from User import User
from Password import Password
import hashlib
import os
import bcrypt
#Example to trigger a sonar vulnerability
#import socket
#ip = '127.0.0.1'
#sock = socket.socket()
#sock.bind((ip, 9090))
#Hari gajmer developer
#typical bandit findings
#>>> bandit -r <folder>
#deprecated md5 will not be found by sonar...
password = os.getenv("123_x&5s")
hash_object = bcrypt.hashpw((b'123_x32&'), bcrypt.gensalt())
password = "******".encode()
user1 = User()
user1.set_name("Bert")
p = Password()
hashed_password = p.hash_password(password)
user1.set_password(hashed_password)
hashed_password = user1.get_password()
p.hash_check(password, hashed_password)
def test_hash_password_hash_check(self):
hashed_pwd = Password.hash_password(self.password)
self.assertTrue(Password.hash_check(self.password, hashed_pwd), (True))
def test_password(self):
user_hash_pwd = Password.hash_password(self.password)
self.assertTrue(Password.hash_check(self.password, user_hash_pwd),
(True))
#deprecated md5 will not be found by sonar...
password = "******"
hash_object = hashlib.md5(b'123_x32&')
password = b"bobo"
user1 = User()
user1.set_name("Bert")
p = Password()
isSuccess = False
while not isSuccess:
print("Enter new password: "******"")
password = input()
try:
if user1.get_name() in password:
raise ValueError("Password must not contain the username")
hashed_password = p.hash_password(password)
except ValueError as e:
print("Password did not match common complexity criteria")
print(e)
else:
user1.set_password(hashed_password)
hashed_password = user1.get_password()
isSuccess = p.hash_check(password, hashed_password)
print("New password successfully set.")
