diff options
Diffstat (limited to 'utils.py')
| -rw-r--r-- | utils.py | 58 |
1 files changed, 49 insertions, 9 deletions
@@ -1,7 +1,9 @@ # -*- coding: utf-8 -*- from functools import wraps -from flask import request, render_template -from flask_login import LoginManager, UserMixin +from flask import request, render_template, session +from random import randint +from Crypto.Cipher import AES + # from http://flask.pocoo.org/docs/patterns/viewdecorators/#templating-decorator def templated(template=None): @@ -21,13 +23,51 @@ def templated(template=None): return decorated_function return decorator -login_manager = LoginManager() -@login_manager.user_loader -def load_user(username): - raise NotImplemented() +def login_user(username, password): +# if not ldap_bind(): +# return False + + session['username'] = username + session['password'] = encrypt_password(password) + + #ldap_unbind() + + return True + + +def logout_user(): + session.pop('username', None) + session.pop('password', None) + + +def pad(s, numbytes=32, padding='\0'): + return s + (numbytes - len(s) % numbytes) * padding + +def encrypt_password(password): + """ + Encrypt the given password with `config.PASSWORD_ENCRYPTION_KEY`. + The key must be 32 bytes long. + """ + assert len(app.config['PASSWORD_ENCRYPTION_KEY']) == 32 + + iv = ''.join(chr(randint(0, 0xff)) for i in range(16)) + encryptor = AES.new(app.config['PASSWORD_ENCRYPTION_KEY'], AES.MODE_CBC, iv) + return iv + encryptor.encrypt(pad(password)) + +def decrypt_password(ciphertext): + """ + Decrypt the given password with `config.PASSWORD_ENCRYPTION_KEY`. + """ + iv = ciphertext[:16] + encryptor = AES.new(app.config['PASSWORD_ENCRYPTION_KEY'], AES.MODE_CBC, iv) + return encryptor.decrypt(ciphertext[16:]).rstrip('\0') + + +def login_required(func): + #TODO + return func -class User(UserMixin): - def __init__(self, username): - self.username = username +# circular import +from app import app |