[FIX] compatibility between auth_openid and base_crypt
lp bug: https://launchpad.net/bugs/1026784 fixed bzr revid: api@openerp.com-20121115141954-axiv3hq7tg5jozox
This commit is contained in:
parent
fd38df4da5
commit
374daa28b5
|
@ -43,6 +43,7 @@ import pooler
|
|||
from tools.translate import _
|
||||
from service import security
|
||||
import logging
|
||||
import pdb
|
||||
|
||||
magic_md5 = '$1$'
|
||||
_logger = logging.getLogger(__name__)
|
||||
|
@ -183,7 +184,8 @@ class users(osv.osv):
|
|||
cr = None
|
||||
try:
|
||||
cr = pooler.get_db(db).cursor()
|
||||
return self._login(cr, db, login, password)
|
||||
test = self._login(cr, db, login, password)
|
||||
return test
|
||||
except Exception:
|
||||
_logger.exception('Cannot authenticate.')
|
||||
return Exception('Access denied.')
|
||||
|
@ -201,7 +203,22 @@ class users(osv.osv):
|
|||
# Return early if no one has a login name like that.
|
||||
return False
|
||||
|
||||
print "<-------------------Helllo world------------------>"
|
||||
cr.execute('SELECT id FROM ir_module_module WHERE name = \'auth_openid\' and state = \'installed\'')
|
||||
if cr.rowcount:
|
||||
cr.execute( 'SELECT password, id FROM res_users WHERE login=%s AND openid_key = %s AND active',
|
||||
(login.encode('utf-8'),password.encode('utf-8')))
|
||||
if cr.rowcount:
|
||||
# Check if the encrypted password matches against the one in the db.
|
||||
cr.execute("""UPDATE res_users
|
||||
SET login_date=now() AT TIME ZONE 'UTC'
|
||||
WHERE id=%s AND openid_key=%s AND active
|
||||
RETURNING id""",
|
||||
(int(id), password.encode('utf-8')))
|
||||
res = cr.fetchone()
|
||||
cr.commit()
|
||||
|
||||
if res:
|
||||
return res[0]
|
||||
|
||||
stored_pw = self.maybe_encrypt(cr, stored_pw, id)
|
||||
|
||||
|
@ -235,7 +252,6 @@ class users(osv.osv):
|
|||
if not passwd:
|
||||
# empty passwords disallowed for obvious security reasons
|
||||
raise security.ExceptionNoTb('AccessDenied')
|
||||
|
||||
# Get a chance to hash all passwords in db before using the uid_cache.
|
||||
obj = pooler.get_pool(db).get('res.users')
|
||||
if not hasattr(obj, "_salt_cache"):
|
||||
|
|
Loading…
Reference in New Issue