[Zope] Re: PAS and md5 or crypt passwords
Robert (Jamie) Munro
jamie at textmatters.com
Thu Oct 12 14:03:28 EDT 2006
Tres Seaver wrote:
> Robert (Jamie) Munro wrote:
>>> How do you use md5 passwords in PAS?
>>>
>>> I've got an SQL database already populated with usernames and md5
>>> passwords from an old system that I am replacing - I don't have the
>>> cleartext passwords.
>
> You write an authentication plugin which takes the credentials as keys
> in a dict (e.g., 'login_name', 'password'), encrypts the password using
> the same algorithm as your old system, and then compares them. E.g.,
> (untested)::
>
> import md5
> PASSWORD_TEST_SQL = ("select * from users where login_name = '%s' "
> "and encrypted_pw = '%s'")
> def authenticateCredentials(self, credentials):
> login = credentials['login']
> clear = credentials['password']
> encrypted = md5.new(clear).hexdigest() # or whatever
> matched = self._execSQL(PASSWORD_TEST_SQL % (login, encrypted))
> if matched:
> return matched[0]['userid'], login
> return {}
I've edited GMailAuthPlugin, renamed it MD5AuthPlugin, added that code
and removed the google specific code. It doesn't give any errors, but it
also doesn't let me log in. I've tried adding a line to log things, but
that doesn't seem to be working either.
LOG("MD5AuthPlugin", INFO, "Login attempt: login: %s, clear: %s,
encrypted: %s" % (login,clear,encrypted))
Any ideas?
Thanks,
Robert (Jamie) Munro
More information about the Zope
mailing list