improve the password convertion methods

author: Damien Churchill <damoc@gmail.com> 2009-05-07 18:02:08 +0000
committer: Damien Churchill <damoc@gmail.com> 2009-05-07 18:02:08 +0000
commit: 7e291268bbba5188cf7dec71f3ecb70fe6ab99f4 (patch)
tree: db8fca8f22c62886b97ae020fbc4fa5b7094616c /deluge/ui/web/auth.py
parent: aeb5e8311b8d6f0dc5ef54f6ea07a733da1cd24a (diff)
download: deluge-7e291268bbba5188cf7dec71f3ecb70fe6ab99f4.tar.gz
deluge-7e291268bbba5188cf7dec71f3ecb70fe6ab99f4.tar.bz2
deluge-7e291268bbba5188cf7dec71f3ecb70fe6ab99f4.zip
1 files changed, 20 insertions, 15 deletions
diff --git a/deluge/ui/web/auth.py b/deluge/ui/web/auth.py
index 8505606da..e708c0c25 100644
--- a/deluge/ui/web/auth.py
+++ b/deluge/ui/web/auth.py
@@ -97,37 +97,42 @@ class Auth(JSONComponent):
         config = component.get("DelugeWeb").config
         d = Deferred()
         
-        if "old_pwd_md5" in config.config:
-            # We are using the 1.1 webui auth method
-            log.debug("Received a login via the 1.1 auth method")
-            from base64 import decodestring
+        if "pwd_md5" in config.config:
+            # We are using the 1.2-dev auth method
+            log.debug("Received a login via the 1.2-dev auth method")
             m = hashlib.md5()
-            m.update(decodestring(config["old_pwd_salt"]))
+            m.update(config["pwd_salt"])
             m.update(password)
-            if m.digest() == decodestring(config["old_pwd_md5"]):
+            if m.hexdigest() == config['pwd_md5']:
                 # We have a match, so we can create and return a session id.
                 d.callback(self._create_session())
                 
                 # We also want to move the password over to sha1 and remove
                 # the old passwords from the config file.
                 self.change_password(password)
-                del config.config["old_pwd_salt"]
-                del config.config["old_pwd_md5"]
-
-        elif "pwd_md5" in config.config:
-            # We are using the 1.2-dev auth method
-            log.debug("Received a login via the 1.2-dev auth method")
+                del config.config["pwd_md5"]
+                
+                # Remove the older password if there is now.
+                if "old_pwd_md5" in config.config:
+                    del config.config["old_pwd_salt"]
+                    del config.config["old_pwd_md5"]
+        
+        elif "old_pwd_md5" in config.config:
+            # We are using the 1.1 webui auth method
+            log.debug("Received a login via the 1.1 auth method")
+            from base64 import decodestring
             m = hashlib.md5()
-            m.update(config["pwd_salt"])
+            m.update(decodestring(config["old_pwd_salt"]))
             m.update(password)
-            if m.hexdigest() == config['pwd_md5']:
+            if m.digest() == decodestring(config["old_pwd_md5"]):
                 # We have a match, so we can create and return a session id.
                 d.callback(self._create_session())
                 
                 # We also want to move the password over to sha1 and remove
                 # the old passwords from the config file.
                 self.change_password(password)
-                del config.config["pwd_md5"]
+                del config.config["old_pwd_salt"]
+                del config.config["old_pwd_md5"]
 
         elif "pwd_sha1" in config.config:
             # We are using the 1.2 auth method
author	Damien Churchill <damoc@gmail.com>	2009-05-07 18:02:08 +0000
committer	Damien Churchill <damoc@gmail.com>	2009-05-07 18:02:08 +0000
commit	7e291268bbba5188cf7dec71f3ecb70fe6ab99f4 (patch)
tree	db8fca8f22c62886b97ae020fbc4fa5b7094616c /deluge/ui/web/auth.py
parent	aeb5e8311b8d6f0dc5ef54f6ea07a733da1cd24a (diff)
download	deluge-7e291268bbba5188cf7dec71f3ecb70fe6ab99f4.tar.gz deluge-7e291268bbba5188cf7dec71f3ecb70fe6ab99f4.tar.bz2 deluge-7e291268bbba5188cf7dec71f3ecb70fe6ab99f4.zip