Mercurial > piecrust2
annotate piecrust/admin/bcryptfallback.py @ 1188:a7c43131d871
bake: Fix file write flushing problem with Python 3.8+
Writing the cache files fails in Python 3.8 because it looks like flushing
behaviour has changed. We need to explicitly flush. And even then, in very
rare occurrences, it looks like it can still run into racing conditions,
so we do a very hacky and ugly "retry" loop when fetching cached data :(
| author | Ludovic Chabant <ludovic@chabant.com> |
|---|---|
| date | Tue, 15 Jun 2021 22:36:23 -0700 |
| parents | 28c388fc18b2 |
| children |
| rev | line source |
|---|---|
|
640
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
1 import hashlib |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
2 import logging |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
3 |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
4 |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
5 print_warning = False |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
6 logger = logging.getLogger(__name__) |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
7 |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
8 |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
9 try: |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
10 from bcrypt import hashpw, gensalt |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
11 except ImportError: |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
12 print_warning = True |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
13 |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
14 def hashpw(password, *args, **kwargs): |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
15 return hashlib.sha512(password).hexdigest().encode('utf8') |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
16 |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
17 def gensalt(*args, **kwargs): |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
18 return b'' |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
19 |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
20 |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
21 try: |
|
1151
0d699f04968c
cm: Update dependencies and fix imports of Flask plugins.
Ludovic Chabant <ludovic@chabant.com>
parents:
783
diff
changeset
|
22 from flask_bcrypt import Bcrypt |
|
640
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
23 except ImportError: |
|
1176
28c388fc18b2
cm: Upgrade flask-login and flask-bcrypt.
Ludovic Chabant <ludovic@chabant.com>
parents:
1151
diff
changeset
|
24 try: |
|
28c388fc18b2
cm: Upgrade flask-login and flask-bcrypt.
Ludovic Chabant <ludovic@chabant.com>
parents:
1151
diff
changeset
|
25 from flask.ext.bcrypt import Bcrypt |
|
28c388fc18b2
cm: Upgrade flask-login and flask-bcrypt.
Ludovic Chabant <ludovic@chabant.com>
parents:
1151
diff
changeset
|
26 except ImportError: |
|
28c388fc18b2
cm: Upgrade flask-login and flask-bcrypt.
Ludovic Chabant <ludovic@chabant.com>
parents:
1151
diff
changeset
|
27 print_warning = True |
|
640
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
28 |
|
1176
28c388fc18b2
cm: Upgrade flask-login and flask-bcrypt.
Ludovic Chabant <ludovic@chabant.com>
parents:
1151
diff
changeset
|
29 def generate_password_hash(password): |
|
28c388fc18b2
cm: Upgrade flask-login and flask-bcrypt.
Ludovic Chabant <ludovic@chabant.com>
parents:
1151
diff
changeset
|
30 return hashlib.sha512(password.encode('utf8')).hexdigest() |
|
640
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
31 |
|
1176
28c388fc18b2
cm: Upgrade flask-login and flask-bcrypt.
Ludovic Chabant <ludovic@chabant.com>
parents:
1151
diff
changeset
|
32 def check_password_hash(reference, check): |
|
28c388fc18b2
cm: Upgrade flask-login and flask-bcrypt.
Ludovic Chabant <ludovic@chabant.com>
parents:
1151
diff
changeset
|
33 check_hash = hashlib.sha512(check.encode('utf8')).hexdigest() |
|
28c388fc18b2
cm: Upgrade flask-login and flask-bcrypt.
Ludovic Chabant <ludovic@chabant.com>
parents:
1151
diff
changeset
|
34 return check_hash == reference |
|
640
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
35 |
|
1176
28c388fc18b2
cm: Upgrade flask-login and flask-bcrypt.
Ludovic Chabant <ludovic@chabant.com>
parents:
1151
diff
changeset
|
36 class SHA512Fallback(object): |
|
28c388fc18b2
cm: Upgrade flask-login and flask-bcrypt.
Ludovic Chabant <ludovic@chabant.com>
parents:
1151
diff
changeset
|
37 is_fallback_bcrypt = True |
|
640
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
38 |
|
1176
28c388fc18b2
cm: Upgrade flask-login and flask-bcrypt.
Ludovic Chabant <ludovic@chabant.com>
parents:
1151
diff
changeset
|
39 def __init__(self, app=None): |
|
28c388fc18b2
cm: Upgrade flask-login and flask-bcrypt.
Ludovic Chabant <ludovic@chabant.com>
parents:
1151
diff
changeset
|
40 self.generate_password_hash = generate_password_hash |
|
28c388fc18b2
cm: Upgrade flask-login and flask-bcrypt.
Ludovic Chabant <ludovic@chabant.com>
parents:
1151
diff
changeset
|
41 self.check_password_hash = check_password_hash |
|
640
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
42 |
|
1176
28c388fc18b2
cm: Upgrade flask-login and flask-bcrypt.
Ludovic Chabant <ludovic@chabant.com>
parents:
1151
diff
changeset
|
43 def init_app(self, app): |
|
28c388fc18b2
cm: Upgrade flask-login and flask-bcrypt.
Ludovic Chabant <ludovic@chabant.com>
parents:
1151
diff
changeset
|
44 app.bcrypt = self |
|
772
3885421c29a3
admin: Make the whole FoodTruck site into a blueprint.
Ludovic Chabant <ludovic@chabant.com>
parents:
640
diff
changeset
|
45 |
|
1176
28c388fc18b2
cm: Upgrade flask-login and flask-bcrypt.
Ludovic Chabant <ludovic@chabant.com>
parents:
1151
diff
changeset
|
46 Bcrypt = SHA512Fallback |
|
640
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
47 |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
48 |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
49 if print_warning: |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
50 logging.warning("Bcrypt not available... falling back to SHA512.") |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
51 logging.warning("Run `pip install Flask-Bcrypt` for more secure " |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
52 "password hashing.") |
|
59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff
changeset
|
53 |