Mercurial > piecrust2
changeset 640:59968ee07a07
admin: Don't require `bcrypt` for running FoodTruck with `chef`.
| author | Ludovic Chabant <ludovic@chabant.com> |
|---|---|
| date | Sun, 14 Feb 2016 22:06:32 -0800 |
| parents | 91dd760950ad |
| children | 35221f5fe0dd |
| files | foodtruck/bcryptfallback.py foodtruck/web.py piecrust/commands/builtin/admin.py requirements.txt |
| diffstat | 4 files changed, 54 insertions(+), 27 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/foodtruck/bcryptfallback.py Sun Feb 14 22:06:32 2016 -0800 @@ -0,0 +1,47 @@ +import hashlib +import logging + + +print_warning = False +logger = logging.getLogger(__name__) + + +try: + from bcrypt import hashpw, gensalt +except ImportError: + print_warning = True + + def hashpw(password, *args, **kwargs): + return hashlib.sha512(password).hexdigest().encode('utf8') + + def gensalt(*args, **kwargs): + return b'' + + +try: + from flask.ext.bcrypt import Bcrypt +except ImportError: + print_warning = True + + def generate_password_hash(password): + return hashlib.sha512(password.encode('utf8')).hexdigest() + + def check_password_hash(reference, check): + check_hash = hashlib.sha512(check.encode('utf8')).hexdigest() + return check_hash == reference + + class SHA512Fallback(object): + is_fallback_bcrypt = True + + def __init__(self, app=None): + self.generate_password_hash = generate_password_hash + self.check_password_hash = check_password_hash + + Bcrypt = SHA512Fallback + + +if print_warning: + logging.warning("Bcrypt not available... falling back to SHA512.") + logging.warning("Run `pip install Flask-Bcrypt` for more secure " + "password hashing.") +
--- a/foodtruck/web.py Sun Feb 14 19:44:54 2016 -0800 +++ b/foodtruck/web.py Sun Feb 14 22:06:32 2016 -0800 @@ -153,29 +153,12 @@ login_manager.login_view = None -try: - from flask.ext.bcrypt import Bcrypt -except ImportError: - logging.warning("Bcrypt not available... falling back to SHA512.") - logging.warning("Run `pip install Flask-Bcrypt` for more secure " - "password hashing.") - - import hashlib - - def generate_password_hash(password): - return hashlib.sha512(password.encode('utf8')).hexdigest() - - def check_password_hash(reference, check): - check_hash = hashlib.sha512(check.encode('utf8')).hexdigest() - return check_hash == reference - - class SHA512Fallback(object): - def __init__(self, app=None): - self.generate_password_hash = generate_password_hash - self.check_password_hash = check_password_hash - - Bcrypt = SHA512Fallback - +from foodtruck.bcryptfallback import Bcrypt +if (getattr(Bcrypt, 'is_fallback_bcrypt', None) is True and + not app.config['FOODTRUCK_CMDLINE_MODE']): + raise Exception( + "You're running FoodTruck outside of `chef`, and will need to " + "install Flask-Bcrypt to get more proper security.") app.bcrypt = Bcrypt(app) @@ -185,6 +168,5 @@ import foodtruck.views.menu # NOQA import foodtruck.views.preview # NOQA import foodtruck.views.publish # NOQA -import foodtruck.views.settings # NOQA import foodtruck.views.sources # NOQA
--- a/piecrust/commands/builtin/admin.py Sun Feb 14 19:44:54 2016 -0800 +++ b/piecrust/commands/builtin/admin.py Sun Feb 14 22:06:32 2016 -0800 @@ -95,7 +95,7 @@ fp.write(flask_config) def _generatePassword(self, ctx): - import bcrypt + from foodtruck import bcryptfallback as bcrypt binpw = ctx.args.password.encode('utf8') hashpw = bcrypt.hashpw(binpw, bcrypt.gensalt()).decode('utf8') logger.info(hashpw)