habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

*: providers and sources -> channels, PolicyModel to PolicyBindingModel that uses custom M2M through

Browse Source
This commit is contained in:
Jens Langhammer
2020-05-15 22:15:01 +02:00
parent 615cd7870d
commit 7ed3ceb960
293 changed files with 3236 additions and 4684 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
passbook/policies/hibp/models.py
View File

@ -6,7 +6,8 @@ from django.utils.translation import gettext as _
from requests import get
from structlog import get_logger
from passbook.core.models import Policy, PolicyResult, User
from passbook.policies.models import Policy
from passbook.policies.types import PolicyRequest, PolicyResult
LOGGER = get_logger()
@ -19,14 +20,14 @@ class HaveIBeenPwendPolicy(Policy):
form = "passbook.policies.hibp.forms.HaveIBeenPwnedPolicyForm"
def passes(self, user: User) -> PolicyResult:
def passes(self, request: PolicyRequest) -> PolicyResult:
"""Check if password is in HIBP DB. Hashes given Password with SHA1, uses the first 5
characters of Password in request and checks if full hash is in response. Returns 0
if Password is not in result otherwise the count of how many times it was used."""
# Only check if password is being set
if not hasattr(user, "__password__"):
if not hasattr(request.user, "__password__"):
return PolicyResult(True)
password = getattr(user, "__password__")
password = getattr(request.user, "__password__")
pw_hash = sha1(password.encode("utf-8")).hexdigest() # nosec
url = "https://api.pwnedpasswords.com/range/%s" % pw_hash[:5]
result = get(url).text