From 51dcacf423cb97eb78331deec4e883797c10b64b Mon Sep 17 00:00:00 2001
From: ASPP Student <student@localhost>
Date: Mon, 22 Sep 2025 16:11:55 +0300
Subject: [PATCH] added hashing for storing passwords

---
 minimal_auth.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/minimal_auth.py b/minimal_auth.py
index 9f535a7..1d3c834 100644
--- a/minimal_auth.py
+++ b/minimal_auth.py
@@ -1,6 +1,7 @@
 import getpass # hides types characters, very useful
 import json
 import sys
+from hashlib import sha256 # This library is used to create hashes out of the password
 
 def get_credentials():
     username = input('Enter your username: ')
@@ -8,10 +9,12 @@ def get_credentials():
     return (username, password)
 
 def authenticate(username, password, pwdb):
-    return password == pwdb[username]
+    password_hash = sha256(password.encode("utf-8")).hexdigest()
+    return password_hash == pwdb[username]
 
 def add_user(username, pwdb):
-    pwdb[username] = getpass.getpass(f'Enter password for {username}: ')
+    pwd = getpass.getpass(f'Enter password for {username}: ')
+    pwdb[username] = sha256(pwd.encode("utf-8")).hexdigest()
     return pwdb
 
 def read_pwdb(pwdb_path):
-- 
2.39.5