auth.py 文件源码

python
阅读 28 收藏 0 点赞 0 评论 0

项目:unsonic 作者: redshodan 项目源码 文件源码
def authCheck(self, username, password, req):
        with Session() as session:
            user = models.getUserByName(session, username)
            if not user or user and not user.password:
                return
            if ("t" in list(req.params.keys()) and
                  "s" in list(req.params.keys())):
                sum = hashlib.md5()
                sum.update(user.password.encode("utf-8"))
                sum.update(req.params["s"].encode("utf-8"))
                if sum.hexdigest() == req.params["t"]:
                    # Stash the user for easy access
                    req.authed_user = user
                    return req.authed_user.roles
                else:
                    return
            elif password.startswith("enc:"):
                try:
                    decode_hex = codecs.getdecoder("hex_codec")
                    password = decode_hex(password[4:])[0]
                    password = password.decode("utf-8")
                except:
                    return
            if user and password == user.password:
                # Stash the user for easy access
                req.authed_user = user
                return req.authed_user.roles
评论列表
文章目录


问题


面经


文章

微信
公众号

扫码关注公众号