorithm, password) 
    312342