48 lines
1.7 KiB
Python
48 lines
1.7 KiB
Python
# This file is part of MarMOTS.
|
|
#
|
|
# MarMOTS is free software: you can redistribute it and/or modify it under the terms of the GNU Affero
|
|
# General Public License as published by the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# MarMOTS is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the
|
|
# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General
|
|
# Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU Affero General Public License along with MarMOTS. If not,
|
|
# see <https://www.gnu.org/licenses/>.
|
|
#
|
|
# Copyright 2009, 2010, 2011, 2020 Jeremy Penner
|
|
|
|
import MySQLdb
|
|
import hashlib
|
|
import config
|
|
import bcrypt
|
|
import traceback
|
|
|
|
class NoopAuth(object):
|
|
def FAuthorized(self, user, passwd):
|
|
return True
|
|
|
|
class DrupalAuth(object):
|
|
def FHashMatches(self, md5, dbhash):
|
|
return md5 == dbhash
|
|
def FAuthorized(self, user, passwd):
|
|
conn = MySQLdb.connect(host = config.drupaldb_host, user = config.drupaldb_user, passwd = config.drupaldb_password, db = config.drupaldb)
|
|
try:
|
|
cursor = conn.cursor()
|
|
try:
|
|
firsthash = hashlib.md5(passwd).hexdigest()
|
|
cursor.execute("SELECT pass FROM users WHERE name = %s", (user,))
|
|
row = cursor.fetchone()
|
|
return row and self.FHashMatches(firsthash, row[0])
|
|
finally:
|
|
cursor.close()
|
|
except Exception:
|
|
traceback.print_exc()
|
|
return False
|
|
finally:
|
|
conn.close()
|
|
|
|
class DrupalBcryptAuth(DrupalAuth):
|
|
def FHashMatches(self, md5, dbhash):
|
|
return bcrypt.checkpw(md5, dbhash) |