def test_htpasswd_bcrypt(self): try: from passlib.hash import bcrypt from passlib.exc import MissingBackendError except ImportError: pytest.skip("passlib is not installed") try: bcrypt.hash("test-bcrypt-backend") except MissingBackendError: pytest.skip("bcrypt backend for passlib is not installed") self._test_htpasswd( "bcrypt", "tmp:$2y$05$oD7hbiQFQlvCM7zoalo/T.MssV3VNTRI3w5KDnj8NTUKJNWfVpvRq")
def _encrypt(self, clearvalue, salt=None): # Using the parameter for rounds will generate the error # ValueError: rounds too high (bcrypt requires <= 31 rounds) # when using the bcrypt hasher. # rounds = parameters.get_global_parameter("rounds_number") # To get around this, I use the default of 12. rounds = 12 return bcrypt.hash(clearvalue, rounds=rounds)
def __init__(self, configuration): super().__init__(configuration) self.filename = os.path.expanduser( configuration.get("auth", "htpasswd_filename")) self.encryption = configuration.get("auth", "htpasswd_encryption") if self.encryption == "ssha": self.verify = self._ssha elif self.encryption == "sha1": self.verify = self._sha1 elif self.encryption == "plain": self.verify = self._plain elif self.encryption == "md5": try: from passlib.hash import apr_md5_crypt except ImportError as e: raise RuntimeError( "The htpasswd encryption method 'md5' requires " "the passlib module.") from e self.verify = functools.partial(self._md5apr1, apr_md5_crypt) elif self.encryption == "bcrypt": try: from passlib.hash import bcrypt except ImportError as e: raise RuntimeError( "The htpasswd encryption method 'bcrypt' requires " "the passlib module with bcrypt support.") from e # A call to `encrypt` raises passlib.exc.MissingBackendError with a # good error message if bcrypt backend is not available. Trigger # this here. bcrypt.hash("test-bcrypt-backend") self.verify = functools.partial(self._bcrypt, bcrypt) elif self.encryption == "crypt": try: import crypt except ImportError as e: raise RuntimeError( "The htpasswd encryption method 'crypt' requires " "the crypt() system support.") from e self.verify = functools.partial(self._crypt, crypt) else: raise RuntimeError( "The htpasswd encryption method %r is not " "supported." % self.encryption)
def add(self, data, tipo=None): # Forzar a que la clave se guarde cifrada data.update(password=bcrypt.hash(data["password"])) data.update(email=data["email"].lower()) return DBCollection.add(self, data, model.Profesor)
async def create_and_get_user(username, password): async with Connection() as conn: insert_user = await conn.execute(SSOModels.user.insert().values( username=username, password=bcrypt.hash(password))) user = await insert_user.fetchone() return user
def __init__(self, full_name: str, email, password): self.full_name = full_name self.username = full_name.lower().replace(' ', '.') self.password = bcrypt.hash(password) self.email = email
def register(self): c.execute("""CREATE TABLE IF NOT EXISTS customerInformation( forename TEXT, surname TEXT, username TEXT, password TEXT, passcode TEXT )""") #creating the table within the database. conn.commit() #saving the changes forename = self.forename.get() surname = self.surname.get() username = self.username.get() password = self.password.get() conf_pass = self.conf_pass.get() passcode = self.passcode.get() if (forename and surname and username and password and conf_pass and passcode) == "": mb.showerror("Error", "Fields cannot be blank") elif not forename.isalpha() and not surname.isalpha( ): #checks if the surname and forename only contain letters mb.showerror("Error", "Forename and surname can only contian letters") elif (forename and surname and username and password and conf_pass and passcode) == "*": mb.showerror("Error", " Character not allowed") elif len(username) < 4 or len( username ) > 21: #checking if the username is wihthin the range of characters mb.showerror("Error", "Username length has to be between 4 to 21 characters" ) #shows an error message if the if statement is true elif not username.isalnum( ): #checks if the username is not alphanumeric mb.showerror("Error", "Username needs to be alphanumeric" ) #shows an error message to the user elif (len(password) and len(conf_pass)) < 8 or (len(password) and len(conf_pass)) > 21: mb.showerror("Error", "Password has to be between 8 to 21 