a fWct7@sxdZddlZeeZddlZddlmZdgZddZ ddl m Z m Z m Z e e GdddeZGd d d eZdS) z1passlib.ifc - abstract interfaces used by PasslibN)deprecated_method PasswordHashcsfdd}|S)z5class decorator that re-creates class using metaclasscs&t|ur|S|j|j|jS)N)type__name__ __bases____dict__copy)clsmeta//usr/lib/python3.9/site-packages/passlib/ifc.pybuilders z(recreate_with_metaclass..builderr )r rr r r recreate_with_metaclasss r)ABCMetaabstractmethodabstractpropertyc@seZdZdZdZdZdZdZee ddZ e ddd d ed d Z ee d dZ ee dddZedddZee ddZe dddeddZe dddeddZdZdS)rzThis class describes an abstract interface which all password hashes in Passlib adhere to. Under Python 2.6 and up, this is an actual Abstract Base Class built using the :mod:`!abc` module. See the Passlib docs for full documentation. FNTcKs tddS)a Hash secret, returning result. Should handle generating salt, etc, and should return string containing identifier, salt & other configuration, as well as digest. :param \\*\\*settings_kwds: Pass in settings to customize configuration of resulting hash. .. deprecated:: 1.7 Starting with Passlib 1.7, callers should no longer pass settings keywords (e.g. ``rounds`` or ``salt`` directly to :meth:`!hash`); should use ``.using(**settings).hash(secret)`` construction instead. Support will be removed in Passlib 2.0. :param \\*\\*context_kwds: Specific algorithms may require context-specific information (such as the user login). must be implemented by subclassNNotImplementedError)r secretZsetting_and_context_kwdsr r r hashrszPasswordHash.hashz1.7z2.0z.hash()) deprecatedremovedZ replacementcOs|j|i|S)a Legacy alias for :meth:`hash`. .. deprecated:: 1.7 This method was renamed to :meth:`!hash` in version 1.7. This alias will be removed in version 2.0, and should only be used for compatibility with Passlib 1.3 - 1.6. r)r argskwdsr r r encrypts zPasswordHash.encryptcKs tddS)z.verify secret against hash, returns True/FalserNr)r rr context_kwdsr r r verifyszPasswordHash.verifycKs tddS)a Return another hasher object (typically a subclass of the current one), which integrates the configuration options specified by ``kwds``. This should *always* return a new object, even if no configuration options are changed. .. todo:: document which options are accepted. :returns: typically returns a subclass for most hasher implementations. .. todo:: add this method to main documentation. rNr)r Zrelaxedrr r r usingszPasswordHash.usingcCsdS)a check if hash's configuration is outside desired bounds, or contains some other internal option which requires updating the password hash. :param hash: hash string to examine :param secret: optional secret known to have verified against the provided hash. (this is used by some hashes to detect legacy algorithm mistakes). :return: whether secret needs re-hashing. .. versionadded:: 1.7 Fr )r rrr r r needs_updateszPasswordHash.needs_updatecCs tddS)z8check if hash belongs to this scheme, returns True/FalserNrr rr r r identifyszPasswordHash.identify)rrcKs$|jrtd|jfi|dS)a compile settings into a configuration string for genhash() .. deprecated:: 1.7 As of 1.7, this method is deprecated, and slated for complete removal in Passlib 2.0. For all known real-world uses, hashing a constant string should provide equivalent functionality. This deprecation may be reversed if a use-case presents itself in the mean time. r)rrr r)r Z setting_kwdsr r r genconfigszPasswordHash.genconfigcKs tddS)a1 generated hash for secret, using settings from config/hash string .. deprecated:: 1.7 As of 1.7, this method is deprecated, and slated for complete removal in Passlib 2.0. This deprecation may be reversed if a use-case presents itself in the mean time. rNr)r rZconfigcontextr r r genhashs zPasswordHash.genhash)F)N)r __module__ __qualname____doc__ is_disabledZ truncate_sizeZtruncate_errorZtruncate_verify_reject classmethodrrrrrr r!r#r%r'rr r r r r%s:            c@s.eZdZdZdZedddZeddZdS) DisabledHashzR extended disabled-hash methods; only need be present if .disabled = True TNcCs |dS)z return string representing a 'disabled' hash; optionally including previously enabled hash (this is up to the individual scheme). r$rr"r r r disableKszDisabledHash.disablecCs tddS)z given a disabled-hash string, extract previously-enabled hash if one is present, otherwise raises ValueError zcannot restore original hashN) ValueErrorr"r r r enableUszDisabledHash.enable)N)rr(r)r*r+r,r.r0r r r r r-Ds  r-)r*ZloggingZ getLoggerrlogsysZpasslib.utils.decorr__all__rabcrrrobjectrr-r r r r s