Permalink
Browse files

Merge pull request #1579 from Toniob/password_scheme

Password scheme update at login
  • Loading branch information...
tonioo committed Oct 9, 2018
2 parents cc26b4b + b88f5d9 commit 130190097de18c5eb9018972b69c7ffce3445921
Showing with 8,572 additions and 7,233 deletions.
  1. +326 −252 modoboa/admin/locale/cs_CZ/LC_MESSAGES/django.po
  2. +236 −218 modoboa/admin/locale/de/LC_MESSAGES/django.po
  3. +236 −218 modoboa/admin/locale/el_GR/LC_MESSAGES/django.po
  4. +236 −218 modoboa/admin/locale/en/LC_MESSAGES/django.po
  5. +236 −218 modoboa/admin/locale/es/LC_MESSAGES/django.po
  6. +245 −221 modoboa/admin/locale/fr/LC_MESSAGES/django.po
  7. +236 −218 modoboa/admin/locale/it/LC_MESSAGES/django.po
  8. +236 −218 modoboa/admin/locale/ja_JP/LC_MESSAGES/django.po
  9. +236 −218 modoboa/admin/locale/nl_NL/LC_MESSAGES/django.po
  10. +236 −218 modoboa/admin/locale/pl_PL/LC_MESSAGES/django.po
  11. +345 −259 modoboa/admin/locale/pt_BR/LC_MESSAGES/django.po
  12. +236 −218 modoboa/admin/locale/pt_PT/LC_MESSAGES/django.po
  13. +357 −263 modoboa/admin/locale/ro_RO/LC_MESSAGES/django.po
  14. +236 −218 modoboa/admin/locale/ru/LC_MESSAGES/django.po
  15. +323 −251 modoboa/admin/locale/sv/LC_MESSAGES/django.po
  16. +279 −240 modoboa/admin/locale/zh_TW/LC_MESSAGES/django.po
  17. +8 −0 modoboa/core/app_settings.py
  18. +34 −0 modoboa/core/tests/test_authentication.py
  19. +1 −0 modoboa/core/tests/test_views.py
  20. +20 −0 modoboa/core/views/auth.py
  21. +44 −44 modoboa/limits/locale/cs_CZ/LC_MESSAGES/django.po
  22. +44 −44 modoboa/limits/locale/de/LC_MESSAGES/django.po
  23. +44 −44 modoboa/limits/locale/el_GR/LC_MESSAGES/django.po
  24. +44 −44 modoboa/limits/locale/en/LC_MESSAGES/django.po
  25. +44 −44 modoboa/limits/locale/es/LC_MESSAGES/django.po
  26. +44 −44 modoboa/limits/locale/fr/LC_MESSAGES/django.po
  27. +44 −44 modoboa/limits/locale/it/LC_MESSAGES/django.po
  28. +44 −44 modoboa/limits/locale/ja_JP/LC_MESSAGES/django.po
  29. +44 −44 modoboa/limits/locale/nl_NL/LC_MESSAGES/django.po
  30. +44 −44 modoboa/limits/locale/pl_PL/LC_MESSAGES/django.po
  31. +44 −44 modoboa/limits/locale/pt_BR/LC_MESSAGES/django.po
  32. +44 −44 modoboa/limits/locale/pt_PT/LC_MESSAGES/django.po
  33. +99 −69 modoboa/limits/locale/ro_RO/LC_MESSAGES/django.po
  34. +44 −44 modoboa/limits/locale/ru/LC_MESSAGES/django.po
  35. +44 −44 modoboa/limits/locale/sv/LC_MESSAGES/django.po
  36. +54 −53 modoboa/limits/locale/zh_TW/LC_MESSAGES/django.po
  37. +248 −191 modoboa/locale/cs_CZ/LC_MESSAGES/django.po
  38. +173 −157 modoboa/locale/de/LC_MESSAGES/django.po
  39. +174 −158 modoboa/locale/el_GR/LC_MESSAGES/django.po
  40. +160 −155 modoboa/locale/en/LC_MESSAGES/django.po
  41. +173 −157 modoboa/locale/es/LC_MESSAGES/django.po
