[Zope3-checkins] SVN: Zope3/trunk/ Password managers now accept
full Unicode characters range for passwords
Dmitry Vasiliev
dima at hlabs.spb.ru
Tue Apr 24 06:27:03 EDT 2007
Log message for revision 74699:
Password managers now accept full Unicode characters range for passwords
Changed:
U Zope3/trunk/doc/CHANGES.txt
U Zope3/trunk/src/zope/app/authentication/password.py
-=-
Modified: Zope3/trunk/doc/CHANGES.txt
===================================================================
--- Zope3/trunk/doc/CHANGES.txt 2007-04-24 09:05:21 UTC (rev 74698)
+++ Zope3/trunk/doc/CHANGES.txt 2007-04-24 10:27:02 UTC (rev 74699)
@@ -15,6 +15,9 @@
Bugs fixed
+ - Password managers now accept full Unicode characters range for
+ passwords
+
- #98535: Deprecation warning was broken for
zope.app.site.tests.placefulsetup
Modified: Zope3/trunk/src/zope/app/authentication/password.py
===================================================================
--- Zope3/trunk/src/zope/app/authentication/password.py 2007-04-24 09:05:21 UTC (rev 74698)
+++ Zope3/trunk/src/zope/app/authentication/password.py 2007-04-24 10:27:02 UTC (rev 74699)
@@ -19,6 +19,7 @@
import md5
import sha
+from codecs import getencoder
from zope.interface import implements, classProvides
from zope.schema.interfaces import IVocabularyFactory
@@ -27,6 +28,9 @@
from zope.app.authentication.interfaces import IPasswordManager
+_encoder = getencoder("utf-8")
+
+
class PlainTextPasswordManager(object):
"""Plain text password manager.
@@ -36,12 +40,13 @@
>>> verifyObject(IPasswordManager, manager)
True
- >>> encoded = manager.encodePassword("password")
+ >>> password = u"right \N{CYRILLIC CAPITAL LETTER A}"
+ >>> encoded = manager.encodePassword(password)
>>> encoded
- 'password'
- >>> manager.checkPassword(encoded, "password")
+ u'right \u0410'
+ >>> manager.checkPassword(encoded, password)
True
- >>> manager.checkPassword(encoded, "bad")
+ >>> manager.checkPassword(encoded, password + u"wrong")
False
"""
@@ -53,6 +58,7 @@
def checkPassword(self, storedPassword, password):
return storedPassword == self.encodePassword(password)
+
class MD5PasswordManager(PlainTextPasswordManager):
"""MD5 password manager.
@@ -62,20 +68,22 @@
>>> verifyObject(IPasswordManager, manager)
True
- >>> encoded = manager.encodePassword("password")
+ >>> password = u"right \N{CYRILLIC CAPITAL LETTER A}"
+ >>> encoded = manager.encodePassword(password)
>>> encoded
- '5f4dcc3b5aa765d61d8327deb882cf99'
- >>> manager.checkPassword(encoded, "password")
+ '86dddccec45db4599f1ac00018e54139'
+ >>> manager.checkPassword(encoded, password)
True
- >>> manager.checkPassword(encoded, "bad")
+ >>> manager.checkPassword(encoded, password + u"wrong")
False
"""
implements(IPasswordManager)
def encodePassword(self, password):
- return md5.new(password).hexdigest()
+ return md5.new(_encoder(password)[0]).hexdigest()
+
class SHA1PasswordManager(PlainTextPasswordManager):
"""SHA1 password manager.
@@ -85,20 +93,22 @@
>>> verifyObject(IPasswordManager, manager)
True
- >>> encoded = manager.encodePassword("password")
+ >>> password = u"right \N{CYRILLIC CAPITAL LETTER A}"
+ >>> encoded = manager.encodePassword(password)
>>> encoded
- '5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8'
- >>> manager.checkPassword(encoded, "password")
+ '04b4eec7154c5f3a2ec6d2956fb80b80dc737402'
+ >>> manager.checkPassword(encoded, password)
True
- >>> manager.checkPassword(encoded, "bad")
+ >>> manager.checkPassword(encoded, password + u"wrong")
False
"""
implements(IPasswordManager)
def encodePassword(self, password):
- return sha.new(password).hexdigest()
+ return sha.new(_encoder(password)[0]).hexdigest()
+
# Simple registry used by mkzopeinstance script
managers = [
("Plain Text", PlainTextPasswordManager()), # default
@@ -106,7 +116,10 @@
("SHA1", SHA1PasswordManager()),
]
+
class PasswordManagerNamesVocabulary(UtilityVocabulary):
+ """Vocabulary of password managers."""
+
classProvides(IVocabularyFactory)
interface = IPasswordManager
nameOnly = True
More information about the Zope3-Checkins
mailing list