wassname/flask-security
1
0
Fork 0
mirror of https://github.com/wassname/flask-security.git synced 2026-06-27 16:10:11 +08:00
Code Issues Packages Projects Releases Wiki Activity

remove more unnecessary code

Browse Source
This commit is contained in:
Matt Wright
2012-08-23 23:48:55 -04:00
parent f1c52d01aa
commit bac04a0f3c
3 changed files with 13 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files
flask_security/core.py
+1 -2
View File
@@ -32,8 +32,7 @@ _default_config = {
'URL_PREFIX': None,
'FLASH_MESSAGES': True,
'PASSWORD_HASH': 'plaintext',
'PASSWORD_HMAC': False,
'PASSWORD_HMAC_SALT': None,
'PASSWORD_SALT': None,
'LOGIN_URL': '/login',
'LOGOUT_URL': '/logout',
'REGISTER_URL': '/register',
flask_security/utils.py
+11 -25
View File
@@ -12,6 +12,7 @@
import base64
import hashlib
import hmac
import os
from contextlib import contextmanager
from datetime import datetime, timedelta
from functools import wraps
@@ -76,33 +77,18 @@ def logout_user():
_logout_user()
def get_hmac(msg, salt=None, digestmod=None):
digestmod = digestmod or hashlib.sha512
return base64.b64encode(hmac.new(salt, msg, digestmod).digest())
def get_hmac(password):
if _security.password_hash == 'plaintext':
return password
h = hmac.new(_security.password_salt, password, hashlib.sha512)
return base64.b64encode(h.digest())
def verify_password(password, password_hash):
return _pwd_context.verify(get_hmac(password), password_hash)
def verify_password(password, password_hash, use_hmac=None):
if use_hmac is None:
use_hmac = _security.password_hmac
if use_hmac:
hmac_value = get_hmac(password, _security.password_hmac_salt)
else:
hmac_value = password
return _pwd_context.verify(hmac_value, password_hash)
def encrypt_password(password, salt=None, use_hmac=None):
if use_hmac is None:
use_hmac = _security.password_hmac
if use_hmac:
hmac_value = get_hmac(password, _security.password_hmac_salt)
else:
hmac_value = password
return _pwd_context.encrypt(hmac_value)
def encrypt_password(password):
return _pwd_context.encrypt(get_hmac(password))
def md5(data):
tests/functional_tests.py
+1 -1
View File
@@ -203,7 +203,7 @@ class ConfiguredSecurityTests(SecurityTest):
AUTH_CONFIG = {
'SECURITY_PASSWORD_HASH': 'bcrypt',
'SECURITY_PASSWORD_HMAC_SALT': 'so-salty',
'SECURITY_PASSWORD_SALT': 'so-salty',
'SECURITY_PASSWORD_HMAC': True,
'SECURITY_REGISTERABLE': True,
'SECURITY_LOGOUT_URL': '/custom_logout',