  42. +175 −158 modoboa/locale/fr/LC_MESSAGES/django.po
  43. +173 −157 modoboa/locale/it/LC_MESSAGES/django.po
  44. +173 −157 modoboa/locale/ja_JP/LC_MESSAGES/django.po
  45. +173 −157 modoboa/locale/nl_NL/LC_MESSAGES/django.po
  46. +173 −157 modoboa/locale/pl_PL/LC_MESSAGES/django.po
  47. +220 −182 modoboa/locale/pt_BR/LC_MESSAGES/django.po
  48. +173 −157 modoboa/locale/pt_PT/LC_MESSAGES/django.po
  49. +262 −196 modoboa/locale/ro_RO/LC_MESSAGES/django.po
  50. +173 −157 modoboa/locale/ru/LC_MESSAGES/django.po
  51. +173 −157 modoboa/locale/sv/LC_MESSAGES/django.po
  52. +187 −171 modoboa/locale/zh_TW/LC_MESSAGES/django.po
  53. +8 −8 modoboa/relaydomains/locale/cs_CZ/LC_MESSAGES/django.po
  54. +8 −8 modoboa/relaydomains/locale/de/LC_MESSAGES/django.po
  55. +8 −8 modoboa/relaydomains/locale/el_GR/LC_MESSAGES/django.po
  56. +8 −8 modoboa/relaydomains/locale/en/LC_MESSAGES/django.po
  57. +8 −8 modoboa/relaydomains/locale/es/LC_MESSAGES/django.po
  58. +8 −8 modoboa/relaydomains/locale/fr/LC_MESSAGES/django.po
  59. +8 −8 modoboa/relaydomains/locale/it/LC_MESSAGES/django.po
  60. +8 −8 modoboa/relaydomains/locale/ja_JP/LC_MESSAGES/django.po
  61. +8 −8 modoboa/relaydomains/locale/nl_NL/LC_MESSAGES/django.po
  62. +8 −8 modoboa/relaydomains/locale/pl_PL/LC_MESSAGES/django.po
  63. +12 −11 modoboa/relaydomains/locale/pt_BR/LC_MESSAGES/django.po
  64. +8 −8 modoboa/relaydomains/locale/pt_PT/LC_MESSAGES/django.po
  65. +14 −12 modoboa/relaydomains/locale/ro_RO/LC_MESSAGES/django.po
  66. +8 −8 modoboa/relaydomains/locale/ru/LC_MESSAGES/django.po
  67. +12 −11 modoboa/relaydomains/locale/sv/LC_MESSAGES/django.po
  68. +12 −11 modoboa/relaydomains/locale/zh_TW/LC_MESSAGES/django.po
  69. +12 −10 modoboa/transport/locale/cs_CZ/LC_MESSAGES/django.po
  70. +38 −0 modoboa/transport/locale/de/LC_MESSAGES/django.po
  71. +38 −0 modoboa/transport/locale/el_GR/LC_MESSAGES/django.po
  72. +6 −6 modoboa/transport/locale/en/LC_MESSAGES/django.po
  73. +38 −0 modoboa/transport/locale/es/LC_MESSAGES/django.po
  74. +6 −6 modoboa/transport/locale/fr/LC_MESSAGES/django.po
  75. +38 −0 modoboa/transport/locale/it/LC_MESSAGES/django.po
  76. +38 −0 modoboa/transport/locale/ja_JP/LC_MESSAGES/django.po
  77. +38 −0 modoboa/transport/locale/nl_NL/LC_MESSAGES/django.po
  78. +6 −6 modoboa/transport/locale/pl_PL/LC_MESSAGES/django.po
  79. +10 −9 modoboa/transport/locale/pt_BR/LC_MESSAGES/django.po
  80. +38 −0 modoboa/transport/locale/pt_PT/LC_MESSAGES/django.po
  81. +12 −10 modoboa/transport/locale/ro_RO/LC_MESSAGES/django.po
  82. +40 −0 modoboa/transport/locale/ru/LC_MESSAGES/django.po
  83. +8 −8 modoboa/transport/locale/sv/LC_MESSAGES/django.po
  84. +10 −9 modoboa/transport/locale/zh_TW/LC_MESSAGES/django.po

