source: TracAccountManager/0.10/acct_mgr/db.py @ 10

Last change on this file since 10 was 2, checked in by guillaume, 17 years ago

Ajout TracAccountManager en français

File size: 3.4 KB
Line 
1# -*- coding: utf8 -*-
2#
3# Copyright (C) 2007 Matthew Good <trac@matt-good.net>
4#
5# "THE BEER-WARE LICENSE" (Revision 42):
6# <trac@matt-good.net> wrote this file.  As long as you retain this notice you
7# can do whatever you want with this stuff. If we meet some day, and you think
8# this stuff is worth it, you can buy me a beer in return.   Matthew Good
9#
10# Author: Matthew Good <trac@matt-good.net>
11
12from trac.core import *
13from trac.config import ExtensionOption
14
15from api import IPasswordStore
16from pwhash import IPasswordHashMethod
17
18class SessionStore(Component):
19    implements(IPasswordStore)
20
21    hash_method = ExtensionOption('account-manager', 'hash_method',
22                                  IPasswordHashMethod, 'HtDigestHashMethod')
23
24    def get_users(self):
25        """Returns an iterable of the known usernames
26        """
27        db = self.env.get_db_cnx()
28        cursor = db.cursor()
29        cursor.execute("SELECT DISTINCT sid FROM session_attribute "
30                       "WHERE authenticated=1 AND name='password'")
31        for sid, in cursor:
32            yield sid
33 
34    def has_user(self, user):
35        db = self.env.get_db_cnx()
36        cursor = db.cursor()
37        cursor.execute("SELECT * FROM session_attribute "
38                       "WHERE authenticated=1 AND name='password' "
39                       "AND sid=%s", (user,))
40        for row in cursor:
41            return True
42        return False
43
44    def set_password(self, user, password):
45        """Sets the password for the user.  This should create the user account
46        if it doesn't already exist.
47        Returns True if a new account was created, False if an existing account
48        was updated.
49        """
50        hash = self.hash_method.generate_hash(user, password)
51        db = self.env.get_db_cnx()
52        cursor = db.cursor()
53        cursor.execute("UPDATE session_attribute "
54                       "SET value=%s "
55                       "WHERE authenticated=1 AND name='password' "
56                       "AND sid=%s", (hash, user))
57        if cursor.rowcount > 0:
58            return False # updated existing password
59        cursor.execute("INSERT INTO session_attribute "
60                       "(sid,authenticated,name,value) "
61                       "VALUES (%s,1,'password',%s)",
62                       (user, hash))
63        return True
64
65    def check_password(self, user, password):
66        """Checks if the password is valid for the user.
67        """
68        db = self.env.get_db_cnx()
69        cursor = db.cursor()
70        cursor.execute("SELECT value FROM session_attribute "
71                       "WHERE authenticated=1 AND name='password' "
72                       "AND sid=%s", (user,))
73        for hash, in cursor:
74            return self.hash_method.check_hash(user, password, hash)
75        return False
76
77    def delete_user(self, user):
78        """Deletes the user account.
79        Returns True if the account existed and was deleted, False otherwise.
80        """
81        if not self.has_user(user):
82            return False
83        db = self.env.get_db_cnx()
84        cursor = db.cursor()
85        cursor.execute("DELETE FROM session_attribute "
86                       "WHERE authenticated=1 AND name='password' "
87                       "AND sid=%s", (user,))
88        # TODO cursor.rowcount doesn't seem to get # deleted
89        # is there another way to get count instead of using has_user?
90        return True
Note: See TracBrowser for help on using the repository browser.