characters") elif len(passcode ) < 4: #checks if the length of the passcode is less than 4 mb.showerror("Error", "Passcode has to be 4 characters or more") elif conf_pass != password: mb.showerror("Error", "Passwords don't match") else: username_data = [] count = 0 password = bcrypt.hash(password) #hashes the password passcode = bcrypt.hash(passcode) #hashes the passcode c.execute("SELECT username FROM customerInformation" ) #selects the username in the table data = c.fetchall() #fetches all of the usernames for row in data: username_data.append(row) #adds the usernames into a database. if len(username_data ) != 0: #checks if the length of the data is not while count < len(username_data ): #creates a loop until the condtion is met if username == username_data[count][0]: mb.showerror("Error", "Username already in use") break #prevents an infiniate loop elif username != username_data[count][0]: count += 1 if count >= len(username_data): c.execute( """INSERT INTO customerInformation(forename, surname, username, password, passcode) VALUES(?,?,?,?,?)""", (forename, surname, username, password, passcode)) #adds in the data into the table conn.commit() #saves the information mb.showinfo( "Success", "Information Added") #shows a success message break #breaks the loop. else: c.execute( """INSERT INTO customerInformation(forename, surname, username, password, passcode) VALUES(?,?,?,?,?)""", (forename, surname, username, password, passcode)) conn.commit() mb.showinfo("Success", "Information Added")
def password(self, password): self._password = bcrypt.hash(password)
def test_sqlresolver_passwords(self): """ test that we can use pbkdf2 and bcrypt passwords with an sql resolver """ users = {} # ------------------------------------------------------------------ -- # create the User schema self.createUserTable() # ------------------------------------------------------------------ -- # add users bach_password = "******" bach_password_hash = ('{PKCS5S2}ZYIjvFLd99ldgx5b7sqOlDCKNt31' 'UBX9HQKxTZwU50WfuZlWTNG5qBsCsFUMWwxC') users['bach'] = { 'login': '******', 'uid': '21.3.1685', 'telephonenumber': '', 'mobile': bach_password, 'surname': 'Bach', 'givenname': 'Johann Sebastian', 'password': bach_password_hash, 'mail': '*****@*****.**' } assert atlassian_pbkdf2_sha1.verify(bach_password, bach_password_hash) self.addUser(**users['bach']) # ------------------------------------------------------------------ -- chopin_password = "******" chopin_password_hash = atlassian_pbkdf2_sha1.hash(chopin_password) users['chopin'] = { 'login': '******', 'uid': '22.10.1849', 'telephonenumber': '', 'mobile': chopin_password, 'surname': 'Chopin', 'givenname': 'Fryderyk Franciszek', 'password': chopin_password_hash, 'mail': '*****@*****.**' } assert atlassian_pbkdf2_sha1.verify(chopin_password, chopin_password_hash) self.addUser(**users['chopin']) # ------------------------------------------------------------------ -- brahms_password = '******' brahms_password_hash = ('$2a$12$NT0I31Sa7ihGEWpka9ASYrEFk' 'huTNeBQ2xfZskIiiJeyFXhRgS.Sy') users['brahms'] = { 'login': '******', 'uid': '7.5.1833', 'telephonenumber': '', 'mobile': brahms_password, 'surname': 'Brahms', 'givenname': 'Johannes', 'password': brahms_password_hash, 'mail': '*****@*****.**' } assert passlib_bcrypt.verify(brahms_password, brahms_password_hash) self.addUser(**users['brahms']) # ------------------------------------------------------------------ -- mozart_password = '******' mozart_password_hash = passlib_bcrypt.hash(mozart_password) users['mozart'] = { 'login': '******', 'uid': '27.1.1756', 'telephonenumber': '', 'mobile': mozart_password, 'surname': 'Mozart', 'givenname': 'Wolfgang Amadeus', 'password': mozart_password_hash, 'mail': '*****@*****.**' } assert passlib_bcrypt.verify(mozart_password, mozart_password_hash) self.addUser(**users['mozart']) # ------------------------------------------------------------------ -- schubert_password = '******' schubert_password_hash = '$P$8ohUJ.1sdFw09/bMaAQPTGDNi2BIUt1' users['schubert'] = { 'login': '******', 'uid': '31.1.1797', 'telephonenumber': '', 'mobile': schubert_password, 'surname': 'Schubert', 'givenname': 'Franz Peter', 'password': schubert_password_hash, 'mail': '*****@*****.