From b2972a7e9870da13e7ffdb3abdceb270f617bff0 Mon Sep 17 00:00:00 2001 From: Stefan van der Walt Date: Fri, 18 Nov 2011 10:53:09 -0800 Subject: [PATCH] Integrate hashed passwords into the notebook. --- IPython/frontend/html/notebook/handlers.py | 4 +++- IPython/frontend/html/notebook/notebookapp.py | 11 ++++++++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/IPython/frontend/html/notebook/handlers.py b/IPython/frontend/html/notebook/handlers.py index 15d3561ae..d6c5b1912 100644 --- a/IPython/frontend/html/notebook/handlers.py +++ b/IPython/frontend/html/notebook/handlers.py @@ -28,6 +28,7 @@ from zmq.utils import jsonapi from IPython.external.decorator import decorator from IPython.zmq.session import Session +from IPython.lib.security import passwd_check try: from docutils.core import publish_string @@ -174,7 +175,8 @@ class LoginHandler(AuthenticatedHandler): def post(self): pwd = self.get_argument('password', default=u'') - if self.application.password and pwd == self.application.password: + if self.application.password and \ + passwd_check(self.application.password, pwd): self.set_secure_cookie('username', str(uuid.uuid4())) self.redirect(self.get_argument('next', default='/')) diff --git a/IPython/frontend/html/notebook/notebookapp.py b/IPython/frontend/html/notebook/notebookapp.py index 6c4926952..157e856b5 100644 --- a/IPython/frontend/html/notebook/notebookapp.py +++ b/IPython/frontend/html/notebook/notebookapp.py @@ -208,7 +208,16 @@ class NotebookApp(BaseIPythonApplication): ) password = Unicode(u'', config=True, - help="""Password to use for web authentication""" + help="""Hashed password to use for web authentication. + + To generate, do: + + from IPython.lib import passwd + + passwd('mypassphrase') + + The string should be of the form type:salt:hashed-password. + """ ) open_browser = Bool(True, config=True,