r5242 - improve the password convertion methods

Thu, 07 May 2009 11:02:10 -0700 

Author: damoxc

Revision: 5242

Log:
        improve the password convertion methods

Diff:
Modified: trunk/deluge/ui/web/auth.py
===================================================================
--- trunk/deluge/ui/web/auth.py 2009-05-07 17:51:01 UTC (rev 5241)
+++ trunk/deluge/ui/web/auth.py 2009-05-07 18:02:08 UTC (rev 5242)
@@ -97,37 +97,42 @@
         config = component.get("DelugeWeb").config
         d = Deferred()
         
-        if "old_pwd_md5" in config.config:
-            # We are using the 1.1 webui auth method
-            log.debug("Received a login via the 1.1 auth method")
-            from base64 import decodestring
+        if "pwd_md5" in config.config:
+            # We are using the 1.2-dev auth method
+            log.debug("Received a login via the 1.2-dev auth method")
             m = hashlib.md5()
-            m.update(decodestring(config["old_pwd_salt"]))
+            m.update(config["pwd_salt"])
             m.update(password)
-            if m.digest() == decodestring(config["old_pwd_md5"]):
+            if m.hexdigest() == config['pwd_md5']:
                 # We have a match, so we can create and return a session id.
                 d.callback(self._create_session())
                 
                 # We also want to move the password over to sha1 and remove
                 # the old passwords from the config file.
                 self.change_password(password)
-                del config.config["old_pwd_salt"]
-                del config.config["old_pwd_md5"]
-
-        elif "pwd_md5" in config.config:
-            # We are using the 1.2-dev auth method
-            log.debug("Received a login via the 1.2-dev auth method")
+                del config.config["pwd_md5"]
+                
+                # Remove the older password if there is now.
+                if "old_pwd_md5" in config.config:
+                    del config.config["old_pwd_salt"]
+                    del config.config["old_pwd_md5"]
+        
+        elif "old_pwd_md5" in config.config:
+            # We are using the 1.1 webui auth method
+            log.debug("Received a login via the 1.1 auth method")
+            from base64 import decodestring
             m = hashlib.md5()
-            m.update(config["pwd_salt"])
+            m.update(decodestring(config["old_pwd_salt"]))
             m.update(password)
-            if m.hexdigest() == config['pwd_md5']:
+            if m.digest() == decodestring(config["old_pwd_md5"]):
                 # We have a match, so we can create and return a session id.
                 d.callback(self._create_session())
                 
                 # We also want to move the password over to sha1 and remove
                 # the old passwords from the config file.
                 self.change_password(password)
-                del config.config["pwd_md5"]
+                del config.config["old_pwd_salt"]
+                del config.config["old_pwd_md5"]
 
         elif "pwd_sha1" in config.config:
             # We are using the 1.2 auth method



--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"deluge-commit" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to 
[email protected]
For more options, visit this group at 
http://groups.google.com/group/deluge-commit?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to