Large diffs are not rendered by default.

Oops, something went wrong.

Large diffs are not rendered by default.

Oops, something went wrong.

Large diffs are not rendered by default.

Oops, something went wrong.

Large diffs are not rendered by default.

Oops, something went wrong.

Large diffs are not rendered by default.

Oops, something went wrong.

Large diffs are not rendered by default.

Oops, something went wrong.

Large diffs are not rendered by default.

Oops, something went wrong.

Large diffs are not rendered by default.

Oops, something went wrong.

Large diffs are not rendered by default.

Oops, something went wrong.

Large diffs are not rendered by default.

Oops, something went wrong.

Large diffs are not rendered by default.

Oops, something went wrong.

Large diffs are not rendered by default.

Oops, something went wrong.

Large diffs are not rendered by default.

Oops, something went wrong.

Large diffs are not rendered by default.

Oops, something went wrong.

Large diffs are not rendered by default.

Oops, something went wrong.

Large diffs are not rendered by default.

Oops, something went wrong.
@@ -68,6 +68,14 @@ class GeneralParametersForm(param_forms.AdminParametersForm):
widget=forms.TextInput(attrs={"class": "form-control"})
)
update_scheme = YesNoField(
label=ugettext_lazy("Update password scheme at login"),
initial=True,
help_text=ugettext_lazy(
"Update user password at login to use the default password scheme"
)
)
default_password = forms.CharField(
label=ugettext_lazy("Default password"),
initial="password",
@@ -11,6 +11,7 @@
from django.test import override_settings
from django.urls import reverse
from modoboa.core.password_hashers import get_password_hasher
from modoboa.lib.tests import NO_SMTP, ModoTestCase
from .. import factories, models
@@ -67,6 +68,39 @@ def test_open_redirect(self):
self.assertEqual(response.status_code, 302)
self.assertTrue(response.url.endswith(reverse("core:dashboard")))
def test_password_scheme(self):
"""Validate password scheme changes."""
username = "user@test.com"
password = "toto"
data = {"username": username, "password": password}
user = models.User.objects.get(username=username)
pw_hash = get_password_hasher('fallback_scheme')()
self.client.logout()
self.set_global_parameter("password_scheme", "sha512crypt")
self.client.post(reverse("core:login"), data)
user.refresh_from_db()
self.assertTrue(user.password.startswith("{SHA512-CRYPT}"))
self.client.logout()
self.set_global_parameter("password_scheme", "sha256")
self.client.post(reverse("core:login"), data)
user.refresh_from_db()
self.assertTrue(user.password.startswith("{SHA256}"))
self.client.logout()
self.set_global_parameter("password_scheme", "fallback_scheme")
self.client.post(reverse("core:login"), data)
user.refresh_from_db()
self.assertTrue(user.password.startswith(pw_hash.scheme))
self.client.logout()
self.set_global_parameter("password_scheme", "sha256crypt")
self.set_global_parameter("update_scheme", False)
self.client.post(reverse("core:login"), data)
user.refresh_from_db()
self.assertTrue(user.password.startswith(pw_hash.scheme))
class PasswordResetTestCase(ModoTestCase):
"""Test password reset service."""
@@ -36,6 +36,7 @@
"csrfmiddlewaretoken": "SGgMVZsA4TPqoiV786TMST6xgOlhAf4F",
"limits-deflt_user_mailboxes_limit": "0",
"core-password_scheme": "sha512crypt",
"core-update_scheme": True,
"core-items_per_page": "30",
"limits-deflt_user_mailbox_aliases_limit": "0",
"limits-deflt_domain_mailboxes_limit": "0",
View
@@ -17,6 +17,8 @@
from django.views.decorators.cache import never_cache
from modoboa.core import forms
from modoboa.core.password_hashers import get_password_hasher
from modoboa.parameters import tools as param_tools
from .. import signals
from .base import find_nextlocation
@@ -33,6 +35,24 @@ def dologin(request):
user = authenticate(username=form.cleaned_data["username"],
password=form.cleaned_data["password"])
if user and user.is_active:
if param_tools.get_global_parameter("update_scheme",
raise_exception=False):
# check if password scheme is correct
scheme = param_tools.get_global_parameter(
"password_scheme", raise_exception=False)
# use SHA512CRYPT as default fallback
if scheme is None:
pwhash = get_password_hasher('sha512crypt')()
else:
pwhash = get_password_hasher(scheme)()
if not user.password.startswith(pwhash.scheme):
logging.info(
_("Password scheme mismatch. Updating %s password"),
user.username
)
user.set_password(form.cleaned_data["password"])
