pypi / tools / upgradepw.py

#!/usr/bin/python
import base64
import os
import sys

# Workaround current bug in docutils:
# http://permalink.gmane.org/gmane.text.docutils.devel/6324
import docutils.utils


root = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
sys.path.append(root)

import config
import store
import passlib.registry

bcrypt = passlib.registry.get_crypt_handler("bcrypt")
bcrypt_sha1 = passlib.registry.get_crypt_handler("bcrypt_sha1")

cfg = config.Config(os.path.join(root, "config.ini"))
st = store.Store(cfg)

print "Migrating passwords to bcrypt_sha1 from unsalted sha1....",

st.open()
for i, u in enumerate(st.get_users()):
    user = st.get_user(u['name'])
    # basic sanity check to allow it to run concurrent with users accessing
    if len(user['password']) == 40 and "$" not in user["password"]:
        # Hash the existing sha1 password with bcrypt
        bcrypted = bcrypt.encrypt(user["password"])

        # Base64 encode the bcrypted password so that it's just a blob of data
        encoded = base64.b64encode(bcrypted)

        st.setpasswd(user['name'], bcrypt_sha1._hash_prefix + encoded,
                hashed=True,
            )

    # Commit every 20 users
    if not i % 20:
        st.commit()
        st.open()

st.commit()
st.close()

print "[ok]"
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.