Commit 3278823f authored by JackV's avatar JackV
Browse files

Switch from plain-text to crypt for password storage

parent 1266f0e8
......@@ -4,6 +4,7 @@ from flask_redis import FlaskRedis
from flask_httpauth import HTTPBasicAuth
import re
import os
import crypt
app = flask.Flask(__name__)
......@@ -24,13 +25,14 @@ def handle_redirect(path):
return flask.abort(404)
def handle_login(username):
password = redis_store.get("user." + username)
if password is not None:
return password.decode()
def handle_login(username, password):
crypt_pw = redis_store.get("user." + username)
if crypt_pw is not None:
crypt_pw = crypt_pw.decode()
return crypt_pw == crypt.crypt(password, crypt_pw)
return None
return False
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment