moved bcrypt_gen_password_hash to basic_auth/tools and added gen_password_hash functi...

diff --git a/mediagoblin/auth/__init__.py b/mediagoblin/auth/__init__.py
index abb18d2d7acd02666918f444e1ccb0b4bb65ccdc..4bbecc16ecb9163fd7baf869a18e82e8245c88bf 100644 (file)
--- a/mediagoblin/auth/__init__.py
+++ b/mediagoblin/auth/__init__.py
@@ -42,3 +42,7 @@ def get_login_form(request):
 
 def get_registration_form(request):
     return hook_handle("auth_get_registration_form", request)
+
+
+def gen_password_hash(raw_pass, extra_salt=None):
+    return hook_handle("auth_gen_password_hash", raw_pass, extra_salt)

diff --git a/mediagoblin/auth/lib.py b/mediagoblin/auth/lib.py
index 1a9416fc6fc6e015b0bd5a7ffed041d66a5ef3d4..45d0a63fb02a637dc51fcb29d793c077f7af374a 100644 (file)
--- a/mediagoblin/auth/lib.py
+++ b/mediagoblin/auth/lib.py
@@ -23,22 +23,6 @@ from mediagoblin.tools.template import render_template
 from mediagoblin import mg_globals
 
 
-def bcrypt_gen_password_hash(raw_pass, extra_salt=None):
-    """
-    Generate a salt for this new password.
-
-    Args:
-    - raw_pass: user submitted password
-    - extra_salt: (optional) If this password is with stored with a
-      non-database extra salt
-    """
-    if extra_salt:
-        raw_pass = u"%s:%s" % (extra_salt, raw_pass)
-
-    return unicode(
-        bcrypt.hashpw(raw_pass.encode('utf-8'), bcrypt.gensalt()))
-
-
 def fake_login_attempt():
     """
     Pretend we're trying to login.

diff --git a/mediagoblin/edit/views.py b/mediagoblin/edit/views.py
index ad3cbaca196c1d197d4baaf358e23f40352d78b6..9db1c3f9d5cdd5c9f771f22ce5ae68338e312103 100644 (file)
--- a/mediagoblin/edit/views.py
+++ b/mediagoblin/edit/views.py
@@ -22,7 +22,6 @@ from werkzeug.utils import secure_filename
 from mediagoblin import messages
 from mediagoblin import mg_globals
 
-from mediagoblin.auth import lib as auth_lib
 from mediagoblin import auth
 from mediagoblin.edit import forms
 from mediagoblin.edit.lib import may_edit_media

diff --git a/mediagoblin/gmg_commands/users.py b/mediagoblin/gmg_commands/users.py
index 024c8498c635ac9708a6d85f4a6b9eaead49c865..1f3294598f18e7cd94d0c2aad47240de1e80a3ff 100644 (file)
--- a/mediagoblin/gmg_commands/users.py
+++ b/mediagoblin/gmg_commands/users.py
@@ -15,7 +15,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 from mediagoblin.gmg_commands import util as commands_util
-from mediagoblin.auth import lib as auth_lib
+from mediagoblin import auth
 from mediagoblin import mg_globals
 
 def adduser_parser_setup(subparser):
@@ -52,7 +52,7 @@ def adduser(args):
         entry = db.User()
         entry.username = unicode(args.username.lower())
         entry.email = unicode(args.email)
-        entry.pw_hash = auth_lib.bcrypt_gen_password_hash(args.password)
+        entry.pw_hash = auth.gen_password_hash(args.password)
         entry.status = u'active'
         entry.email_verified = True
         entry.save()
@@ -96,7 +96,7 @@ def changepw(args):
 
     user = db.User.one({'username': unicode(args.username.lower())})
     if user:
-        user.pw_hash = auth_lib.bcrypt_gen_password_hash(args.password)
+        user.pw_hash = auth.gen_password_hash(args.password)
         user.save()
         print 'Password successfully changed'
     else:

diff --git a/mediagoblin/plugins/basic_auth/__init__.py b/mediagoblin/plugins/basic_auth/__init__.py
index 68e331ffb626484f72b02cd969fac42fb5435169..f11d255a3e101effd8be8425a8eec2ef22ffc8d7 100644 (file)
--- a/mediagoblin/plugins/basic_auth/__init__.py
+++ b/mediagoblin/plugins/basic_auth/__init__.py
@@ -18,7 +18,6 @@ import uuid
 
 import forms as auth_forms
 import tools as auth_tools
-from mediagoblin.auth import lib as auth_lib
 from mediagoblin.db.models import User
 from mediagoblin.tools.translate import pass_to_ugettext as _
 from mediagoblin.tools import pluginapi
@@ -47,7 +46,7 @@ def create_user(registration_form):
     user = User()
     user.username = registration_form.data['username']
     user.email = registration_form.data['email']
-    user.pw_hash = auth_lib.bcrypt_gen_password_hash(
+    user.pw_hash = auth_tools.bcrypt_gen_password_hash(
         registration_form.password.data)
     user.verification_key = unicode(uuid.uuid4())
     user.save()
@@ -82,6 +81,10 @@ def get_registration_form(request):
     return auth_forms.RegistrationForm(request.form)
 
 
+def gen_password_hash(raw_pass, extra_salt):
+    return auth_tools.bcrypt_gen_password_hash(raw_pass, extra_salt)
+
+
 def auth():
     return True
 
@@ -95,4 +98,5 @@ hooks = {
     'auth_extra_validation': extra_validation,
     'auth_get_login_form': get_login_form,
     'auth_get_registration_form': get_registration_form,
+    'auth_gen_password_hash': gen_password_hash,
 }