From a07b7d48c555d6dbb21b00f271cf2a3aabf28c5c Mon Sep 17 00:00:00 2001 From: Yuusuke KOUNOIKE Date: Sat, 18 Jun 2016 22:38:01 +0900 Subject: [PATCH] enable password hash. --- ldapcherry/__init__.py | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/ldapcherry/__init__.py b/ldapcherry/__init__.py index 5241006..02b3ea7 100644 --- a/ldapcherry/__init__.py +++ b/ldapcherry/__init__.py @@ -31,6 +31,9 @@ from mako.template import Template from mako import lookup from sets import Set +# passlib hash password module import +from passlib.context import CryptContext + SESSION_KEY = '_cp_username' @@ -596,7 +599,12 @@ class LdapCherry(object): raise PasswordMissMatch() if not self._checkppolicy(params['attrs'][pwd1])['match']: raise PPolicyError() - params['attrs'][attr] = params['attrs'][pwd1] + hash_type = self.attributes.attributes[attr].get('hash') + if hash_type: + ctx = CryptContext(schemes=[hash_type]) + params['attrs'][attr] = ctx.encrypt(params['attrs'][pwd1]) + else: + params['attrs'][attr] = params['attrs'][pwd1] if attr in params['attrs']: self.attributes.check_attr(attr, params['attrs'][attr]) backends = self.attributes.get_backends_attributes(attr) @@ -653,7 +661,12 @@ class LdapCherry(object): params['attrs'][pwd1] )['match']: raise PPolicyError() - params['attrs'][attr] = params['attrs'][pwd1] + hash_type = self.attributes.attributes[attr].get('hash') + if hash_type: + ctx = CryptContext(schemes=[hash_type]) + params['attrs'][attr] = ctx.encrypt(params['attrs'][pwd1]) + else: + params['attrs'][attr] = params['attrs'][pwd1] if attr in params['attrs'] and params['attrs'][attr] != '': self.attributes.check_attr(attr, params['attrs'][attr]) backends = self.attributes.get_backends_attributes(attr)