From 1838a3419dbc11a59eeab21aa6803776c5a997cf Mon Sep 17 00:00:00 2001 From: usmannasir Date: Tue, 23 Jan 2024 11:10:57 +0500 Subject: [PATCH] bug fix: elimite login via url parameters --- plogical/hashPassword.py | 44 ++++++++++++++++++---------------------- 1 file changed, 20 insertions(+), 24 deletions(-) diff --git a/plogical/hashPassword.py b/plogical/hashPassword.py index d916773b2..810354b4f 100755 --- a/plogical/hashPassword.py +++ b/plogical/hashPassword.py @@ -1,33 +1,29 @@ -# import uuid +import uuid +import bcrypt +import hashlib + +def hash_password(password): + # uuid is used to generate a random number + salt = uuid.uuid4().hex + return hashlib.sha256(salt.encode() + password.encode()).hexdigest() + ':' + salt + + +def check_password(hashed_password, user_password): + password, salt = hashed_password.split(':') + return password == hashlib.sha256(salt.encode() + user_password.encode()).hexdigest() -# import base64 -# -# def hash_password(password): -# # uuid is used to generate a random number -# salt = uuid.uuid4().hex -# return hashlib.sha256(salt.encode() + password.encode()).hexdigest() + ':' + salt -# -# -# def check_password(hashed_password, user_password): -# password, salt = hashed_password.split(':') -# return password == hashlib.sha256(salt.encode() + user_password.encode()).hexdigest() -# # def generateToken(serverUserName, serverPassword): # credentials = '{0}:{1}'.format(serverUserName, serverPassword).encode() # encoded_credentials = base64.b64encode(credentials).decode() # return 'Basic {0}'.format(encoded_credentials) - -import bcrypt -import hashlib - -def hash_password(password): - salt = bcrypt.gensalt() - hashed_password = bcrypt.hashpw(password.encode(), salt) - return hashed_password.decode() - -def check_password(hashed_password, user_password): - return bcrypt.checkpw(user_password.encode(), hashed_password.encode()) +# def hash_password(password): +# salt = bcrypt.gensalt() +# hashed_password = bcrypt.hashpw(password.encode(), salt) +# return hashed_password.decode() +# +# def check_password(hashed_password, user_password): +# return bcrypt.checkpw(user_password.encode(), hashed_password.encode()) def generateToken(username, password):