|
Lines 125-131
def authenticate(self, username, password, **answers):
|
Link Here
|
|---|
|
|---|
| 125 |
PAM_PROMPT_ECHO_OFF: password, |
125 |
PAM_PROMPT_ECHO_OFF: password, |
| 126 |
}) |
126 |
}) |
| 127 |
missing = [] |
127 |
missing = [] |
| 128 |
self.start(username, (answers, [], missing)) |
128 |
prompts = [] |
|
|
129 |
self.start(username, (answers, prompts, missing)) |
| 129 |
|
130 |
|
| 130 |
try: |
131 |
try: |
| 131 |
self.pam.authenticate() |
132 |
self.pam.authenticate() |
|
Lines 139-144
def authenticate(self, username, password, **answers):
|
Link Here
|
|---|
|
|---|
| 139 |
if missing: |
140 |
if missing: |
| 140 |
message = _('Please insert your one time password (OTP).') |
141 |
message = _('Please insert your one time password (OTP).') |
| 141 |
raise AuthenticationInformationMissing(message, missing) |
142 |
raise AuthenticationInformationMissing(message, missing) |
|
|
143 |
if pam_err[1] == PAM_AUTH_ERR: # workaround for broken defer_pwchange in pam_krb5 + AD |
| 144 |
if any(x.strip(' :') in ('New password',) for x, y in prompts): |
| 145 |
raise PasswordExpired(self.error_message(PAMError('workaround', PAM_NEW_AUTHTOK_REQD))) |
| 142 |
raise AuthenticationFailed(self.error_message(pam_err)) |
146 |
raise AuthenticationFailed(self.error_message(pam_err)) |
| 143 |
|
147 |
|
| 144 |
def change_password(self, username, old_password, new_password): |
148 |
def change_password(self, username, old_password, new_password): |