29 lines
1012 B
Python
29 lines
1012 B
Python
from pyramid.security import Allow, Everyone, Authenticated
|
|
from passlib.apps import custom_app_context as poc_pwd_context
|
|
|
|
|
|
class UserLoginFactory(object):
|
|
__acl__ = [(Allow, Everyone, 'view'),
|
|
(Allow, Authenticated, 'control'),
|
|
(Allow, Authenticated, 'edit'), ]
|
|
|
|
def __init__(self, request):
|
|
pass
|
|
|
|
def set_password(request, username, password):
|
|
password_hash = poc_pwd_context.encrypt(password)
|
|
request.db['users'].update_one({'username': username}, {"$set":{"username": username, "password": password_hash}}, upsert=True)
|
|
|
|
|
|
def check_password(request, username, password):
|
|
users = list(request.db['users'].find({'username': username}))
|
|
if len(users) > 0:
|
|
this_user = users[0]
|
|
|
|
# is it cleartext?
|
|
if password == this_user['password']:
|
|
set_password(request, username, password)
|
|
return check_password(request, username, password)
|
|
|
|
return poc_pwd_context.verify(password, this_user['password'])
|