/usr/share/pyshared/pybridge/server/checker.py is in pybridge-server 0.3.0-7.1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 | # PyBridge -- online contract bridge made easy.
# Copyright (C) 2004-2007 PyBridge Project.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
from twisted.cred import checkers, credentials, error
from twisted.internet import defer
from twisted.python import failure, log
from zope.interface import implements
import database as db
class Checker:
"""A database-driven implementation of ICredentialsChecker."""
implements(checkers.ICredentialsChecker)
credentialInterfaces = (credentials.IUsernamePassword,
credentials.IUsernameHashedPassword)
def __init__(self):
self.users = {} # Users online, from Server object.
def requestAvatarId(self, credentials):
def unauthorized(reason):
log.msg("Login failed for %s: %s" % (credentials.username, reason))
return failure.Failure(error.UnauthorizedLogin(reason))
def passwordMatch(matched):
if matched:
return credentials.username
else:
return unauthorized("Incorrect password for user")
if credentials.username == '':
return checkers.ANONYMOUS # TODO: if allowAnonymousRegistration.
users = db.UserAccount.selectBy(username=credentials.username)
if users.count() is 0:
return unauthorized("User not known on server")
elif users[0].allowLogin is False:
return unauthorized("User account is disabled")
elif credentials.username in self.users:
# TODO: delete old session and use this one instead?
return unauthorized("User is already logged in")
d = defer.maybeDeferred(credentials.checkPassword, users[0].password)
d.addCallback(passwordMatch)
return d
|