Projet

Général

Profil

« Précédent | Suivant » 

Révision a9a12993

Ajouté par Josué Kouka il y a plus de 8 ans

encrypt user credentials (#9534)

Voir les différences:

mandayejs/mandaye/models.py
14 14 
# You should have received a copy of the GNU Affero General Public License
15 15 
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
16 16 

  		




  
  17
  
    
import base64


  		




  
  18
  
    
from Crypto.Cipher import AES


  		




  17
  19
  
    

  		




  18
  20
  
    
from django.db import models


  		




  19
  
  
    
from jsonfield import JSONField


  		




  
  21
  
    
from django.conf import settings


  		




  20
  22
  
    
from django.utils.translation import ugettext_lazy as _


  		




  21
  23
  
    

  		




  
  24
  
    
from jsonfield import JSONField


  		




  
  25
  
    

  		




  
  26
  
    
from mandayejs.mandaye.utils import get_password_field


  		




  
  27
  
    

  		




  22
  28
  
    

  		




  23
  29
  
    
class UserCredentials(models.Model):


  		




  24
  30
  
    
    user = models.ForeignKey('auth.User')


  		




  ......




  33
  39
  
    
            or self.user.email \


  		




  34
  40
  
    
            or self.user.username


  		




  35
  41
  
    

  		




  36
  
  
    
    def to_login_info(self):


  		




  
  42
  
    
    def save(self, *args, **kwargs):


  		




  
  43
  
    
        self.encrypt()


  		




  
  44
  
    
        super(UserCredentials, self).save(*args, **kwargs)


  		




  
  45
  
    

  		




  
  46
  
    
    def _get_cipher(self):


  		




  
  47
  
    
        """Return cipher object


  		




  
  48
  
    
        """


  		




  
  49
  
    
        return AES.new(getattr(settings, 'SECRET_KEY'), AES.MODE_CFB, "0000000000000000")


  		




  
  50
  
    

  		




  
  51
  
    
    def encrypt(self,):


  		




  
  52
  
    
        """Encrypt password


  		




  
  53
  
    
        """


  		




  
  54
  
    
        password_field_name = get_password_field()


  		




  
  55
  
    
        cipher = self._get_cipher()


  		




  
  56
  
    
        self.locators[password_field_name] = \


  		




  
  57
  
    
           base64.b64encode(cipher.encrypt(


  		




  
  58
  
    
               self.locators.get(password_field_name,'')


  		




  
  59
  
    
            )) 


  		




  
  60
  
    

  		




  
  61
  
    
        return self.locators


  		




  
  62
  
    

  		




  
  63
  
    
    def decrypt(self,):


  		




  
  64
  
    
        """Decrypt password


  		




  
  65
  
    
        """


  		




  
  66
  
    
        password_field_name = get_password_field()


  		




  
  67
  
    
        cipher = self._get_cipher()


  		




  
  68
  
    
        self.locators[password_field_name] = \


  		




  
  69
  
    
            cipher.decrypt(


  		




  
  70
  
    
                base64.b64decode(


  		




  
  71
  
    
                    self.locators.get(password_field_name,'')


  		




  
  72
  
    
            ))


  		




  
  73
  
    

  		




  
  74
  
    
        return self.locators


  		




  
  75
  
    

  		




  
  76
  
    
    def to_login_info(self, decrypt=False):


  		




  
  77
  
    
        if decrypt:


  		




  
  78
  
    
            self.decrypt()


  		




  37
  79
  
    
        return {'#'+k : v for k,v in self.locators.items() }


  		




  38
  80
  
    

  		












Formats disponibles :  Unified diff