Encrypt passwords

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@6344 20353a03-c40f-0410-a6d1-a30d3c3de9de

Encrypt passwords
git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@6344 20353a03-c40f-0410-a6d1-a30d3c3de9de
56be20b0 · Jérome Perrin · af2bc235 · 56be20b0 · 56be20b0
Commit 56be20b0 authored Mar 29, 2006 by Jérome Perrin
Hide whitespace changes
Inline Side-by-side

Showing with 11 additions and 3 deletions

product/ERP5/Document/Person.py product/ERP5/Document/Person.py +5 -2

product/ERP5Security/ERP5UserManager.py product/ERP5Security/ERP5UserManager.py +6 -1

No files found.
--- a/product/ERP5/Document/Person.py
+++ b/product/ERP5/Document/Person.py
@@ -42,7 +42,10 @@ try:
 except ImportError:
  PluggableAuthService = None

-
+try :
+  from AccessControl.AuthEncoding import pw_encrypt
+except ImportError:
+  pw_encrypt = lambda pw:pw

 class Person(Entity, Node, XMLObject):
    """
@@ -178,6 +181,6 @@ class Person(Entity, Node, XMLObject):
        Set the password, only if the password is not empty.
      """
      if value is not None :
-        self._setPassword(value)
+        self._setPassword(pw_encrypt(value))
        self.reindexObject()
    
--- a/product/ERP5Security/ERP5UserManager.py
+++ b/product/ERP5Security/ERP5UserManager.py
@@ -28,6 +28,11 @@ from Products.ERP5Type.Cache import CachingMethod

 from zLOG import LOG

+try :
+  from AccessControl.AuthEncoding import pw_validate
+except ImportError:
+  pw_validate = lambda reference, attempt: reference == attempt
+
 # This user is used to bypass all security checks.
 SUPER_USER = '__erp5security-=__'

@@ -85,7 +90,7 @@ class ERP5UserManager(BasePlugin):

            user = user_list[0]

-            if user.getPassword() == password and\
+            if pw_validate(user.getPassword(), password) and\
                user.getCareerRole() == 'internal':
              return login, login # use same for user_id and login