ASPP/2025-plovdiv-git
0
0
Fork 17
Code Issues 3 Pull requests 10 Projects Releases Packages Wiki Activity Actions

salting_fix #16

Open
julioro wants to merge 3 commits from julioro/2025-plovdiv-git:salting_fix into live_coding
pull from: julioro/2025-plovdiv-git:salting_fix
merge into: ASPP:live_coding
Conversation 1 Commits 3 Files changed 1 +40 -24
1 changed files with 40 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit cf7289cfcc - Show all commits

62
minimal_auth.py
View file

@ -6,30 +6,10 @@ import random
import string import string
def get_credentials(): def get_hash(password,salt):
username = input('Enter your username: ')
password = str(hashlib.sha256(getpass.getpass('Enter your password: ').encode()).hexdigest())
return (username, password)
def authenticate(username, password, pwdb): hash_ = str(hashlib.sha256((password+salt).encode('utf-8')).hexdigest())
return password == pwdb[username] return hash_
def add_user(username, pwdb):
password = getpass.getpass(f'Enter password for {username}: ')
pwdb[username] = str(hashlib.sha256(password.encode()).hexdigest())
return pwdb
def read_pwdb(pwdb_path):
try:
pwdb_file = open(pwdb_path, 'rt')
pwdb = json.load(pwdb_file)
except Exception:
pwdb = {}
return pwdb
def write_pwdb(pwdb, pwdb_path):
pwdb_file = open(pwdb_path, 'wt')
json.dump(pwdb, pwdb_file)
def get_salt(char_num=10): def get_salt(char_num=10):
"""Create random string of characters """Create random string of characters
@ -44,6 +24,42 @@ def get_salt(char_num=10):
return salt return salt
def create_hash(password):
salt = get_salt(10)
hash_ = str(hashlib.sha256((password+salt).encode('utf-8')).hexdigest())
return hash_, salt
def get_credentials():
username = input('Enter your username: ')
password = getpass.getpass('Enter your password: ')
return (username, password)
def authenticate(username, password, pwdb):
salt = pwdb[username][1]
given_hash = get_hash(password, salt)
return given_hash == pwdb[username][0]
def add_user(username, pwdb):
password = getpass.getpass(f'Enter password for {username}: ')
hash_, salt = create_hash(password)
pwdb[username] = (hash_, salt)
return pwdb
def read_pwdb(pwdb_path):
try:
pwdb_file = open(pwdb_path, 'rt')
pwdb = json.load(pwdb_file)
except Exception:
pwdb = {}
return pwdb
def write_pwdb(pwdb, pwdb_path):
pwdb_file = open(pwdb_path, 'wt')
json.dump(pwdb, pwdb_file)
pwdb_path = 'pwdb.json' pwdb_path = 'pwdb.json'
pwdb = read_pwdb(pwdb_path) pwdb = read_pwdb(pwdb_path)