32 lines
1.0 KiB
Python
32 lines
1.0 KiB
Python
import binascii
|
|
import hashlib
|
|
import os
|
|
|
|
from flaschengeist.modules import AuthPlugin
|
|
from flaschengeist.system.models.user import User
|
|
|
|
|
|
def _hash_password(password):
|
|
salt = hashlib.sha256(os.urandom(60)).hexdigest().encode("ascii")
|
|
pass_hash = hashlib.pbkdf2_hmac("sha3-512", password.encode("utf-8"), salt, 100000)
|
|
pass_hash = binascii.hexlify(pass_hash)
|
|
return (salt + pass_hash).decode("ascii")
|
|
|
|
|
|
def _verify_password(stored_password, provided_password):
|
|
salt = stored_password[:64]
|
|
stored_password = stored_password[64:]
|
|
pass_hash = hashlib.pbkdf2_hmac("sha3-512", provided_password.encode("utf-8"), salt.encode("ascii"), 100000)
|
|
pass_hash = binascii.hexlify(pass_hash).decode("ascii")
|
|
return pass_hash == stored_password
|
|
|
|
|
|
class AuthPlain(AuthPlugin):
|
|
def login(self, user: User, password: str):
|
|
if user and "password" in user.attributes:
|
|
return _verify_password(user.attributes["password"].value, password)
|
|
return False
|
|
|
|
def modify_user(self, user, password, new_password=None):
|
|
pass
|