Total Complexity | 1 |
Total Lines | 40 |
Duplicated Lines | 0 % |
Coverage | 100% |
Changes | 0 |
1 | 1 | import binascii |
|
2 | 1 | from hashlib import pbkdf2_hmac |
|
3 | from enum import Enum, auto |
||
4 | |||
5 | 1 | ||
6 | class AuthErrorStates(Enum): |
||
7 | NONE = auto() |
||
8 | NotAuthorized = auto() |
||
9 | NotRequired = auto() |
||
10 | |||
11 | |||
12 | def hash_password(username, pwd): |
||
13 | """ |
||
14 | Hashes password using PKDBF2 method: |
||
15 | hash = PKDBF2('sha512', pwd, salt=username, 10000) |
||
16 | |||
17 | Parameters |
||
18 | ---------- |
||
19 | username : str |
||
20 | User name (login). Used as salt for hashing. |
||
21 | User name is lowercased befor being used in hashing. |
||
22 | Salt is formatted as '_$salt@tabpy:<username>$_' to |
||
23 | guarantee there's at least 16 characters. |
||
24 | |||
25 | pwd : str |
||
26 | Password to hash. |
||
27 | 1 | ||
28 | Returns |
||
29 | 1 | ------- |
|
30 | str |
||
31 | Sting representation (hexidecimal) for PBKDF2 hash |
||
32 | 1 | for the password. |
|
33 | """ |
||
34 | salt = f"_$salt@tabpy:{username.lower()}$_" |
||
35 | |||
36 | hash = pbkdf2_hmac( |
||
37 | hash_name="sha512", password=pwd.encode(), salt=salt.encode(), iterations=10000 |
||
38 | ) |
||
39 | return binascii.hexlify(hash).decode() |
||
40 |