password is moved out of config file into separate generated file

2026-05-06 06:45:34 +02:00 · 2017-09-09 14:21:57 -04:00
parent 22749f252b
commit c06c837904
6 changed files with 29 additions and 23 deletions
--- a/src/app.py
+++ b/src/app.py
@@ -13,6 +13,7 @@ from notes_move_api import notes_move_api
 from password_api import password_api
 import config_provider
 import my_scrypt
+import password_provider

 config = config_provider.getConfig()

@@ -53,21 +54,21 @@ documentPath = config['Document']['documentPath']

 connect(documentPath)

-hashedPassword = config['Login']['passwordHash'].encode('utf-8')
+hashedPassword = password_provider.getPasswordHash()


 def verify_password(hex_hashed_password, guessed_password):
    hashed_password = binascii.unhexlify(hex_hashed_password)

-    hashed = my_scrypt.getVerificationHash(guessed_password)
+    guess_hashed = my_scrypt.getVerificationHash(guessed_password)

-    return hashed == hashed_password
+    return guess_hashed == hashed_password

@app.route('/login', methods=['POST'])
 def login_post():
-    inputPassword = request.form['password'].encode('utf-8')
+    guessedPassword = request.form['password'].encode('utf-8')

-    if request.form['username'] == user.id and verify_password(hashedPassword, inputPassword):
+    if request.form['username'] == user.id and verify_password(hashedPassword, guessedPassword):
        rememberMe = True if 'remember-me' in request.form else False

        login_user(user, remember=rememberMe)
--- a/src/password_api.py
+++ b/src/password_api.py
@@ -2,7 +2,7 @@ from flask import Blueprint, jsonify, request
 from flask_login import login_required
 import hashlib
 import binascii
-import config_provider
+import password_provider

 password_api = Blueprint('password_api', __name__)

@@ -11,9 +11,7 @@ password_api = Blueprint('password_api', __name__)
 def verifyPassword():
    req = request.get_json(force=True)

-    config = config_provider.getConfig()
-
-    hashedPassword = config['Login']['passwordHash'].encode('utf-8')
+    hashedPassword = password_provider.getPasswordHash()
    hashedPasswordBytes = binascii.unhexlify(hashedPassword)
    hashedPasswordSha = hashlib.sha256(hashedPasswordBytes).hexdigest()

--- a/src/password_provider.py
+++ b/src/password_provider.py
@@ -0,0 +1,7 @@
+def getPasswordHash():
+    with open('password.txt') as file:
+        return file.readline()
+
+def setPasswordHash(newPasswordHash):
+    with open('password.txt', 'w') as file:
+        file.write(newPasswordHash)