diff --git a/nipap/nipap-passwd b/nipap/nipap-passwd index d5cfd9a42..c12b03b35 100755 --- a/nipap/nipap-passwd +++ b/nipap/nipap-passwd @@ -80,7 +80,7 @@ if __name__ == '__main__': print "The user %s does not exist" % args.user sys.exit(2) af = nipap.authlib.AuthFactory() - auth = af.get_auth(options.username, options.password, "nipap", {}) + auth = af.get_auth(args.user, args.password, "nipap", {}) if not auth.authenticate(): print "The password seems to be wrong" sys.exit(2) diff --git a/nipap/nipap/authlib.py b/nipap/nipap/authlib.py index 50d90bf4d..9efa6b03d 100644 --- a/nipap/nipap/authlib.py +++ b/nipap/nipap/authlib.py @@ -669,6 +669,13 @@ def modify_user(self, username, data): Since username is used as primary key and we only have a single argument for it we can't modify the username right now. """ + if 'password' in data: + # generate salt + char_set = string.ascii_letters + string.digits + data['pwd_salt'] = ''.join(random.choice(char_set) for x in range(8)) + data['pwd_hash'] = self._gen_hash(data['password'], data['pwd_salt']) + del(data['password']) + sql = "UPDATE user SET " sql += ', '.join("%s = ?" % k for k in sorted(data)) sql += " WHERE username = ?"