user.save()
login(request, user)
if not form.cleaned_data["rememberme"]:
request.session.set_expiry(0)
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: Modoboa\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2018-01-25 09:09+0100\n"
"POT-Creation-Date: 2018-10-05 16:08+0200\n"
"PO-Revision-Date: 2015-01-06 10:05+0000\n"
"Last-Translator: Miroslav Abrahám <miris@kunago.com>\n"
"Language-Team: Czech (Czech Republic) (http://www.transifex.com/projects/p/"
@@ -19,26 +19,26 @@ msgstr ""
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;\n"
#: limits/app_settings.py:17
#: limits/app_settings.py:19
#, fuzzy
#| msgid "Default limits"
msgid "Default per-admin limits"
msgstr "Výchozí omezení"
#: limits/app_settings.py:20
#: limits/app_settings.py:22
msgid "Enable per-admin limits"
msgstr ""
#: limits/app_settings.py:22
#: limits/app_settings.py:24
msgid "Enable or disable per-admin limits"
msgstr ""
#: limits/app_settings.py:26 limits/app_settings.py:97 limits/constants.py:27
#: limits/constants.py:57
#: limits/app_settings.py:28 limits/app_settings.py:99 limits/constants.py:28
#: limits/constants.py:58
msgid "Domain admins"
msgstr "Správci domén"
#: limits/app_settings.py:29
#: limits/app_settings.py:31
#, fuzzy
#| msgid ""
#| "Maximum number of allowed domain administrators for a new administrator"
@@ -47,82 +47,82 @@ msgid ""
"to deny any creation, -1 to allow unlimited creations)"
msgstr "Maximální povolený počet správců domény (nastavení nového správce)"
#: limits/app_settings.py:37 limits/constants.py:12
#: limits/app_settings.py:39 limits/constants.py:13
msgid "Domains"
msgstr "Domény"
#: limits/app_settings.py:40
#: limits/app_settings.py:42
#, fuzzy
#| msgid "Maximum number of allowed domains for a new administrator"
msgid ""
"Maximum number of allowed domains for a new administrator. (0 to deny any "
"creation, -1 to allow unlimited creations)"
msgstr "Maximální povolený počet domén (nastavení nového správce)"
#: limits/app_settings.py:47 limits/app_settings.py:108 limits/constants.py:16
#: limits/constants.py:44
#: limits/app_settings.py:49 limits/app_settings.py:110 limits/constants.py:17
#: limits/constants.py:45
msgid "Domain aliases"
msgstr "Doménové aliasy"
#: limits/app_settings.py:50
#: limits/app_settings.py:52
#, fuzzy
#| msgid "Maximum number of allowed domain aliases for a new administrator"
msgid ""
"Maximum number of allowed domain aliases for a new administrator. (0 to deny "
"any creation, -1 to allow unlimited creations)"
msgstr "Maximální povolený počet doménových aliasů (nastavení nového správce)"
#: limits/app_settings.py:58 limits/app_settings.py:119 limits/constants.py:20
#: limits/constants.py:48
#: limits/app_settings.py:60 limits/app_settings.py:121 limits/constants.py:21
#: limits/constants.py:49
msgid "Mailboxes"
msgstr "Schránky"
#: limits/app_settings.py:61
#: limits/app_settings.py:63
#, fuzzy
#| msgid "Maximum number of allowed mailboxes for a new administrator"
msgid ""
"Maximum number of allowed mailboxes for a new administrator. (0 to deny any "
"creation, -1 to allow unlimited creations)"
msgstr "Maximální povolený počet schránek (nastavení nového správce)"
#: limits/app_settings.py:68 limits/app_settings.py:129 limits/constants.py:23
#: limits/constants.py:51
#: limits/app_settings.py:70 limits/app_settings.py:131 limits/constants.py:24
#: limits/constants.py:52
msgid "Mailbox aliases"
msgstr "Aliasy schránek"
#: limits/app_settings.py:71
#: limits/app_settings.py:73
#, fuzzy
#| msgid "Maximum number of allowed aliases for a new administrator"
msgid ""
"Maximum number of allowed aliases for a new administrator. (0 to deny any "
"creation, -1 to allow unlimited creations)"
msgstr "Maximální povolený počet aliasů (nastavení nového správce)"
#: limits/app_settings.py:78 limits/constants.py:33
#: limits/app_settings.py:80 limits/constants.py:34
msgid "Quota"
msgstr ""
#: limits/app_settings.py:81
#: limits/app_settings.py:83
msgid ""
"The quota a reseller will be allowed to share between the domains he "
"creates. (0 means no quota)"
msgstr ""
#: limits/app_settings.py:88
#: limits/app_settings.py:90
#, fuzzy
#| msgid "Default limits"
msgid "Default per-domain limits"
msgstr "Výchozí omezení"
#: limits/app_settings.py:91
#: limits/app_settings.py:93
msgid "Enable per-domain limits"
msgstr ""
#: limits/app_settings.py:93
#: limits/app_settings.py:95
msgid "Enable or disable per-domain limits"
msgstr ""
#: limits/app_settings.py:100
