From: Rodney Ewing <ewing.rj@gmail.com>
Date: Wed, 15 May 2013 00:38:18 +0000 (-0700)
Subject: moved bcrypt_gen_password_hash to basic_auth/tools and added gen_password_hash functi... 
X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=9c2c9be79d210155f1b8f299d34029afe3a434ed;p=mediagoblin.git

moved bcrypt_gen_password_hash to basic_auth/tools and added gen_password_hash function to auth/__init__
---

diff --git a/mediagoblin/auth/__init__.py b/mediagoblin/auth/__init__.py
index abb18d2d..4bbecc16 100644
--- a/mediagoblin/auth/__init__.py
+++ b/mediagoblin/auth/__init__.py
@@ -42,3 +42,7 @@ def get_login_form(request):
 
 def get_registration_form(request):
     return hook_handle("auth_get_registration_form", request)
+
+
+def gen_password_hash(raw_pass, extra_salt=None):
+    return hook_handle("auth_gen_password_hash", raw_pass, extra_salt)
diff --git a/mediagoblin/auth/lib.py b/mediagoblin/auth/lib.py
index 1a9416fc..45d0a63f 100644
--- a/mediagoblin/auth/lib.py
+++ b/mediagoblin/auth/lib.py
@@ -23,22 +23,6 @@ from mediagoblin.tools.template import render_template
 from mediagoblin import mg_globals
 
 
-def bcrypt_gen_password_hash(raw_pass, extra_salt=None):
-    """
-    Generate a salt for this new password.
-
-    Args:
-    - raw_pass: user submitted password
-    - extra_salt: (optional) If this password is with stored with a
-      non-database extra salt
-    """
-    if extra_salt:
-        raw_pass = u"%s:%s" % (extra_salt, raw_pass)
-
-    return unicode(
-        bcrypt.hashpw(raw_pass.encode('utf-8'), bcrypt.gensalt()))
-
-
 def fake_login_attempt():
     """
     Pretend we're trying to login.
diff --git a/mediagoblin/edit/views.py b/mediagoblin/edit/views.py
index ad3cbaca..9db1c3f9 100644
--- a/mediagoblin/edit/views.py
+++ b/mediagoblin/edit/views.py
@@ -22,7 +22,6 @@ from werkzeug.utils import secure_filename
 from mediagoblin import messages
 from mediagoblin import mg_globals
 
-from mediagoblin.auth import lib as auth_lib
 from mediagoblin import auth
 from mediagoblin.edit import forms
 from mediagoblin.edit.lib import may_edit_media
diff --git a/mediagoblin/gmg_commands/users.py b/mediagoblin/gmg_commands/users.py
index 024c8498..1f329459 100644
--- a/mediagoblin/gmg_commands/users.py
+++ b/mediagoblin/gmg_commands/users.py
@@ -15,7 +15,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 from mediagoblin.gmg_commands import util as commands_util
-from mediagoblin.auth import lib as auth_lib
+from mediagoblin import auth
 from mediagoblin import mg_globals
 
 def adduser_parser_setup(subparser):
@@ -52,7 +52,7 @@ def adduser(args):
         entry = db.User()
         entry.username = unicode(args.username.lower())
         entry.email = unicode(args.email)
-        entry.pw_hash = auth_lib.bcrypt_gen_password_hash(args.password)
+        entry.pw_hash = auth.gen_password_hash(args.password)
         entry.status = u'active'
         entry.email_verified = True
         entry.save()
@@ -96,7 +96,7 @@ def changepw(args):
 
     user = db.User.one({'username': unicode(args.username.lower())})
     if user:
-        user.pw_hash = auth_lib.bcrypt_gen_password_hash(args.password)
+        user.pw_hash = auth.gen_password_hash(args.password)
         user.save()
         print 'Password successfully changed'
     else:
diff --git a/mediagoblin/plugins/basic_auth/__init__.py b/mediagoblin/plugins/basic_auth/__init__.py
index 68e331ff..f11d255a 100644
--- a/mediagoblin/plugins/basic_auth/__init__.py
+++ b/mediagoblin/plugins/basic_auth/__init__.py
@@ -18,7 +18,6 @@ import uuid
 
 import forms as auth_forms
 import tools as auth_tools
-from mediagoblin.auth import lib as auth_lib
 from mediagoblin.db.models import User
 from mediagoblin.tools.translate import pass_to_ugettext as _
 from mediagoblin.tools import pluginapi
@@ -47,7 +46,7 @@ def create_user(registration_form):
     user = User()
     user.username = registration_form.data['username']
     user.email = registration_form.data['email']
-    user.pw_hash = auth_lib.bcrypt_gen_password_hash(
+    user.pw_hash = auth_tools.bcrypt_gen_password_hash(
         registration_form.password.data)
     user.verification_key = unicode(uuid.uuid4())
     user.save()
@@ -82,6 +81,10 @@ def get_registration_form(request):
     return auth_forms.RegistrationForm(request.form)
 
 
+def gen_password_hash(raw_pass, extra_salt):
+    return auth_tools.bcrypt_gen_password_hash(raw_pass, extra_salt)
+
+
 def auth():
     return True
 
@@ -95,4 +98,5 @@ hooks = {
     'auth_extra_validation': extra_validation,
     'auth_get_login_form': get_login_form,
     'auth_get_registration_form': get_registration_form,
+    'auth_gen_password_hash': gen_password_hash,
 }