Merge pull request 'implement sha256 hashing of password for security reason' (#7) from romaingu/2024-heraklion-git:hash_pwd into main
Reviewed-on: #7
This commit is contained in:
commit
4f77cc464f
19
auth.py
19
auth.py
|
@ -1,19 +1,20 @@
|
||||||
import json
|
import json
|
||||||
import sys
|
import sys
|
||||||
from getpass import getpass
|
from getpass import getpass
|
||||||
|
from hashlib import sha256
|
||||||
|
|
||||||
PWDB_PATH = 'pwdb.json'
|
PWDB_PATH = 'pwdb.json'
|
||||||
|
|
||||||
def get_credentials():
|
def get_credentials():
|
||||||
username = input('Enter your username: ')
|
username = input('Enter your username: ')
|
||||||
password = getpass('Enter your password: ')
|
hashed_password = pwhash(getpass('Enter your password: '))
|
||||||
return (username, password)
|
return (username, hashed_password)
|
||||||
|
|
||||||
def authenticate(username, password, pwdb):
|
def authenticate(username, hashed_password, pwdb):
|
||||||
return password == pwdb[username]
|
return hashed_password == pwdb[username]
|
||||||
|
|
||||||
def add_user(username, pwdb):
|
def add_user(username, pwdb):
|
||||||
pwdb[username] = input(f'Enter password for {username}: ')
|
pwdb[username] = pwhash(input(f'Enter password for {username}: '))
|
||||||
return pwdb
|
return pwdb
|
||||||
|
|
||||||
def read_pwdb(PWDB_PATH):
|
def read_pwdb(PWDB_PATH):
|
||||||
|
@ -29,6 +30,14 @@ def write_pwdb(pwdb, PWDB_PATH):
|
||||||
json.dump(pwdb, pwdb_file)
|
json.dump(pwdb, pwdb_file)
|
||||||
|
|
||||||
|
|
||||||
|
def pwhash(pwd):
|
||||||
|
encoded_pwd = pwd.encode("utf-8")
|
||||||
|
m = sha256()
|
||||||
|
m.update(encoded_pwd)
|
||||||
|
return m.hexdigest()
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
PWDB_PATH = 'pwdb.json'
|
PWDB_PATH = 'pwdb.json'
|
||||||
pwdb = read_pwdb(PWDB_PATH)
|
pwdb = read_pwdb(PWDB_PATH)
|
||||||
|
|
Loading…
Reference in a new issue