diff options
| author |  mkaay <mkaay@mkaay.de>
| 2011-02-05 14:19:22 +0100 |
|---|---|---|
| committer | mkaay <mkaay@mkaay.de>
| 2011-02-05 14:19:22 +0100 |
| commit | 7c332ae610f7feca193ba50ea900f5a417681a7b (patch) | |
| tree | e71f1ba6b8eb52f13c11289069d65288b17a111c /module/UserDatabase.py | |
| parent | py 2.5 fix -> removed import (diff) | |
| download | pyload-7c332ae610f7feca193ba50ea900f5a417681a7b.tar.xz | |
created unified authentication system (same data for webinterface an GUI/CLI, multiple accounts)
Diffstat (limited to 'module/UserDatabase.py')
| -rw-r--r-- | module/UserDatabase.py | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/module/UserDatabase.py b/module/UserDatabase.py new file mode 100644 index 000000000..54852fae1 --- /dev/null +++ b/module/UserDatabase.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +""" + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, + or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + See the GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, see <http://www.gnu.org/licenses/>. + + @author: mkaay +""" + +from DatabaseBackend import DatabaseBackend +from DatabaseBackend import style + +from hashlib import sha1 +import random + +class UserMethods(): + @style.queue + def checkAuth(db, user, password): + c = db.createCursor() + c.execute('SELECT name, password, role, permission, template FROM "users" WHERE name=?', (user, )) + r = c.fetchone() + if not r: + return {} + + salt = r[1][:5] + pw = r[1][5:] + h = sha1(salt + password) + if h.hexdigest() == pw: + return {"name": r[0], "role": r[2], "permission": r[3], "template": r[4]} + + @style.queue + def addUser(db, user, password): + salt = reduce(lambda x, y: x + y, [str(random.randint(0, 9)) for i in range(0, 5)]) + h = sha1(salt + password) + password = salt + h.hexdigest() + + c = db.createCursor() + c.execute('SELECT name FROM users WHERE name=?', (user, )) + if c.fetchone() is not None: + c.execute('UPDATE users SET password=? WHERE name=?', (password, user)) + else: + c.execute('INSERT INTO users (name, password) VALUES (?, ?)', (user, password)) + +DatabaseBackend.registerSub(UserMethods) |