TDvorak/swingmusic-extended
1
0
Fork 0
mirror of https://github.com/Dvorinka/swingmusic-extended.git synced 2026-06-04 04:23:01 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

salt passwords using userid

Browse Source
This commit is contained in:
mungai-njoroge
2024-05-03 23:22:09 +03:00
parent 5d947f3ad9
commit fdf3186be6
10 changed files with 42 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/utils/auth.py
+8 -2
View File
@@ -1,5 +1,8 @@
import hmac
import hashlib
from app.config import UserConfig
def encode_password(password: str) -> str:
"""
@@ -10,7 +13,10 @@ def encode_password(password: str) -> str:
:return: The encoded password.
"""
return hashlib.sha256(password.encode("utf-8")).hexdigest()
return hashlib.pbkdf2_hmac(
"sha256", password.encode("utf-8"), UserConfig().userId.encode("utf-8"), 100000
).hex()
def check_password(password: str, encoded: str) -> bool:
"""
@@ -22,4 +28,4 @@ def check_password(password: str, encoded: str) -> bool:
:return: Whether the password matches.
"""
return encode_password(password) == encoded
return hmac.compare_digest(encode_password(password), encoded)