[Checkins] SVN: zope.pluggableauth/trunk/ SessionCredentialsPlugin has a hook (_makeCredentials) that can be overriden

Marius Gedminas marius at pov.lt
Thu Dec 16 14:03:07 EST 2010 

Log message for revision 118971:
  SessionCredentialsPlugin has a hook (_makeCredentials) that can be overriden
  in subclasses to store the credentials in the session differently.
  
  For example, you could use keas.kmi and encrypt the passwords of the
  currently logged-in users so they don't appear in plain text in the ZODB.
  
  

Changed:
  U   zope.pluggableauth/trunk/CHANGES.txt
  U   zope.pluggableauth/trunk/src/zope/pluggableauth/plugins/session.py

-=-
Modified: zope.pluggableauth/trunk/CHANGES.txt
===================================================================
--- zope.pluggableauth/trunk/CHANGES.txt	2010-12-16 18:59:38 UTC (rev 118970)
+++ zope.pluggableauth/trunk/CHANGES.txt	2010-12-16 19:03:07 UTC (rev 118971)
@@ -5,9 +5,13 @@
 1.2 (unreleased)
 ----------------
 
-- Nothing changed yet.
+- SessionCredentialsPlugin has a hook (_makeCredentials) that can be overriden
+  in subclasses to store the credentials in the session differently.
 
+  For example, you could use keas.kmi and encrypt the passwords of the
+  currently logged-in users so they don't appear in plain text in the ZODB.
 
+
 1.1 (2010-10-18)
 ----------------
 

Modified: zope.pluggableauth/trunk/src/zope/pluggableauth/plugins/session.py
===================================================================
--- zope.pluggableauth/trunk/src/zope/pluggableauth/plugins/session.py	2010-12-16 18:59:38 UTC (rev 118970)
+++ zope.pluggableauth/trunk/src/zope/pluggableauth/plugins/session.py	2010-12-16 19:03:07 UTC (rev 118971)
@@ -213,7 +213,7 @@
         credentials = None
 
         if login and password:
-            credentials = SessionCredentials(login, password)
+            credentials = self._makeCredentials(login, password)
         elif not sessionData:
             return None
         sessionData = session[
@@ -227,6 +227,15 @@
         return {'login': credentials.getLogin(),
                 'password': credentials.getPassword()}
 
+    def _makeCredentials(self, login, password):
+        """Create an ISessionCredentials.
+
+        You can override this if you desire a different implementation, e.g.
+        one that encrypts the password, so it's not stored in plain text in
+        the ZODB.
+        """
+        return SessionCredentials(login, password)
+
     def challenge(self, request):
         """Challenges by redirecting to a login form.

More information about the checkins mailing list