1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
# -*- coding: utf-8 -
#
# This file is part of couchdbkit released under the MIT license.
# See the NOTICE for more information.
from hashlib import sha256
import os
from .... import Document, SchemaListProperty, StringProperty, \
StringListProperty
class Permission(Document):
name = StringProperty(required=True)
class Group(Document):
"""
Group class, contains multiple permissions.
"""
name = StringProperty(required=True)
permissions = SchemaListProperty(Permission)
class User(Document):
"""The base User model. This should be extended by the user."""
login = StringProperty(required=True)
password = StringProperty(required=True)
groups = StringListProperty()
@staticmethod
def _hash_password(cleartext):
if isinstance(cleartext, unicode):
password_8bit = cleartext.encode('UTF-8')
else:
password_8bit = cleartext
salt = sha256()
salt.update(os.urandom(60))
hash = sha256()
hash.update(password_8bit + salt.hexdigest())
hashed_password = salt.hexdigest() + hash.hexdigest()
if not isinstance(hashed_password, unicode):
hashed_password = hashed_password.decode('UTF-8')
return hashed_password
def set_password(self, password):
self.password = self._hash_password(password)
@staticmethod
def authenticate(login, password):
user = User.view("user/by_login", key=login).one()
if not user:
return None
hashed_pass = sha256()
hashed_pass.update(password + user.password[:64])
if user.password[64:] != hashed_pass.hexdigest():
return None
return user
|