#: limits/app_settings.py:102
#, fuzzy
#| msgid ""
#| "Maximum number of allowed domain administrators for a new administrator"
@@ -131,112 +131,112 @@ msgid ""
"any creation, -1 to allow unlimited creations)"
msgstr "Maximální povolený počet správců domény (nastavení nového správce)"
#: limits/app_settings.py:111
#: limits/app_settings.py:113
#, fuzzy
#| msgid "Maximum number of allowed domain aliases for a new administrator"
msgid ""
"Maximum number of allowed domain aliases for a new domain. (0 to deny any "
"creation, -1 to allow unlimited creations)"
msgstr "Maximální povolený počet doménových aliasů (nastavení nového správce)"
#: limits/app_settings.py:122
#: limits/app_settings.py:124
#, fuzzy
#| msgid "Maximum number of allowed mailboxes for a new administrator"
msgid ""
"Maximum number of allowed mailboxes for a new domain. (0 to deny any "
"creation, -1 to allow unlimited creations)"
msgstr "Maximální povolený počet schránek (nastavení nového správce)"
#: limits/app_settings.py:132
#: limits/app_settings.py:134
#, fuzzy
#| msgid "Maximum number of allowed aliases for a new administrator"
msgid ""
"Maximum number of allowed aliases for a new domain. (0 to deny any creation, "
"-1 to allow unlimited creations)"
msgstr "Maximální povolený počet aliasů (nastavení nového správce)"
#: limits/apps.py:14
#: limits/apps.py:16
msgid "Limits"
msgstr "Omezení"
#: limits/constants.py:13
#: limits/constants.py:14
msgid "Maximum number of domains this user can create"
msgstr "Maximální povolený počet domén, které může tento uživatel vytvořit"
#: limits/constants.py:17
#: limits/constants.py:18
msgid "Maximum number of domain aliases this user can create"
msgstr ""
"Maximální povolený počet doménových aliasů, které může tento uživatel "
"vytvořit"
#: limits/constants.py:21
#: limits/constants.py:22
msgid "Maximum number of mailboxes this user can create"
msgstr "Maximální povolený počet schránek, které může tento uživatel vytvořit"
#: limits/constants.py:24
#: limits/constants.py:25
msgid "Maximum number of mailbox aliases this user can create"
msgstr ""
"Maximální povolený počet aliasů chránek, které může tento uživatel vytvořit"
#: limits/constants.py:28
#: limits/constants.py:29
msgid "Maximum number of domain administrators this user can create"
msgstr ""
"Maximální povolený počet správců domény, které může tento uživatel vytvořit"
#: limits/constants.py:34
#: limits/constants.py:35
msgid "Quota shared between domains of this reseller"
msgstr ""
#: limits/constants.py:45
#: limits/constants.py:46
#, fuzzy
#| msgid "Maximum number of domain aliases this user can create"
msgid "Maximum number of domain aliases allowed for this domain."
msgstr ""
"Maximální povolený počet doménových aliasů, které může tento uživatel "
"vytvořit"
#: limits/constants.py:49
#: limits/constants.py:50
#, fuzzy
#| msgid "Maximum number of mailboxes this user can create"
msgid "Maximum number of mailboxes allowed for this domain."
msgstr "Maximální povolený počet schránek, které může tento uživatel vytvořit"
#: limits/constants.py:53
#: limits/constants.py:54
#, fuzzy
#| msgid "Maximum number of mailbox aliases this user can create"
msgid "Maximum number of mailbox aliases allowed for this domain."
msgstr ""
"Maximální povolený počet aliasů chránek, které může tento uživatel vytvořit"
#: limits/constants.py:58
#: limits/constants.py:59
#, fuzzy
#| msgid "Maximum number of domain administrators this user can create"
msgid "Maximum number of domain admins allowed for this domain."
msgstr ""
"Maximální povolený počet správců domény, které může tento uživatel vytvořit"
#: limits/forms.py:43 limits/forms.py:92
#: limits/forms.py:42 limits/forms.py:91
msgid "Invalid limit"
msgstr "Neplatné omezení"
#: limits/handlers.py:127 limits/handlers.py:163
#: limits/handlers.py:121 limits/handlers.py:157
msgid "Resources"
msgstr "Zdroje"
#: limits/lib.py:22
#: limits/lib.py:23
#, python-format
msgid "%s: limit reached"
msgstr "%s: limit byl dosažen"
#: limits/lib.py:32
#: limits/lib.py:33
msgid "Not enough resources"
msgstr "Nedostatek zdrojů"
#: limits/lib.py:50 limits/models.py:54
#: limits/lib.py:51 limits/models.py:52
msgid "You're not allowed to define unlimited values"
msgstr "Nemáte oprávnění nastavovat neomezené hodnoty"
#: limits/models.py:64 limits/models.py:129
#: limits/models.py:62 limits/models.py:127
msgid "unlimited"
msgstr "neomezeno"
Oops, something went wrong.

0 comments on commit 1301900

Please sign in to comment.