Here is a patch for the identity module which will allow the passwords
to be stored in the database using either md5 or sha encryption. All
that's required is to put a 'identity.encryption="(md5|sha)"' in your
config file. If you put nothing, the behavior is the same as it was.
I've tested it using clear passwords, md5, and sha. Is this something
anyone is interested in? (Oh, since I'm doing a hexdigest rather than a
plain digest, I had to up the password length to 40 - it should be 20 if
I had done plain digest.)
Index: model/somodel.py
===================================================================
--- model/somodel.py (revision 341)
+++ model/somodel.py (working copy)
@@ -54,7 +54,7 @@
userId= UnicodeCol( length=16, alternateID=True )
emailAddress= UnicodeCol( length=255, alternateID=True )
displayName= UnicodeCol( length=255 )
- password= UnicodeCol( length=16 )
+ password= UnicodeCol( length=40 )
created= DateTimeCol( default=datetime.now )
# groups this user belongs to
Index: provider/soprovider.py
===================================================================
--- provider/soprovider.py (revision 341)
+++ provider/soprovider.py (working copy)
@@ -1,5 +1,6 @@
import cherrypy
import sha
+import md5
import datetime
import random
@@ -59,6 +60,13 @@
'''
try:
user= self.userClass.byUserId( userId )
+
+ encryption_algorithm =
cherrypy.config.get("identity.encryption")
+ if encryption_algorithm == "md5":
+ password = md5.new(password).hexdigest()
+ elif encryption_algorithm == "sha":
+ password = sha.new(password).hexdigest()
+
if (user.password!=password):
return None