**' } assert passlib_phpass.verify(schubert_password, schubert_password_hash) self.addUser(**users['schubert']) # ------------------------------------------------------------------ -- mendelssohn_password = '******' mendelssohn_password_hash = passlib_phpass.hash(mendelssohn_password) users['mendelssohn'] = { 'login': '******', 'uid': '31.2.1809', 'telephonenumber': '', 'mobile': mendelssohn_password, 'surname': 'Mendelssohn', 'givenname': 'Jakob Ludwig', 'password': mendelssohn_password_hash, 'mail': '*****@*****.**' } assert passlib_phpass.verify(mendelssohn_password, mendelssohn_password_hash) self.addUser(**users['mendelssohn']) # ------------------------------------------------------------- -- # define resolver and realm realm = 'sqlRealm' self.addSqlResolver('my_sql_users') self.addSqlRealm(realm, 'my_sql_users', defaultRealm=True) # ------------------------------------------------------------- -- # run the pbkdf2 atlasian test with user bach user = users['bach']['login'] password = users['bach']['mobile'] self.run_password_check(user, password, realm=realm) # run the pbkdf2 atlasian test with user chopin user = users['chopin']['login'] password = users['chopin']['mobile'] self.run_password_check(user, password, realm=realm) # run the bcrypt test with user brahms user = users['brahms']['login'] password = users['brahms']['mobile'] self.run_password_check(user, password, realm=realm) # run the bcrypt test with user mozart user = users['mozart']['login'] password = users['mozart']['mobile'] self.run_password_check(user, password, realm=realm) # run the php test with user schubert user = users['schubert']['login'] password = users['schubert']['mobile'] self.run_password_check(user, password, realm=realm) # run the php test with user mendelssohn user = users['mendelssohn']['login'] password = users['mendelssohn']['mobile'] self.run_password_check(user, password, realm=realm) return
def hash_password(raw_password: str) -> str: return bcrypt.hash(raw_password)
async def create_user(user: UserAuthInSchema): user_obj = UserAuth(username=user.username, password_hash=bcrypt.hash(user.password_hash)) await user_obj.save() user = await UserAuthSchema.from_tortoise_orm(user_obj) return user
def get_password_hash(password): if password is None or len(password) == 0: return None return bcrypt.hash(password)
def get_password_hash(password: str) -> str: return bcrypt.hash(password)
def hash_password(cls, password: str) -> str: return bcrypt.hash(password)
def passHash(password): hashed_password = bcrypt.hash(password) return hashed_password
def hash_password(password, salt=False): if salt: return bcrypt.hash(password, salt=salt) return bcrypt.hash(password)
def generate_bcrypt_hash(ctx): import getpass from passlib.hash import bcrypt print(bcrypt.hash(getpass.getpass()))
def _get_hash(self, password): return bcrypt.hash(password)
def getHashedPassword(password): return bcrypt.hash(password)
async def create_user(user: UserIn_Pydantic): user_obj = User(username=user.username, password_hash=bcrypt.hash(user.password_hash)) await user_obj.save() return await User_Pydantic.from_tortoise_orm(user_obj)
def __init__(self, **kwargs): self.name = kwargs.get('name') self.emeil = kwargs.get('emeil') self.password = bcrypt.hash(kwargs.get('password'))
async def register(user: Users, admin: str = Depends(get_current_user)): ret = db.Users.insert_one({ "Username": user.Username, "Password": bcrypt.hash(user.Password) }) return {"result": {user.Username, bcrypt.hash(user.Password)}}
def forgot_pass(self): #forgot password function #retriving all user input from enteries new_pass = self.new_pass.get() conf_new_pass = self.conf_new_pass.get() username = self.username.get() passcode = self.passcode.get() new_pass = bcrypt.hash(new_pass) #hashing the password password_verify = bcrypt.verify( conf_new_pass, new_pass) #checking the the passwords match if (new_pass and conf_new_pass and username and passcode) == "": #checks if the fields are blank mb.showerror("Error", "Fields cannot be blank" ) #shows an erorr message if the fields are blank elif (new_pass and conf_new_pass and username and passcode) == "*": #checks if there is an * within the field mb.showerror("Error", "Charater not allowed") #shows the error message elif (len(new_pass) and len(conf_new_pass)) < 8 or ( len(new_pass) and