Mercurial > libervia-backend
comparison src/plugins/plugin_misc_account.py @ 1691:cec204c6360c
plugin misc_account: fixed password verification
| author | souliane <souliane@mailoo.org> |
|---|---|
| date | Fri, 27 Nov 2015 11:21:51 +0100 |
| parents | 200efadcab76 |
| children | 9a7a27c44611 |
comparison
equal
deleted
inserted
replaced
| 1690:772c8edd1057 | 1691:cec204c6360c |
|---|---|
| 330 auth = yield PasswordHasher.verify(attempt, sat_cipher) | 330 auth = yield PasswordHasher.verify(attempt, sat_cipher) |
| 331 defer.returnValue(auth) | 331 defer.returnValue(auth) |
| 332 | 332 |
| 333 def error_ui(message=None): | 333 def error_ui(message=None): |
| 334 if not message: | 334 if not message: |
| 335 D_("The provided profile password doesn't match.") | 335 message = D_("The provided profile password doesn't match.") |
| 336 error_ui = xml_tools.XMLUI("popup", title=D_("Attempt failure")) | 336 error_ui = xml_tools.XMLUI("popup", title=D_("Attempt failure")) |
| 337 error_ui.addText(message) | 337 error_ui.addText(message) |
| 338 return {'xmlui': error_ui.toXml()} | 338 return {'xmlui': error_ui.toXml()} |
| 339 | 339 |
| 340 # check for account deletion | 340 # check for account deletion |
| 341 delete_passwd = data[xml_tools.SAT_FORM_PREFIX + 'delete_passwd'] | 341 delete_passwd = data[xml_tools.SAT_FORM_PREFIX + 'delete_passwd'] |
| 342 delete_checkbox = data[xml_tools.SAT_FORM_PREFIX + 'delete_checkbox'] | 342 delete_checkbox = data[xml_tools.SAT_FORM_PREFIX + 'delete_checkbox'] |
| 343 if delete_checkbox == 'true': | 343 if delete_checkbox == 'true': |
| 344 if verify(delete_passwd): | 344 verified = yield verify(delete_passwd) |
| 345 assert isinstance(verified, bool) | |
| 346 if verified: | |
| 345 defer.returnValue(self.__deleteAccount(profile)) | 347 defer.returnValue(self.__deleteAccount(profile)) |
| 346 defer.returnValue(error_ui()) | 348 defer.returnValue(error_ui()) |
| 347 | 349 |
| 348 # check for blog posts deletion | 350 # check for blog posts deletion |
| 349 if 'GROUPBLOG' in self.host.plugins: | 351 if 'GROUPBLOG' in self.host.plugins: |
| 351 delete_posts_checkbox = data[xml_tools.SAT_FORM_PREFIX + 'delete_posts_checkbox'] | 353 delete_posts_checkbox = data[xml_tools.SAT_FORM_PREFIX + 'delete_posts_checkbox'] |
| 352 delete_comments_checkbox = data[xml_tools.SAT_FORM_PREFIX + 'delete_comments_checkbox'] | 354 delete_comments_checkbox = data[xml_tools.SAT_FORM_PREFIX + 'delete_comments_checkbox'] |
| 353 posts = delete_posts_checkbox == 'true' | 355 posts = delete_posts_checkbox == 'true' |
| 354 comments = delete_comments_checkbox == 'true' | 356 comments = delete_comments_checkbox == 'true' |
| 355 if posts or comments: | 357 if posts or comments: |
| 356 if verify(delete_posts_passwd): | 358 verified = yield verify(delete_posts_passwd) |
| 359 assert isinstance(verified, bool) | |
| 360 if verified: | |
| 357 defer.returnValue(self.__deleteBlogPosts(posts, comments, profile)) | 361 defer.returnValue(self.__deleteBlogPosts(posts, comments, profile)) |
| 358 defer.returnValue(error_ui()) | 362 defer.returnValue(error_ui()) |
| 359 | 363 |
| 360 # check for password modification | 364 # check for password modification |
| 361 current_passwd = data[xml_tools.SAT_FORM_PREFIX + 'current_passwd'] | 365 current_passwd = data[xml_tools.SAT_FORM_PREFIX + 'current_passwd'] |
| 362 new_passwd1 = data[xml_tools.SAT_FORM_PREFIX + 'new_passwd1'] | 366 new_passwd1 = data[xml_tools.SAT_FORM_PREFIX + 'new_passwd1'] |
| 363 new_passwd2 = data[xml_tools.SAT_FORM_PREFIX + 'new_passwd2'] | 367 new_passwd2 = data[xml_tools.SAT_FORM_PREFIX + 'new_passwd2'] |
| 364 if new_passwd1 or new_passwd2: | 368 if new_passwd1 or new_passwd2: |
| 365 if verify(current_passwd): | 369 verified = yield verify(current_passwd) |
| 370 assert isinstance(verified, bool) | |
| 371 if verified: | |
| 366 if new_passwd1 == new_passwd2: | 372 if new_passwd1 == new_passwd2: |
| 367 data = yield self.__changePassword(new_passwd1, profile=profile) | 373 data = yield self.__changePassword(new_passwd1, profile=profile) |
| 368 defer.returnValue(data) | 374 defer.returnValue(data) |
| 369 else: | 375 else: |
| 370 defer.returnValue(error_ui(D_("The values entered for the new password are not equal."))) | 376 defer.returnValue(error_ui(D_("The values entered for the new password are not equal."))) |