Add some password check methods to the MySQL auth backend

2016-06-26 20:29:47 +02:00
parent b36a9a1523
commit ac206d56d6
3 changed files with 175 additions and 13 deletions
--- a/cas_server/auth.py
+++ b/cas_server/auth.py
@ -16,6 +16,7 @@ try:  # pragma: no cover
    import MySQLdb
    import MySQLdb.cursors
    import crypt
+    from utils import check_password
 except ImportError:
    MySQLdb = None

@ -90,17 +91,12 @@ class MysqlAuthUser(AuthUser):  # pragma: no cover
    def test_password(self, password):
        """test `password` agains the user"""
        if self.user:
-            if settings.CAS_SQL_PASSWORD_CHECK == "plain":
-                return password == self.user["password"]
-            elif settings.CAS_SQL_PASSWORD_CHECK == "crypt":
-                if self.user["password"].startswith('$'):
-                    salt = '$'.join(self.user["password"].split('$', 3)[:-1])
-                    return crypt.crypt(password, salt) == self.user["password"]
-                else:
-                    return crypt.crypt(
-                        password,
-                        self.user["password"][:2]
-                    ) == self.user["password"]
+            check_password(
+                settings.CAS_SQL_PASSWORD_CHECK,
+                password,
+                self.user["password"],
+                settings.CAS_SQL_DBCHARSET
+            )
        else:
            return False