add salting to hash function #21
9
auth.py
9
auth.py
|
|
@ -7,14 +7,14 @@ PWDB_PATH = 'pwdb.json'
|
||||||
|
|
||||||
def get_credentials():
|
def get_credentials():
|
||||||
username = input('Enter your username: ')
|
username = input('Enter your username: ')
|
||||||
hashed_password = pwhash(getpass('Enter your password: '))
|
hashed_password = pwhash(username, getpass('Enter your password: '))
|
||||||
return (username, hashed_password)
|
return (username, hashed_password)
|
||||||
|
|
||||||
def authenticate(username, hashed_password, pwdb):
|
def authenticate(username, hashed_password, pwdb):
|
||||||
return hashed_password == pwdb[username]
|
return hashed_password == pwdb[username]
|
||||||
|
|
||||||
def add_user(username, pwdb):
|
def add_user(username, pwdb):
|
||||||
pwdb[username] = pwhash(getpass(f'Enter password for {username}: '))
|
pwdb[username] = pwhash(username, getpass(f'Enter password for {username}: '))
|
||||||
return pwdb
|
return pwdb
|
||||||
|
|
||||||
def read_pwdb(PWDB_PATH):
|
def read_pwdb(PWDB_PATH):
|
||||||
|
|
@ -30,9 +30,10 @@ def write_pwdb(pwdb, PWDB_PATH):
|
||||||
json.dump(pwdb, pwdb_file)
|
json.dump(pwdb, pwdb_file)
|
||||||
|
|
||||||
|
|
||||||
def pwhash(pwd):
|
def pwhash(username , pwd):
|
||||||
encoded_pwd = pwd.encode("utf-8")
|
encoded_pwd = pwd.encode("utf-8")
|
||||||
m = sha256()
|
encoded_usr = username.encode("utf-8")
|
||||||
|
m = sha256(encoded_usr) # salting with username
|
||||||
m.update(encoded_pwd)
|
m.update(encoded_pwd)
|
||||||
return m.hexdigest()
|
return m.hexdigest()
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue