How can I reuse raw user's password in django?

Question

As user logged in, he had provided his name and raw password which was hashed and compared with db's value.

def login(request):
    username = request.POST['username']
    password = request.POST['password']
    user = auth.authenticate(username=username, password=password)
    if user is not None and user.is_active:
        # user is active
        auth.login(request, user)
        # relink to right page
        return HttpResponseRedirect("/account/loggedin/")
    else:
        # error page
        return HttpResponseRedirect("/account/invalid/")

or I could just use:

@login_required
def index(request):
    if request.user.is_authenticated():
        return render_to_response('polls/index.html', {'sessionDic' : request.session})
    else:
        #some stuff

The problem is: once user logged in, the following requests comprises only cookies which are checked and user have no need to put his credentials again.

---

But, I need to have raw user's password in View in every method to log in to linux user and execute some linux program as this user. For exmaple the su program is used to switch the ritgh linux user:

def ssh_command (user, password, command):
    child = pexpect.spawn('su -l %s -c \'%s\'' % (user, command))
    i = child.expect([pexpect.TIMEOUT, pexpect.EOF, 'Password: '])
    if i == 0: # Timeout
        print 'ERROR!'
        print 'su can\'t be executed:'
        print child.before, child.after
        return None
    if i == 1: # EOF
        print 'ERROR'
        print 'EOF error'
        print child.before, child.after
        return None
    child.sendline(password)
    return child

def main ():
    user = 'test'
    password = 'test'
    child = ssh_command (user, password, 'curl habrahabr.ru | wc -c')
    child.expect(pexpect.EOF)
    print child.before
    print child.after
    print child.match

How can I store raw user's password and substitute it to required functions?

Answer 1

Here's another idea. Don't require password authentication for su. Instead use /etc/sudoers to allow your web server user to run things as other users. This way you can also restrict which commands can be run - does your current view protect against injecting stuff into the command line?

This way you don't need to keep users passwords, you just give one username (wwwuser) the privs it needs. Django has already decided who the user is from the login, so I don't think there's a problem in giving it enough privs to do something as that user.

Answer 2

You need access to the cleartext password. Ideally you would store that and regenerate the hash for authentication. You should store it encrypted with a site password, as well, for security. I have implemented this myself, but not for Django. You would have to re-write Django's authentication code to achieve that.

Answer 3

You could store it in the session data from the login view function. At least then it would die with the session. The other option, stashing it in a database field, would be horrendous if some hacker got DB access. At least if a hacker gets DB access with passwords in sessions they'd only get the plain text passwords of current sessions. Make sure you timeout sessions appropriately, or encourage your users to logout and remove session data on logout.