Giovannetti, Mark wrote:
From: Dmitry Vasiliev [mailto:[EMAIL PROTECTED]
Slices doesn't wrap around.
Right, this was what I was seeing/thinking about:
for i in range(41): print i, "'" + "password"[:i-40] + "'"
[skip]
Can't really call it wrap around, I guess.
Anyway:
def checkPassword(self, storedPassword, password):
salt = storedPassword[:max(0, len(storedPassword)-40)]
return storedPassword == self.encodePassword(password, salt)
With Python you can do things as simply as possible. :-) The
expression
storedPassword[:-40] (which is equivalent to
storedPassword[:len(storedPassword)-40]) does exactly what you want:
>>> "password"[:-40]
''
Keeping it simple is often the best way. Given the above, in order
to ensure a blank salt with a password less than 40 characters,
keeping it simple may not suffice.
I think in the example above you're testing for wrong use case since we
use constant slice index, the following example explains what I mean:
>>> hash = "123456789"
>>> while hash:
... print (hash[:-4], hash[-4:])
... hash = hash[1:]
...
('12345', '6789')
('2345', '6789')
('345', '6789')
('45', '6789')
('5', '6789')
('', '6789')
('', '789')
('', '89')
('', '9')
--
Dmitry Vasiliev <dima at hlabs.spb.ru>
http://hlabs.spb.ru
_______________________________________________
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com
