Simplify/rewrite the login module

2025-01-11 20:52:42 +01:00 · 2016-11-19 16:29:53 -08:00 · 2016-11-19 16:29:53 -08:00 · 69066029f1
commit 69066029f1
parent 3308db0cd2
1 changed files with 26 additions and 40 deletions
--- a/coremods/login.py
+++ b/coremods/login.py
@ -1,57 +1,43 @@
 """
-login.py - Implement login method
+login.py - Implement core login abstraction
 """

 from pylinkirc import conf, utils, world
 from pylinkirc.log import log
 from passlib.apps import custom_app_context as pwd_context

-@utils.add_cmd
-def login(user, password):
-    # synonymous to identify()
-    """<user> <password>
-    login to PyLink Services"""
-    # XXX: First see if the user exists in the config
+def checkLogin(user, password):
+    """Checks whether the given user and password is a valid combination."""
    try:
-        passhash = conf.conf['login']['accounts'][user]
-    except KeyError:
-        return False
-        log.error("Account '%s' not found" % user)
-    # XXX: if so then see if the user provided username and password
-    # matches the one in the config.
-    if verifyhash(password, passhash):
-        return True
-    else:
+        passhash = conf.conf['login']['accounts'][user].get('password')
+    except KeyError:  # Invalid combination
        return False

-@utils.add_cmd
-def mkpasswd(irc, source, args):
-    # synonymous to /mkpasswd so prospective admins
-    # can give their password without actually
-    # showing it outright.
-    """<password>
-    hashes a password for use in pylink.yml"""
-    # TODO: restrict to only certain users?
-    # XXX: do we allow this to be public or restrict it
-    # to a certain group of people.
-    password=None
-    try:
-        password = args[0]
-    except IndexError:
-        irc.error("Not enough arguments. (Needs 1, password)")
-    if password == None or password == "None":
-        # technically we shouldn't end up with this running
-        irc.error("password can not be empty")
-        
-    hashed_pass = pwd_context.encrypt("%s" % password)
-    if verifyhash(password, hashed_pass):
-        irc.reply(hashed_pass)
+    return verifyHash(password, passhash)

-def verifyhash(password, passhash):
+def verifyHash(password, passhash):
+    """Checks whether the password given matches the hash."""
    if password:
        # ... good we have a password inputted
        # XXX: the greatest thing here is that the hash
        # is just a string either way, not a object with
        # a method to output the hash
-        return pwd_context.verify(password, passhash)        
+        return pwd_context.verify(password, passhash)
+    return False

+
+@utils.add_cmd
+def mkpasswd(irc, source, args):
+    """<password>
+    Hashes a password for use in the configuration file."""
+    # TODO: restrict to only certain users?
+    try:
+        password = args[0]
+    except IndexError:
+        irc.error("Not enough arguments. (Needs 1, password)")
+        return
+    if not password:
+        irc.error("Password cannot be empty.")
+
+    hashed_pass = pwd_context.encrypt(password)
+    irc.reply(hashed_pass, private=True)