diff options
author | Frederick Muriuki Muriithi | 2023-03-08 11:42:04 +0300 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2023-03-08 11:42:04 +0300 |
commit | a35d16f9a191afbb31e2c185e87e5eec5e23122f (patch) | |
tree | 2e56592510b7c4c8a53f513999d7104c1a1eb51a /gn3/auth/authentication/users.py | |
parent | 5a8cc0d7fc241494580cd4a060690eaf09ff46d7 (diff) | |
download | genenetwork3-a35d16f9a191afbb31e2c185e87e5eec5e23122f.tar.gz |
auth: users: Use the same basic functions for password hashing
To avoid repeating the same thing in multiple places, leading to errors and
breakages, reuse the same basic functions for password hashing.
Diffstat (limited to 'gn3/auth/authentication/users.py')
-rw-r--r-- | gn3/auth/authentication/users.py | 23 |
1 files changed, 19 insertions, 4 deletions
diff --git a/gn3/auth/authentication/users.py b/gn3/auth/authentication/users.py index 5ee148f..17e89ae 100644 --- a/gn3/auth/authentication/users.py +++ b/gn3/auth/authentication/users.py @@ -61,9 +61,8 @@ def valid_login(conn: db.DbConnection, user: User, password: str) -> bool: if row is None: return False - hasher = PasswordHasher() # TODO: Maybe tune the parameters here... try: - return hasher.verify(row["password"], password) + return hasher().verify(row["password"], password) except VerifyMismatchError as _vme: return False @@ -81,11 +80,27 @@ def save_user(cursor: db.DbCursor, email: str, name: str) -> User: (str(user_id), email, name)) return User(user_id, email, name) +def hasher(): + """Retrieve PasswordHasher object""" + # TODO: Maybe tune the parameters here... + # Tuneable Parameters: + # - time_cost (default: 2) + # - memory_cost (default: 102400) + # - parallelism (default: 8) + # - hash_len (default: 16) + # - salt_len (default: 16) + # - encoding (default: 'utf-8') + # - type (default: <Type.ID: 2>) + return PasswordHasher() + +def hash_password(password): + """Hash the password.""" + return hasher().hash(password) + def set_user_password( cursor: db.DbCursor, user: User, password: str) -> Tuple[User, bytes]: """Set the given user's password in the database.""" - hasher = PasswordHasher() # TODO: Maybe tune the parameters here... - hashed_password = hasher.hash(password) + hashed_password = hash_password(password) cursor.execute( ("INSERT INTO user_credentials VALUES (:user_id, :hash) " "ON CONFLICT (user_id) DO UPDATE SET password=:hash"), |