[Checkins] SVN: z3c.password/branches/adamg-options/src/z3c/password/principal.py still adjusting logic to match functional testing with a full blown zope

Adam Groszer agroszer at gmail.com
Mon Jun 15 09:30:14 EDT 2009 

Log message for revision 100999:
  still adjusting logic to match functional testing with a full blown zope

Changed:
  U   z3c.password/branches/adamg-options/src/z3c/password/principal.py

-=-
Modified: z3c.password/branches/adamg-options/src/z3c/password/principal.py
===================================================================
--- z3c.password/branches/adamg-options/src/z3c/password/principal.py	2009-06-15 13:26:22 UTC (rev 100998)
+++ z3c.password/branches/adamg-options/src/z3c/password/principal.py	2009-06-15 13:30:13 UTC (rev 100999)
@@ -58,10 +58,7 @@
         same = super(PrincipalMixIn, self).checkPassword(pwd)
 
         if not ignoreFailures and self.lastFailedAttempt is not None:
-            attempts = self._maxFailedAttempts()
-            #this one needs to be >=, because... data just does not
-            #get saved on an exception when running under of a full Zope env.
-            if attempts is not None and self.failedAttempts >= attempts:
+            if self.tooManyLoginFailures():
                 lockPeriod = self._lockOutPeriod()
                 if lockPeriod is not None:
                     #check if the user locked himself
@@ -69,6 +66,9 @@
                         if not same:
                             self.lastFailedAttempt = self.now()
                         raise interfaces.AccountLocked(self)
+                    else:
+                        self.failedAttempts = 0
+                        self.lastFailedAttempt = None
 
         if same:
             #successful attempt
@@ -81,6 +81,7 @@
                 if expiresOn is not None:
                     if expiresOn < self.now():
                         raise interfaces.PasswordExpired(self)
+            add = 0
         else:
             #failed attempt
             lockPeriod = self._lockOutPeriod()
@@ -92,11 +93,12 @@
             #record it, increase counter
             self.failedAttempts += 1
             self.lastFailedAttempt = self.now()
+            add = 1
 
         # If the maximum amount of failures has been reached notify the
         # system by raising an error.
         if not ignoreFailures:
-            if self.tooManyLoginFailures():
+            if self.tooManyLoginFailures(add):
                 raise interfaces.TooManyLoginFailures(self)
 
         if same and self.failedAttempts != 0:
@@ -106,10 +108,17 @@
 
         return same
 
-    def tooManyLoginFailures(self):
+    def tooManyLoginFailures(self, add = 0):
         attempts = self._maxFailedAttempts()
-        if attempts is not None and self.failedAttempts > attempts:
-            return True
+        #this one needs to be >=, because... data just does not
+        #get saved on an exception when running under of a full Zope env.
+        #the dance around ``add`` has the same roots
+        #we need to be able to increase the failedAttempts count and not raise
+        #at the same time
+        if attempts is not None:
+            attempts += add
+            if self.failedAttempts >= attempts:
+                return True
         return False
 
     def passwordExpiresOn(self):

More information about the Checkins mailing list