Skip to content
Snippets Groups Projects
Unverified Commit 174973d7 authored by Shamil K Muhammed's avatar Shamil K Muhammed
Browse files

Encode the passwords

parent 983f147e
No related merge requests found
Hide whitespace changes
Inline Side-by-side
diaspora_auth_provider.py
+ 3
3
View file @ 174973d7
...@@ -23,13 +23,13 @@ import bcrypt ...@@ -23,13 +23,13 @@ import bcrypt
import logging import logging
__VERSION__ = "0.0.2" __VERSION__ = "0.0.3"
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
class DiasporaAuthProvider: class DiasporaAuthProvider:
__version__ = "0.0.2" __version__ = "0.0.3"
def __init__(self, config, account_handler): def __init__(self, config, account_handler):
self.account_handler = account_handler self.account_handler = account_handler
...@@ -67,7 +67,7 @@ class DiasporaAuthProvider: ...@@ -67,7 +67,7 @@ class DiasporaAuthProvider:
# user exists, check if the password is correct. # user exists, check if the password is correct.
encrypted_password = user[1] encrypted_password = user[1]
peppered_pass = "{}{}".format(password, self.config.pepper) peppered_pass = "{}{}".format(password, self.config.pepper)
if not (bcrypt.hashpw(peppered_pass, encrypted_password) == encrypted_password): if not (bcrypt.hashpw(peppered_pass.encode('utf8'), encrypted_password.encode('utf8')) == encrypted_password.encode('utf8')):
logger.info("Password given for {} is wrong. Rejecting auth request.".format(local_part)) logger.info("Password given for {} is wrong. Rejecting auth request.".format(local_part))
defer.returnValue(False) defer.returnValue(False)
# Ok, user's password is correct. check if the user exists in the homeserver db. # Ok, user's password is correct. check if the user exists in the homeserver db.
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment