diff --git a/flask_security/utils.py b/flask_security/utils.py index bc59890..6bf83ee 100644 --- a/flask_security/utils.py +++ b/flask_security/utils.py @@ -121,7 +121,10 @@ def verify_and_update_password(password, user): :param password: A plaintext password to verify :param user: The user to verify against """ - verified, new_password = _pwd_context.verify_and_update(encrypt_password(password), user.password) + + if _security.password_hash != 'plaintext': + password = get_hmac(password) + verified, new_password = _pwd_context.verify_and_update(password, user.password) if verified and new_password: user.password = new_password _datastore.put(user) @@ -135,8 +138,8 @@ def encrypt_password(password): """ if _security.password_hash == 'plaintext': return password - signed = get_hmac(password) - return _pwd_context.encrypt(signed.decode('ascii')) + signed = get_hmac(password).decode('ascii') + return _pwd_context.encrypt(signed) def md5(data): diff --git a/tests/configured_tests.py b/tests/configured_tests.py index 5f16191..cd223c2 100644 --- a/tests/configured_tests.py +++ b/tests/configured_tests.py @@ -19,18 +19,18 @@ from flask_security.signals import user_registered from tests import SecurityTest -# TODO: Wait for passlib + bcrypt python3 compatibility to be fixed -# class ConfiguredPasswordHashSecurityTests(SecurityTest): -# AUTH_CONFIG = { -# 'SECURITY_PASSWORD_HASH': 'bcrypt', -# 'SECURITY_PASSWORD_SALT': 'so-salty', -# 'USER_COUNT': 1 -# } +class ConfiguredPasswordHashSecurityTests(SecurityTest): -# def test_authenticate(self): -# r = self.authenticate(endpoint="/login") -# self.assertIn(b'Home Page', r.data) + AUTH_CONFIG = { + 'SECURITY_PASSWORD_HASH': 'bcrypt', + 'SECURITY_PASSWORD_SALT': 'so-salty', + 'USER_COUNT': 1 + } + + def test_authenticate(self): + r = self.authenticate(endpoint="/login") + self.assertIn(b'Home Page', r.data) class ConfiguredSecurityTests(SecurityTest):