1 from random import seed, sample
2 from string import letters, digits
3 from osv import fields,osv
6 from service import security
10 def gen_salt( length=8, symbols=letters + digits ):
12 return ''.join( sample( symbols, length ) )
16 def encrypt_md5( raw_pw, salt, magic=magic_md5 ):
17 hash = md5.new( raw_pw + magic + salt )
18 stretch = md5.new( raw_pw + salt + raw_pw).digest()
20 for i in range( 0, len( raw_pw ) ):
21 hash.update( stretch[i % 16] )
29 hash.update( raw_pw[0] )
32 saltedmd5 = hash.digest()
34 for i in range( 1000 ):
40 hash.update( saltedmd5 )
47 hash.update( saltedmd5 )
51 saltedmd5 = hash.digest()
53 itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
56 for a, b, c in ((0, 6, 12), (1, 7, 13), (2, 8, 14), (3, 9, 15), (4, 10, 5)):
57 v = ord( saltedmd5[a] ) << 16 | ord( saltedmd5[b] ) << 8 | ord( saltedmd5[c] )
60 rearranged += itoa64[v & 0x3f]
63 v = ord( saltedmd5[11] )
66 rearranged += itoa64[v & 0x3f]
69 return magic + salt + '$' + rearranged
73 def login(db, login, password):
74 cr = pooler.get_db(db).cursor()
75 cr.execute( 'select password from res_users where login=%s', (login.encode( 'utf-8' ),) )
76 stored_pw = cr.fetchone()
79 stored_pw = stored_pw[0]
81 # Return early if no one has a login name like that.
84 # Calculate a new password ('updated_pw') from 'stored_pw' if the
85 # latter isn't encrypted yet. Use that to update the database entry.
86 # Also update the 'stored_pw' to reflect the change.
88 if stored_pw[0:3] != magic_md5:
89 updated_pw = encrypt_md5( stored_pw, gen_salt() )
90 cr.execute( 'update res_users set password=%s where login=%s', (updated_pw.encode( 'utf-8' ), login.encode( 'utf-8' ),) )
93 cr.execute( 'select password from res_users where login=%s', (login.encode( 'utf-8' ),) )
94 stored_pw = cr.fetchone()[0]
96 # Calculate an encrypted password from the user-provided
97 # password ('encrypted_pw').
99 salt = _salt_cache[password] = stored_pw[3:11]
100 encrypted_pw = encrypt_md5( password, salt )
102 # Retrieve a user id from the database, factoring in an encrypted
105 cr.execute('select id from res_users where login=%s and password=%s and active', (login.encode('utf-8'), encrypted_pw.encode('utf-8')))
114 #def check_super(passwd):
115 # salt = _salt_cache[passwd]
116 # if encrypt_md5( passwd, salt ) == tools.config['admin_passwd']:
119 # raise Exception('AccessDenied')
121 def check(db, uid, passwd):
122 if security._uid_cache.has_key( uid ) and (security._uid_cache[uid]==passwd):
124 cr = pooler.get_db(db).cursor()
125 salt = _salt_cache[passwd]
126 cr.execute(' select count(*) from res_users where id=%d and password=%s', (int(uid), encrypt_md5( passwd, salt )) )
127 res = cr.fetchone()[0]
130 raise Exception('AccessDenied')
132 security._uid_cache[uid] = passwd
136 def access(db, uid, passwd, sec_level, ids):
137 cr = pooler.get_db(db).cursor()
138 salt = _salt_cache[passwd]
139 cr.execute('select id from res_users where id=%s and password=%s', (uid, encrypt_md5( passwd, salt )) )
143 raise Exception('Bad username or password')
146 # check if module is installed or not
148 #security.check_super=check_super
149 security.access=access
152 class users(osv.osv):
156 # Add handlers for 'input_pw' field.
158 def set_pw( self, cr, uid, id, name, value, args, context ):
159 self.write( cr, uid, id, { 'password' : encrypt_md5( value, gen_salt() ) } )
162 def get_pw( self, cr, uid, ids, name, args, context ):
168 # Continuing to original code.
171 'input_pw': fields.function( get_pw, fnct_inv=set_pw, type='char', method=True, size=20, string='Password', invisible=True),