Commit 56be20b0 authored by Jérome Perrin's avatar Jérome Perrin

Encrypt passwords

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@6344 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent af2bc235
...@@ -42,7 +42,10 @@ try: ...@@ -42,7 +42,10 @@ try:
except ImportError: except ImportError:
PluggableAuthService = None PluggableAuthService = None
try :
from AccessControl.AuthEncoding import pw_encrypt
except ImportError:
pw_encrypt = lambda pw:pw
class Person(Entity, Node, XMLObject): class Person(Entity, Node, XMLObject):
""" """
...@@ -178,6 +181,6 @@ class Person(Entity, Node, XMLObject): ...@@ -178,6 +181,6 @@ class Person(Entity, Node, XMLObject):
Set the password, only if the password is not empty. Set the password, only if the password is not empty.
""" """
if value is not None : if value is not None :
self._setPassword(value) self._setPassword(pw_encrypt(value))
self.reindexObject() self.reindexObject()
...@@ -28,6 +28,11 @@ from Products.ERP5Type.Cache import CachingMethod ...@@ -28,6 +28,11 @@ from Products.ERP5Type.Cache import CachingMethod
from zLOG import LOG from zLOG import LOG
try :
from AccessControl.AuthEncoding import pw_validate
except ImportError:
pw_validate = lambda reference, attempt: reference == attempt
# This user is used to bypass all security checks. # This user is used to bypass all security checks.
SUPER_USER = '__erp5security-=__' SUPER_USER = '__erp5security-=__'
...@@ -85,7 +90,7 @@ class ERP5UserManager(BasePlugin): ...@@ -85,7 +90,7 @@ class ERP5UserManager(BasePlugin):
user = user_list[0] user = user_list[0]
if user.getPassword() == password and\ if pw_validate(user.getPassword(), password) and\
user.getCareerRole() == 'internal': user.getCareerRole() == 'internal':
return login, login # use same for user_id and login return login, login # use same for user_id and login
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment