From e18c287d9290f454d5265fc24229d657c2223b3a Mon Sep 17 00:00:00 2001
From: ASPP Student <student@localhost>
Date: Mon, 26 Aug 2024 15:48:08 +0300
Subject: [PATCH] implement prevention of password leak when adding new user

---
 auth.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/auth.py b/auth.py
index fad77c5..7029239 100644
--- a/auth.py
+++ b/auth.py
@@ -14,7 +14,7 @@ def authenticate(username, hashed_password, pwdb):
     return hashed_password == pwdb[username]
 
 def add_user(username, pwdb):
-    pwdb[username] = pwhash(input(f'Enter password for {username}: '))
+    pwdb[username] = pwhash(getpass(f'Enter password for {username}: '))
     return pwdb
 
 def read_pwdb(PWDB_PATH):
-- 
2.39.5