Flaschengeist/flaschengeist
Flaschengeist
/
flaschengeist
7
0
Fork 0
Code Issues 20 Pull Requests Packages Projects Releases 2 Wiki Activity
flaschengeist/flaschengeist/plugins/auth_plain/__init__.py

58 lines
2.0 KiB
Python
Raw Blame History

"""Authentication Provider Plugin
Allows simple authentication using Username-Password pair with password saved into
Flaschengeist database (as User attribute)
"""
import os
import hashlib
import binascii
from werkzeug.exceptions import BadRequest, NotFound
from flaschengeist.plugins import AuthPlugin
from flaschengeist.models.user import User
class AuthPlain(AuthPlugin):
def login(self, user: User, password: str):
if user.has_attribute("password"):
return AuthPlain._verify_password(user.get_attribute("password"), password)
return False
def modify_user(self, user, password, new_password=None):
if password is not None and not self.login(user, password):
raise BadRequest
if new_password:
user.set_attribute("password", AuthPlain._hash_password(new_password))
def create_user(self, user, password):
if not user.userid:
raise BadRequest("userid is missing for new user")
hashed = AuthPlain._hash_password(password)
user.set_attribute("password", hashed)
def delete_user(self, user):
pass
def get_avatar(self, user):
if not user.has_attribute("avatar"):
raise NotFound
return user.get_attribute("avatar")
def set_avatar(self, user, avatar):
user.set_attribute("avatar", avatar)
@staticmethod
def _hash_password(password):
salt = hashlib.sha256(os.urandom(60)).hexdigest().encode("ascii")
pass_hash = hashlib.pbkdf2_hmac("sha3-512", password.encode("utf-8"), salt, 100000)
pass_hash = binascii.hexlify(pass_hash)
return (salt + pass_hash).decode("ascii")
@staticmethod
def _verify_password(stored_password, provided_password):
salt = stored_password[:64]
stored_password = stored_password[64:]
pass_hash = hashlib.pbkdf2_hmac("sha3-512", provided_password.encode("utf-8"), salt.encode("ascii"), 100000)
pass_hash = binascii.hexlify(pass_hash).decode("ascii")
return pass_hash == stored_password
Reference in New Issue View Git Blame Copy Permalink