phpbb (2.x) authentication backend

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
from django.contrib.auth.models import User
import hashlib

class PhpbbAuthenticationBackend:
    def authenticate(self, username=None, password=None):
        try:
            # phpbb 2.x encodes passwords as plain md5 hashes, no salt
            pass_md5 = hashlib.md5(password).hexdigest()
            user = User.objects.get(username=username, password=pass_md5)
            
            # get rid of the old-style password, get with the new style!
            user.set_password(password)
            user.save()

            return user
        except User.DoesNotExist:
            return None

More like this

  1. Email or username authentication with masquerading by petrilli 4 years, 9 months ago
  2. Old MySQL Password Hash by tback 4 years, 11 months ago
  3. MoinMoin auth backend by yourcelf 3 years, 6 months ago
  4. Password Reset Form Newforms by glisha 7 years ago
  5. No Password E-mail by jefferya 5 years, 2 months ago

Comments

mk (on July 25, 2008):

You'll be delighted to hear that the code in django.contrib.auth does exactly that already. See User.check_password in django/contrib/auth/models.py around line 180 (current SVN trunk, r8069)

#

bram (on July 25, 2008):

sigh here I was thinking I had done something useful :)

#

(Forgotten your password?)