forked from crawl/crawl
-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathuserdb.py
86 lines (71 loc) · 2.53 KB
/
userdb.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
import crypt
import sqlite3
import re
import os.path
import logging
import random
from config import (max_passwd_length, nick_regex, password_db,
crypt_algorithm, crypt_salt_length)
def user_passwd_match(username, passwd): # Returns the correctly cased username.
try:
passwd = passwd[0:max_passwd_length]
except:
return None
try:
conn = sqlite3.connect(password_db)
c = conn.cursor()
c.execute("select username,password from dglusers where username=? collate nocase",
(username,))
result = c.fetchone()
if result is None:
return None
elif crypt.crypt(passwd, result[1]) == result[1]:
return result[0]
finally:
if c: c.close()
if conn: conn.close()
def ensure_user_db_exists():
if os.path.exists(password_db): return
logging.warn("User database didn't exist; creating it now.")
c = None
conn = None
try:
conn = sqlite3.connect(password_db)
c = conn.cursor()
schema = ("CREATE TABLE dglusers (id integer primary key," +
" username text, email text, env text," +
" password text, flags integer);")
c.execute(schema)
conn.commit()
finally:
if c: c.close()
if conn: conn.close()
saltchars = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
def make_salt(saltlen):
return ''.join(random.choice(saltchars) for x in xrange(0,saltlen))
def register_user(username, passwd, email): # Returns an error message or None
if passwd == "": return "The password can't be empty!"
passwd = passwd[0:max_passwd_length]
username = username.strip()
if not re.match(nick_regex, username): return "Invalid username!"
if crypt_algorithm == "broken":
salt = passwd
elif crypt_algorithm:
salt = "$%s$%s$" % (crypt_algorithm, make_salt(crypt_salt_length))
else:
salt = make_salt(2)
crypted_pw = crypt.crypt(passwd, salt)
try:
conn = sqlite3.connect(password_db)
c = conn.cursor()
c.execute("select username from dglusers where username=? collate nocase",
(username,))
result = c.fetchone()
if result: return "User already exists!"
c.execute("insert into dglusers(username, email, password, flags, env) values (?,?,?,0,'')",
(username, email, crypted_pw))
conn.commit()
return None
finally:
if c: c.close()
if conn: conn.close()