1
0
mirror of https://github.com/avatao-content/test-tutorial-framework synced 2024-12-05 02:11:32 +00:00

Replace PBKDF2 with scrypt

This commit is contained in:
R. Richard 2019-06-07 14:41:27 +02:00
parent 8b15da39ae
commit 1b53222937

View File

@ -1,11 +1,19 @@
from passlib.hash import pbkdf2_sha256
from os import urandom
from hashlib import scrypt
class PasswordHasher:
@staticmethod
def hash(password):
return pbkdf2_sha256.hash(password)
salt = urandom(32)
return PasswordHasher.scrypt(password, salt).hex()+salt.hex()
@staticmethod
def verify(password, hashdigest):
return pbkdf2_sha256.verify(password, hashdigest)
salt = bytes.fromhex(hashdigest[64:])
hashdigest = bytes.fromhex(hashdigest[:64])
return PasswordHasher.scrypt(password, salt) == hashdigest
@staticmethod
def scrypt(password, salt):
return scrypt(password.encode(), salt=salt, n=16384, r=8, p=1, dklen=32)