DGNum/gestioCOF
15
2
Fork 2
Code Issues 79 Pull requests 19 Projects Releases 12 Packages Wiki Activity Actions

Clean code related to kfet password

Browse source
This commit is contained in:
Aurélien Delobelle 2017-09-22 23:31:46 +02:00
parent 1d19d1797c
commit e5d19811e8
4 changed files with 46 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
kfet/auth/backends.py
View file

@ -1,7 +1,4 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
import hashlib
from django.contrib.auth import get_user_model from django.contrib.auth import get_user_model
from kfet.models import Account, GenericTeamToken from kfet.models import Account, GenericTeamToken
@ -18,12 +15,7 @@ class KFetBackend(object):
return None return None
try: try:
password_sha256 = ( return Account.objects.get_by_password(password).user
hashlib.sha256(password.encode('utf-8'))
.hexdigest()
)
account = Account.objects.get(password=password_sha256)
return account.cofprofile.user
except Account.DoesNotExist: except Account.DoesNotExist:
return None return None

6
kfet/auth/utils.py
View file

@ -1,3 +1,5 @@
import hashlib
from django.contrib.auth import get_user_model from django.contrib.auth import get_user_model
from django.contrib.auth.models import Permission from django.contrib.auth.models import Permission
@ -26,3 +28,7 @@ def setup_kfet_generic_user(**kwargs):
codename='is_team', codename='is_team',
) )
) )
def hash_password(password):
return hashlib.sha256(password.encode('utf-8')).hexdigest()

19
kfet/models.py
View file

@ -12,7 +12,6 @@ from django.db import transaction
from django.db.models import F from django.db.models import F
from datetime import date from datetime import date
import re import re
import hashlib
from .auth import KFET_GENERIC_TRIGRAMME from .auth import KFET_GENERIC_TRIGRAMME
from .auth.models import GenericTeamToken # noqa from .auth.models import GenericTeamToken # noqa
@ -42,6 +41,17 @@ class AccountManager(models.Manager):
""" """
return self.get(trigramme=KFET_GENERIC_TRIGRAMME) return self.get(trigramme=KFET_GENERIC_TRIGRAMME)
def get_by_password(self, password):
"""
Get a kfet generic account by clear password.
Raises Account.DoesNotExist if no Account has this password.
"""
from .auth.utils import hash_password
if password is None:
raise self.model.DoesNotExist
return self.get(password=hash_password(password))
class Account(models.Model): class Account(models.Model):
objects = AccountManager() objects = AccountManager()
@ -245,10 +255,9 @@ class Account(models.Model):
self.cofprofile = cof self.cofprofile = cof
super(Account, self).save(*args, **kwargs) super(Account, self).save(*args, **kwargs)
def change_pwd(self, pwd): def change_pwd(self, clear_password):
pwd_sha256 = hashlib.sha256(pwd.encode('utf-8'))\ from .auth.utils import hash_password
.hexdigest() self.password = hash_password(clear_password)
self.password = pwd_sha256
# Surcharge de delete # Surcharge de delete
# Pas de suppression possible # Pas de suppression possible

25
kfet/tests/test_models.py Normal file
View file

@ -0,0 +1,25 @@
from django.contrib.auth import get_user_model
from django.test import TestCase
from kfet.models import Account
User = get_user_model()
class AccountTests(TestCase):
def setUp(self):
self.account = Account(trigramme='000')
self.account.save({'username': 'user'})
def test_password(self):
self.account.change_pwd('anna')
self.account.save()
self.assertEqual(Account.objects.get_by_password('anna'), self.account)
with self.assertRaises(Account.DoesNotExist):
Account.objects.get_by_password(None)
with self.assertRaises(Account.DoesNotExist):
Account.objects.get_by_password('bernard')