A small Python based program that will allow a user to register an account, login to said account, and then logout. For webroot.

To maintain simplicty, Python3 was used to implement this program.

Requirements set forth that credentials should be stored locally. In order to meet this requirement, I assumed that no databases were allowed. I also avoided using a file system as my hashes where in byte format and wanted to spend time on the hashing and security rather than the file io of non-utf-8 bytes. This means that users only persistent for the session and then are removed.

Bcrypt's PBKDF2 Hashing is used to create cryptographically secure password hashes, and all passwords are salted with Bcrypts salt generator. Each salt should be unique to the user preventing timing attacks.

Testing was done utilzing Pytest and MagicMock

To run: Ensure Python3 is installed. Python 3.6.9 was used to develop this.

Create a virtual enviroment outside of the projet directory using: python -m venv env_name

Activate said virtual enviroment with (on unix based system): source env_name/bin/activate

Navigate to project root folder cd userauthprogram

Install requirements from requirements.txt using pip pip install -r requirements.txt

To run main program: python3 main.py

To run testing enter command in root directory: pytest

If you have any question feel free to email me at lewis.cj11@gmail.com