# HG changeset patch # User Ludovic Chabant # Date 1455516392 28800 # Node ID 59968ee07a07eff0031c7545de8278c9be89695a # Parent 91dd760950adb749f7ff72c98d6401999dec1c5f admin: Don't require `bcrypt` for running FoodTruck with `chef`. diff -r 91dd760950ad -r 59968ee07a07 foodtruck/bcryptfallback.py --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/foodtruck/bcryptfallback.py Sun Feb 14 22:06:32 2016 -0800 @@ -0,0 +1,47 @@ +import hashlib +import logging + + +print_warning = False +logger = logging.getLogger(__name__) + + +try: + from bcrypt import hashpw, gensalt +except ImportError: + print_warning = True + + def hashpw(password, *args, **kwargs): + return hashlib.sha512(password).hexdigest().encode('utf8') + + def gensalt(*args, **kwargs): + return b'' + + +try: + from flask.ext.bcrypt import Bcrypt +except ImportError: + print_warning = True + + def generate_password_hash(password): + return hashlib.sha512(password.encode('utf8')).hexdigest() + + def check_password_hash(reference, check): + check_hash = hashlib.sha512(check.encode('utf8')).hexdigest() + return check_hash == reference + + class SHA512Fallback(object): + is_fallback_bcrypt = True + + def __init__(self, app=None): + self.generate_password_hash = generate_password_hash + self.check_password_hash = check_password_hash + + Bcrypt = SHA512Fallback + + +if print_warning: + logging.warning("Bcrypt not available... falling back to SHA512.") + logging.warning("Run `pip install Flask-Bcrypt` for more secure " + "password hashing.") + diff -r 91dd760950ad -r 59968ee07a07 foodtruck/web.py --- a/foodtruck/web.py Sun Feb 14 19:44:54 2016 -0800 +++ b/foodtruck/web.py Sun Feb 14 22:06:32 2016 -0800 @@ -153,29 +153,12 @@ login_manager.login_view = None -try: - from flask.ext.bcrypt import Bcrypt -except ImportError: - logging.warning("Bcrypt not available... falling back to SHA512.") - logging.warning("Run `pip install Flask-Bcrypt` for more secure " - "password hashing.") - - import hashlib - - def generate_password_hash(password): - return hashlib.sha512(password.encode('utf8')).hexdigest() - - def check_password_hash(reference, check): - check_hash = hashlib.sha512(check.encode('utf8')).hexdigest() - return check_hash == reference - - class SHA512Fallback(object): - def __init__(self, app=None): - self.generate_password_hash = generate_password_hash - self.check_password_hash = check_password_hash - - Bcrypt = SHA512Fallback - +from foodtruck.bcryptfallback import Bcrypt +if (getattr(Bcrypt, 'is_fallback_bcrypt', None) is True and + not app.config['FOODTRUCK_CMDLINE_MODE']): + raise Exception( + "You're running FoodTruck outside of `chef`, and will need to " + "install Flask-Bcrypt to get more proper security.") app.bcrypt = Bcrypt(app) @@ -185,6 +168,5 @@ import foodtruck.views.menu # NOQA import foodtruck.views.preview # NOQA import foodtruck.views.publish # NOQA -import foodtruck.views.settings # NOQA import foodtruck.views.sources # NOQA diff -r 91dd760950ad -r 59968ee07a07 piecrust/commands/builtin/admin.py --- a/piecrust/commands/builtin/admin.py Sun Feb 14 19:44:54 2016 -0800 +++ b/piecrust/commands/builtin/admin.py Sun Feb 14 22:06:32 2016 -0800 @@ -95,7 +95,7 @@ fp.write(flask_config) def _generatePassword(self, ctx): - import bcrypt + from foodtruck import bcryptfallback as bcrypt binpw = ctx.args.password.encode('utf8') hashpw = bcrypt.hashpw(binpw, bcrypt.gensalt()).decode('utf8') logger.info(hashpw) diff -r 91dd760950ad -r 59968ee07a07 requirements.txt --- a/requirements.txt Sun Feb 14 19:44:54 2016 -0800 +++ b/requirements.txt Sun Feb 14 22:06:32 2016 -0800 @@ -1,9 +1,7 @@ -bcrypt==2.0.0 cffi==1.5.0 colorama==0.3.3 compressinja==0.0.2 Flask==0.10.1 -Flask-Bcrypt==0.7.1 Flask-Login==0.3.2 Jinja2==2.7.3 Markdown==2.6.2