# GNU MediaGoblin -- federated, autonomous media hosting
-# Copyright (C) 2011 MediaGoblin contributors. See AUTHORS.
+# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
if extra_salt:
raw_pass = u"%s:%s" % (extra_salt, raw_pass)
- hashed_pass = bcrypt.hashpw(raw_pass, stored_hash)
+ hashed_pass = bcrypt.hashpw(raw_pass.encode('utf-8'), stored_hash)
# Reduce risk of timing attacks by hashing again with a random
# number (thx to zooko on this advice, which I hopefully
if extra_salt:
raw_pass = u"%s:%s" % (extra_salt, raw_pass)
- return unicode(bcrypt.hashpw(raw_pass, bcrypt.gensalt()))
+ return unicode(
+ bcrypt.hashpw(raw_pass.encode('utf-8'), bcrypt.gensalt()))
def fake_login_attempt():
"""
rendered_email = render_template(
request, 'mediagoblin/auth/verification_email.txt',
- {'username': user['username'],
+ {'username': user.username,
'verification_url': EMAIL_VERIFICATION_TEMPLATE.format(
host=request.host,
uri=request.urlgen('mediagoblin.auth.verify_email'),
userid=unicode(user._id),
- verification_key=user['verification_key'])})
+ verification_key=user.verification_key)})
# TODO: There is no error handling in place
send_email(
mg_globals.app_config['email_sender_address'],
- [user['email']],
+ [user.email],
# TODO
# Due to the distributed nature of GNU MediaGoblin, we should
# find a way to send some additional information about the
"""
rendered_email = render_template(
request, 'mediagoblin/auth/fp_verification_email.txt',
- {'username': user['username'],
+ {'username': user.username,
'verification_url': EMAIL_FP_VERIFICATION_TEMPLATE.format(
host=request.host,
uri=request.urlgen('mediagoblin.auth.verify_forgot_password'),
userid=unicode(user._id),
- fp_verification_key=user['fp_verification_key'])})
+ fp_verification_key=user.fp_verification_key)})
# TODO: There is no error handling in place
send_email(
mg_globals.app_config['email_sender_address'],
- [user['email']],
+ [user.email],
'GNU MediaGoblin - Change forgotten password!',
rendered_email)