Users running a non-download version of Vanilla (pulled from github), on branch release/2019.016 or master from the last 2 weeks should upgrade to release/2019.017 or latest master for security reasons. Downloaded official open sources releases are not affected.
Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.

Sharing authentication data with python

edited June 2009 in Vanilla 1.0 Help
I'd like to start deploying vanilla on some of my domains, however I would like to share authentication information with zope/python. I have an authentication tool for zope which will use the mySQL data. But it appears that the encryption schema is different. Does anyone have a code snippet (or pseudo code) for python to emulate the php encryption that is used in vanilla? Or, even a few hints would be great. Thanks!

Comments

  • We use phpass: http://www.openwall.com/phpass/ Their is a python module of it. I haven't tested it.
  • Thanks! That got me on the right track. Where does the password_hash come from? is this "VerificationKey" in the database, or is this being generated in code elsewhere? From the python port: def cryptPassword(self, passwd, passwd_hash, hash_prefix='$P$'): ''' Hash password, using same salt and number of iterations as in passwd_hash. This is useful when you want to check password match. In this case you pass your raw password and password hash to this function and then compare its return value with password hash again:
  • Any clues on where to find or create the "password_hash"? I'm pretty close to having this work, and I'd be happy to share my code once it's working. TIA
Sign In or Register to comment.