Source code for tldap.ldap_passwd

# Copyright 2012-2018 Brian May
#
# This file is part of python-tldap.
#
# python-tldap is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# python-tldap is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with python-tldap  If not, see <http://www.gnu.org/licenses/>.

""" Hash and check passwords. """
from passlib.context import CryptContext


pwd_context = CryptContext(
    schemes=[
        "ldap_sha512_crypt",
        "ldap_salted_sha1",
        "ldap_md5",
        "ldap_sha1",
        "ldap_salted_md5",
        "ldap_des_crypt",
        "ldap_md5_crypt",
    ],
    default="ldap_sha512_crypt",
)


[docs] def check_password(password: str, encrypted: str) -> bool: """ Check a plaintext password against a hashed password. """ # some old passwords have {crypt} in lower case, and passlib wants it to be # in upper case. if encrypted.startswith("{crypt}"): encrypted = "{CRYPT}" + encrypted[7:] return pwd_context.verify(password, encrypted)
[docs] def encode_password(password: str) -> str: """ Encode a password. """ return pwd_context.hash(password)