Clean code related to kfet password

2017-09-22 23:31:46 +02:00 · 2017-09-22 23:31:46 +02:00 · e5d19811e8
commit e5d19811e8
parent 1d19d1797c
4 changed files with 46 additions and 14 deletions
--- a/kfet/auth/backends.py
+++ b/kfet/auth/backends.py
@ -1,7 +1,4 @@
 # -*- coding: utf-8 -*-
-
-import hashlib
-
 from django.contrib.auth import get_user_model
 from kfet.models import Account, GenericTeamToken

@ -18,12 +15,7 @@ class KFetBackend(object):
            return None

        try:
-            password_sha256 = (
-                hashlib.sha256(password.encode('utf-8'))
-                .hexdigest()
-            )
-            account = Account.objects.get(password=password_sha256)
-            return account.cofprofile.user
+            return Account.objects.get_by_password(password).user
        except Account.DoesNotExist:
            return None

--- a/kfet/auth/utils.py
+++ b/kfet/auth/utils.py
@ -1,3 +1,5 @@
+import hashlib
+
 from django.contrib.auth import get_user_model
 from django.contrib.auth.models import Permission

@ -26,3 +28,7 @@ def setup_kfet_generic_user(**kwargs):
            codename='is_team',
        )
    )
+
+
+def hash_password(password):
+    return hashlib.sha256(password.encode('utf-8')).hexdigest()
--- a/kfet/models.py
+++ b/kfet/models.py
@ -12,7 +12,6 @@ from django.db import transaction
 from django.db.models import F
 from datetime import date
 import re
-import hashlib

 from .auth import KFET_GENERIC_TRIGRAMME
 from .auth.models import GenericTeamToken  # noqa
@ -42,6 +41,17 @@ class AccountManager(models.Manager):
        """
        return self.get(trigramme=KFET_GENERIC_TRIGRAMME)

+    def get_by_password(self, password):
+        """
+        Get a kfet generic account by clear password.
+
+        Raises Account.DoesNotExist if no Account has this password.
+        """
+        from .auth.utils import hash_password
+        if password is None:
+            raise self.model.DoesNotExist
+        return self.get(password=hash_password(password))
+

 class Account(models.Model):
    objects = AccountManager()
@ -245,10 +255,9 @@ class Account(models.Model):
            self.cofprofile = cof
        super(Account, self).save(*args, **kwargs)

-    def change_pwd(self, pwd):
-        pwd_sha256 = hashlib.sha256(pwd.encode('utf-8'))\
-                            .hexdigest()
-        self.password = pwd_sha256
+    def change_pwd(self, clear_password):
+        from .auth.utils import hash_password
+        self.password = hash_password(clear_password)

    # Surcharge de delete
    # Pas de suppression possible
--- a/kfet/tests/test_models.py
+++ b/kfet/tests/test_models.py
@ -0,0 +1,25 @@
+from django.contrib.auth import get_user_model
+from django.test import TestCase
+
+from kfet.models import Account
+
+User = get_user_model()
+
+
+class AccountTests(TestCase):
+
+    def setUp(self):
+        self.account = Account(trigramme='000')
+        self.account.save({'username': 'user'})
+
+    def test_password(self):
+        self.account.change_pwd('anna')
+        self.account.save()
+
+        self.assertEqual(Account.objects.get_by_password('anna'), self.account)
+
+        with self.assertRaises(Account.DoesNotExist):
+            Account.objects.get_by_password(None)
+
+        with self.assertRaises(Account.DoesNotExist):
+            Account.objects.get_by_password('bernard')