2025-plovdiv-git/minimal_auth.py

import getpass # hides types characters, very useful
import json
import sys
import hashlib
import random
import string


def get_hash(password,salt):
    
    hash_ = str(hashlib.sha256((password+salt).encode('utf-8')).hexdigest())
    return hash_

def get_salt(char_num=10):
    """Create random string of characters

    Parameters
    ----------
    char_num: int.
        Number of random characters to be created.
    """

    salt = ''.join(random.choices(string.ascii_uppercase + string.digits, k=char_num))

    return salt

def create_hash(password):

    salt = get_salt(10)

    hash_ = str(hashlib.sha256((password+salt).encode('utf-8')).hexdigest())
    return hash_, salt

def get_credentials():
    username = input('Enter your username: ')
    password = getpass.getpass('Enter your password: ')

    return (username, password)

def authenticate(username, password, pwdb):
    salt = pwdb[username][1]
    given_hash = get_hash(password, salt)
    return given_hash == pwdb[username][0]

def add_user(username, pwdb):
    password = getpass.getpass(f'Enter password for {username}: ')
    hash_, salt = create_hash(password)
    pwdb[username] = (hash_, salt)
    return pwdb

def read_pwdb(pwdb_path):
    try:
        pwdb_file = open(pwdb_path, 'rt')
        pwdb = json.load(pwdb_file)
    except Exception:
        pwdb = {}
    return pwdb

def write_pwdb(pwdb, pwdb_path):
    pwdb_file = open(pwdb_path, 'wt')
    json.dump(pwdb, pwdb_file)

pwdb_path = 'pwdb.json'
pwdb = read_pwdb(pwdb_path)

if len(sys.argv) > 1:
    pwdb = add_user(sys.argv[1], pwdb)
    write_pwdb(pwdb, pwdb_path)
else:
    username, password = get_credentials()
    if username not in pwdb or not authenticate(username, password, pwdb):
        print('Wrong username or password!')
    else:
        print('Successfully authenticated!')