Commit 892c6595 authored by JackV's avatar JackV

Replace passlib with built-in crypt

parent 1021869d
......@@ -6,8 +6,8 @@
# GNU GPLv3. See COPYING at top level for more information.
from datetime import datetime, timedelta
import crypt
from passlib.hash import sha512_crypt as Hasher
from tornado.options import options
from bitsd.persistence.query import get_user, get_last_login_attempt, log_last_login_attempt
......@@ -70,19 +70,20 @@ def verify(session, username, supplied_password, ip_address):
if user is None:
LOG.warn("Failed attempt for non existent user %r", username)
# Calculate hash anyway (see docs for the explanation)
crypt.crypt(supplied_password, crypt.mksalt(rounds=656000))
log_last_login_attempt(session, ip_address, username)
return False
valid = Hasher.verify(supplied_password, user.password)
if not valid:
new_pw = crypt.crypt(supplied_password, user.password)
if not user.password == new_pw:
log_last_login_attempt(session, ip_address, username)
return valid
return True
def useradd(session, username, password):
"""Add user with hashed password to database"""
user = User(username, Hasher.encrypt(password))
user = User(username, crypt.crypt(password, crypt.mksalt(rounds=656000)))
persist(session, user)
......@@ -95,5 +96,5 @@ def userdel(session, username):
def usermod(session, username, password):
""""Modify password for existing user."""
user = get_user(session, username)
user.password = Hasher.encrypt(password)
user.password = crypt.crypt(password, crypt.mksalt(rounds=656000))
persist(session, user)
......@@ -22,8 +22,7 @@ setup(
'sqlalchemy >= 0.7',
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment