cwinfo/powerdns-admin
5
0
Fork 0
mirror of https://github.com/cwinfo/powerdns-admin.git synced 2024-12-29 06:25:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

ensure authentication isn't possible without password

Browse Source
This commit is contained in:
thomasDOTde 2017-11-06 23:36:11 +01:00
parent 5a1a4b0161
commit d65efe477a
2 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/models.py
View File

@ -133,7 +133,9 @@ class User(db.Model):
def check_password(self, hashed_password): def check_password(self, hashed_password):
# Check hased password. Useing bcrypt, the salt is saved into the hash itself # Check hased password. Useing bcrypt, the salt is saved into the hash itself
if (self.plain_text_password):
return bcrypt.checkpw(self.plain_text_password.encode('utf-8'), hashed_password.encode('utf-8')) return bcrypt.checkpw(self.plain_text_password.encode('utf-8'), hashed_password.encode('utf-8'))
return False
def get_user_info_by_id(self): def get_user_info_by_id(self):
user_info = User.query.get(int(self.id)) user_info = User.query.get(int(self.id))

8
app/views.py
View File

@ -223,7 +223,7 @@ def saml_authorized():
if not user: if not user:
# create user # create user
user = User(username=session['samlNameId'], user = User(username=session['samlNameId'],
plain_text_password=gen_salt(30), plain_text_password = None,
email=session['samlNameId']) email=session['samlNameId'])
user.create_local_user() user.create_local_user()
session['user_id'] = user.id session['user_id'] = user.id
@ -233,7 +233,7 @@ def saml_authorized():
user.firstname = session['samlUserdata']["givenname"][0] user.firstname = session['samlUserdata']["givenname"][0]
if session['samlUserdata'].has_key("surname"): if session['samlUserdata'].has_key("surname"):
user.lastname = session['samlUserdata']["surname"][0] user.lastname = session['samlUserdata']["surname"][0]
user.plain_text_password = gen_salt(30) user.plain_text_password = None
user.update_profile() user.update_profile()
session['external_auth'] = True session['external_auth'] = True
login_user(user, remember=False) login_user(user, remember=False)
@ -267,7 +267,7 @@ def login():
user = User(username=email, user = User(username=email,
firstname=first_name, firstname=first_name,
lastname=surname, lastname=surname,
plain_text_password=gen_salt(7), plain_text_password=None,
email=email) email=email)
user.create_local_user() user.create_local_user()
@ -283,7 +283,7 @@ def login():
if not user: if not user:
# create user # create user
user = User(username=user_info['name'], user = User(username=user_info['name'],
plain_text_password=gen_salt(30), plain_text_password=None,
email=user_info['email']) email=user_info['email'])
user.create_local_user() user.create_local_user()