Ignore:
Timestamp:
4 May 2012, 16:48:05 (13 years ago)
Author:
uli
Message:

Make password checking of users more robust.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • main/waeup.kofa/trunk/src/waeup/kofa/authentication.py

    r8343 r8344  
    168168
    169169    def checkPassword(self, password):
     170        if not isinstance(password, basestring):
     171            return False
     172        if not self.password:
     173            # unset/empty passwords do never match
     174            return False
    170175        passwordmanager = getUtility(IPasswordManager, 'SSHA')
    171176        return passwordmanager.checkPassword(self.password, password)
Note: See TracChangeset for help on using the changeset viewer.