Deluge
diff options
| author | Calum Lind <calumlind+deluge@gmail.com> | 2014-02-17 23:59:07 +0000 |
|---|---|---|
| committer | Calum Lind <calumlind+deluge@gmail.com> | 2014-02-17 23:59:24 +0000 |
| commit | c620ddcba0fd66d58a654d14834b1309fc52b532 (patch) | |
| tree | 1881272dc02161ddd1055508a816be0a3647d1cf | |
| parent | e8aee7327b9b111497dc12ab5dc44d88885c8532 (diff) | |
| download | deluge-c620ddcba0fd66d58a654d14834b1309fc52b532.tar.gz deluge-c620ddcba0fd66d58a654d14834b1309fc52b532.tar.bz2 deluge-c620ddcba0fd66d58a654d14834b1309fc52b532.zip | |
[#2310] [WebUI] Fix unicode password support
| -rw-r--r-- | deluge/ui/web/auth.py | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/deluge/ui/web/auth.py b/deluge/ui/web/auth.py index e26eab486..4c568f24e 100644 --- a/deluge/ui/web/auth.py +++ b/deluge/ui/web/auth.py @@ -59,12 +59,15 @@ from twisted.internet.task import LoopingCall from deluge import component from deluge.ui.web.json_api import JSONComponent, export +from deluge.common import utf8_encoded log = logging.getLogger(__name__) + def make_checksum(session_id): return reduce(lambda x,y:x+y, map(ord, session_id)) + def get_session_id(session_id): """ Checks a session id against its checksum @@ -83,12 +86,14 @@ def get_session_id(session_id): log.exception(e) return None + def make_expires(timeout): dt = timedelta(seconds=timeout) expires = time.mktime((datetime.now() + dt).timetuple()) expires_str = formatdate(timeval=expires, localtime=False, usegmt=True) return expires, expires_str + class Auth(JSONComponent): """ The component that implements authentification into the JSON interface. @@ -158,7 +163,7 @@ class Auth(JSONComponent): log.debug("Received a password via the 1.2-dev auth method") m = hashlib.md5() m.update(config["pwd_salt"]) - m.update(password) + m.update(utf8_encoded(password)) if m.hexdigest() == config['pwd_md5']: # We want to move the password over to sha1 and remove # the old passwords from the config file. @@ -178,7 +183,7 @@ class Auth(JSONComponent): from base64 import decodestring m = hashlib.md5() m.update(decodestring(config["old_pwd_salt"])) - m.update(password) + m.update(utf8_encoded(password)) if m.digest() == decodestring(config["old_pwd_md5"]): # We want to move the password over to sha1 and remove @@ -194,7 +199,7 @@ class Auth(JSONComponent): log.debug("Received a password via the 1.2 auth method") s = hashlib.sha1() s.update(config["pwd_salt"]) - s.update(password) + s.update(utf8_encoded(password)) if s.hexdigest() == config["pwd_sha1"]: return True @@ -265,7 +270,7 @@ class Auth(JSONComponent): log.debug("Changing password") salt = hashlib.sha1(str(random.getrandbits(40))).hexdigest() s = hashlib.sha1(salt) - s.update(new_password) + s.update(utf8_encoded(new_password)) config = component.get("DelugeWeb").config config["pwd_salt"] = salt config["pwd_sha1"] = s.hexdigest() @@ -318,7 +323,6 @@ class Auth(JSONComponent): :returns: a session id or False :rtype: string or False """ - if self.check_password(password): return self._create_session(__request__) else: |