Главная Обзор Помощь
Вход
mirrors
/
Radicale
зеркало из https://github.com/Kozea/Radicale
1
0
Ответвить 0
Файлы Задачи 0 Вики
Дерево: 44778579ea
Ветки Метки
Radicale
/
radicale
/
auth
/
htpasswd.py

htpasswd.py 2.3 KB
История Исходник

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768 
  1. # -*- coding: utf-8 -*-
    2. 

  2. #
    3. 

  3. # This file is part of Radicale Server - Calendar Server
    4. 

  4. # Copyright © 2008 Nicolas Kandel
    5. 

  5. # Copyright © 2008 Pascal Halter
    6. 

  6. # Copyright © 2008-2013 Guillaume Ayoub
    7. 

  7. #
    8. 

  8. # This library is free software: you can redistribute it and/or modify
    9. 

  9. # it under the terms of the GNU General Public License as published by
    10. 

  10. # the Free Software Foundation, either version 3 of the License, or
    11. 

  11. # (at your option) any later version.
    12. 

  12. #
    13. 

  13. # This library is distributed in the hope that it will be useful,
    14. 

  14. # but WITHOUT ANY WARRANTY; without even the implied warranty of
    15. 

  15. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    16. 

  16. # GNU General Public License for more details.
    17. 

  17. #
    18. 

  18. # You should have received a copy of the GNU General Public License
    19. 

  19. # along with Radicale.  If not, see <http://www.gnu.org/licenses/>.
    20. 

  20. 

  21. """
    22. 

  22. Htpasswd authentication.
    23. 

  23. 

  24. Load the list of login/password couples according a the configuration file
    25. 

  25. created by Apache ``htpasswd`` command. Plain-text, crypt and sha1 are
    26. 

  26. supported, but md5 is not (see ``htpasswd`` man page to understand why).
    27. 

  27. 

  28. """
    29. 

  29. 

  30. import base64
    31. 

  31. import hashlib
    32. 

  32. 

  33. from .. import config
    34. 

  34. 

  35. 

  36. FILENAME = config.get("auth", "htpasswd_filename")
    37. 

  37. ENCRYPTION = config.get("auth", "htpasswd_encryption")
    38. 

  38. 

  39. 

  40. def _plain(hash_value, password):
    41. 

  41.     """Check if ``hash_value`` and ``password`` match using plain method."""
    42. 

  42.     return hash_value == password
    43. 

  43. 

  44. 

  45. def _crypt(hash_value, password):
    46. 

  46.     """Check if ``hash_value`` and ``password`` match using crypt method."""
    47. 

  47.     # The ``crypt`` module is only present on Unix, import if needed
    48. 

  48.     import crypt
    49. 

  49.     return crypt.crypt(password, hash_value) == hash_value
    50. 

  50. 

  51. 

  52. def _sha1(hash_value, password):
    53. 

  53.     """Check if ``hash_value`` and ``password`` match using sha1 method."""
    54. 

  54.     hash_value = hash_value.replace("{SHA}", "").encode("ascii")
    55. 

  55.     password = password.encode(config.get("encoding", "stock"))
    56. 

  56.     sha1 = hashlib.sha1()  # pylint: disable=E1101
    57. 

  57.     sha1.update(password)
    58. 

  58.     return sha1.digest() == base64.b64decode(hash_value)
    59. 

  59. 

  60. 

  61. def is_authenticated(user, password):
    62. 

  62.     """Check if ``user``/``password`` couple is valid."""
    63. 

  63.     for line in open(FILENAME).readlines():
    64. 

  64.         if line.strip():
    65. 

  65.             login, hash_value = line.strip().split(":")
    66. 

  66.             if login == user:
    67. 

  67.                 return globals()["_%s" % ENCRYPTION](hash_value, password)
    68. 

  68.     return False
    69.