From e149ba772401cf1ebbeb53da5b52e477a466a344 Mon Sep 17 00:00:00 2001 From: ASPP Student Date: Mon, 22 Sep 2025 16:00:48 +0300 Subject: [PATCH 1/3] Use sha256 to encode passwords instead of plain text --- minimal_auth.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/minimal_auth.py b/minimal_auth.py index 9f535a7..5c317a6 100644 --- a/minimal_auth.py +++ b/minimal_auth.py @@ -1,17 +1,19 @@ import getpass # hides types characters, very useful import json import sys +import hashlib def get_credentials(): username = input('Enter your username: ') - password = getpass.getpass('Enter your password: ') + password = str(hashlib.sha256(getpass.getpass('Enter your password: ').encode()).hexdigest()) return (username, password) def authenticate(username, password, pwdb): return password == pwdb[username] def add_user(username, pwdb): - pwdb[username] = getpass.getpass(f'Enter password for {username}: ') + password = getpass.getpass(f'Enter password for {username}: ') + pwdb[username] = str(hashlib.sha256(password.encode()).hexdigest()) return pwdb def read_pwdb(pwdb_path): -- 2.39.5 From 9581753e99668eed7b3df0daa549857b7c1dbf2a Mon Sep 17 00:00:00 2001 From: ASPP Student Date: Mon, 22 Sep 2025 16:23:21 +0300 Subject: [PATCH 2/3] adds function to create salt for passwords. Salting process not yet implemented --- minimal_auth.py | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/minimal_auth.py b/minimal_auth.py index 5c317a6..04b11ce 100644 --- a/minimal_auth.py +++ b/minimal_auth.py @@ -2,6 +2,9 @@ import getpass # hides types characters, very useful import json import sys import hashlib +import random +import string + def get_credentials(): username = input('Enter your username: ') @@ -28,6 +31,19 @@ def write_pwdb(pwdb, pwdb_path): pwdb_file = open(pwdb_path, 'wt') json.dump(pwdb, pwdb_file) +def get_salt(char_num=10): + """Create random string of characters + + Parameters + ---------- + char_num: int. + Number of random characters to be created. + """ + + salt = ''.join(random.choices(string.ascii_uppercase + string.digits, k=char_num)) + + return salt + pwdb_path = 'pwdb.json' pwdb = read_pwdb(pwdb_path) -- 2.39.5 From cf7289cfcc50d57fdcb029a61775877e346a006c Mon Sep 17 00:00:00 2001 From: ASPP Student Date: Mon, 22 Sep 2025 16:44:11 +0300 Subject: [PATCH 3/3] Adds salting process to the password creation and authentification. Database now stores salt. --- minimal_auth.py | 64 ++++++++++++++++++++++++++++++------------------- 1 file changed, 40 insertions(+), 24 deletions(-) diff --git a/minimal_auth.py b/minimal_auth.py index 04b11ce..84211f6 100644 --- a/minimal_auth.py +++ b/minimal_auth.py @@ -6,30 +6,10 @@ import random import string -def get_credentials(): - username = input('Enter your username: ') - password = str(hashlib.sha256(getpass.getpass('Enter your password: ').encode()).hexdigest()) - return (username, password) - -def authenticate(username, password, pwdb): - return password == pwdb[username] - -def add_user(username, pwdb): - password = getpass.getpass(f'Enter password for {username}: ') - pwdb[username] = str(hashlib.sha256(password.encode()).hexdigest()) - return pwdb - -def read_pwdb(pwdb_path): - try: - pwdb_file = open(pwdb_path, 'rt') - pwdb = json.load(pwdb_file) - except Exception: - pwdb = {} - return pwdb - -def write_pwdb(pwdb, pwdb_path): - pwdb_file = open(pwdb_path, 'wt') - json.dump(pwdb, pwdb_file) +def get_hash(password,salt): + + hash_ = str(hashlib.sha256((password+salt).encode('utf-8')).hexdigest()) + return hash_ def get_salt(char_num=10): """Create random string of characters @@ -44,6 +24,42 @@ def get_salt(char_num=10): return salt +def create_hash(password): + + salt = get_salt(10) + + hash_ = str(hashlib.sha256((password+salt).encode('utf-8')).hexdigest()) + return hash_, salt + +def get_credentials(): + username = input('Enter your username: ') + password = getpass.getpass('Enter your password: ') + + return (username, password) + +def authenticate(username, password, pwdb): + salt = pwdb[username][1] + given_hash = get_hash(password, salt) + return given_hash == pwdb[username][0] + +def add_user(username, pwdb): + password = getpass.getpass(f'Enter password for {username}: ') + hash_, salt = create_hash(password) + pwdb[username] = (hash_, salt) + return pwdb + +def read_pwdb(pwdb_path): + try: + pwdb_file = open(pwdb_path, 'rt') + pwdb = json.load(pwdb_file) + except Exception: + pwdb = {} + return pwdb + +def write_pwdb(pwdb, pwdb_path): + pwdb_file = open(pwdb_path, 'wt') + json.dump(pwdb, pwdb_file) + pwdb_path = 'pwdb.json' pwdb = read_pwdb(pwdb_path) -- 2.39.5