len(conf_new_pass) ) > 21: #checks if the password is within the range of charaters specified. mb.showerror("Error", "Password has to be between 8 to 21 characters" ) #shows an error message if this is not the case elif not password_verify: #checks if the passwords do not match mb.showerror( "Error", "Passwords do not match" ) #shows an error message telling the user that the password do not match else: try: user_data = [] count = 0 c.execute( "SELECT username, password, passcode FROM customerInformation" ) #selects username password and passcode from the field data = c.fetchall() for row in data: user_data.append(row) while count < len(user_data): if username == user_data[count][0]: passcode_id = user_data[count][2] passcode_verify = bcrypt.verify( passcode, passcode_id ) #checks if the passcode entered matches with the passcode in the table if passcode_verify: #checks if the variable is true old_pass = user_data[count][ 1] #sets the old password based on the index of the passcode and username c.execute( "UPDATE customerInformation SET password = ? WHERE password = ?", (new_pass, old_pass) ) # Changes the password where the username is specified conn.commit() #saves the changes to the database mb.showinfo( "Success", "Password Changed" ) #tells the user that their function was successful break #breaks the loop to prevent an infincate loop else: mb.showerror( "Error", "Operation Failed") #shows an error message. break elif username != user_data[count][0]: count += 1 if count >= len(user_data): mb.showerror("Error", "Incorrect Username or Passcode") except sqlite3.OperationalError: mb.showerror("Error", "File Not Found Error")
def update(self, data): """Actualiza los datos del profesor, asegurándose de que la clave va cifrada a la base de datos""" if "password" in data: data.update(password=bcrypt.hash(data["password"])) super().update(data)
def hash_password(password): return bcrypt.hash(password)
async def update_password(username, new_password): async with Connection() as conn: await conn.execute(SSOModels.user.update().where( SSOModels.user.c.username == username).values( password=bcrypt.hash(new_password)))
def get_bcrypt_hashed_passwd(self, password): """ hash the password using bcrypt from passlib.hash """ # use bcrypt to hash the password return bcrypt.hash(password)
def change_password(user_id): verify_token = settings['verify_token'] app_secret = settings['application_secret'] auth_header = request.headers.get('Authorization') try: body = json.loads(request.data) except Exception as e: raise ErtisError(err_code="errors.invalidBodyProvided", err_msg="Provided body is invalid JSON", status_code=400, context={'message': str(e)}) if not auth_header: raise ErtisError( err_code="errors.authorizationHeaderRequired", err_msg= "Authorization header required for use <change_password> api", status_code=401) try: token = auth_header.split(' ')[1] except Exception as e: raise ErtisError(err_code="errors.providedBearerTokenIsInvalid", err_msg="Invalid token provided.", status_code=401, context={'message': str(e)}) security_manager = ErtisSecurityManager(app.db) user = security_manager.load_user(token, app_secret, verify_token) if user_id != str(user['_id']): raise ErtisError( err_code="errors.userNotAuthorizedForChangePassword", err_msg="Users can not change another user's password", status_code=403) new_password = body.get('password', None) if len(new_password) < 4: raise ErtisError(err_msg="Password must be more than 4 characters", err_code="errors.passwordIsTooShort", status_code=400) if not new_password: raise ErtisError( err_msg="Password is required for change password of user", err_code="errors.passwordIsRequired", status_code=400) if bcrypt.verify(new_password, user["password"]): raise ErtisError( err_msg= "User's password can not be same with previous password", err_code="errors.userPasswordCannotBeSameWithPrevious", status_code=400) hashed_password = bcrypt.hash(new_password) user['password'] = hashed_password user.pop('permissions', None) user['sys']['modified_by'] = user['email'] user['sys']['modified_at'] = datetime.datetime.utcnow() g_service = app.generic_service g_service.replace(user, 'users') user.pop('password') return Response(json.dumps(user, default=bson_to_json), mimetype='application/json', status=200)