move permissions module password hashing to utils/security.py

author: jesopo 2020-02-24 11:43:55 +0000
committer: jesopo 2020-02-24 11:43:55 +0000
commit: cca3817537f1e895db4598594520bfbc24a36cb7 (patch)
tree: 8aaabbdecf5db4289f37e07f5e3dc6a322a3966f /src/utils/security.py
parent: fix utils.datetime.format.to_pretty_time typehinting (diff)
1 files changed, 12 insertions, 1 deletions
diff --git a/src/utils/security.py b/src/utils/security.py
index bb21a523..14f92aa0 100644
--- a/src/utils/security.py
+++ b/src/utils/security.py
@@ -1,4 +1,4 @@
-import base64, hmac, socket, ssl, typing
+import base64, binascii, hmac, os, socket, ssl, typing
 
 def ssl_context(cert: str=None, key: str=None, verify: bool=True
         ) -> ssl.SSLContext:
@@ -25,6 +25,17 @@ def ssl_wrap(sock: socket.socket, cert: str=None, key: str=None,
 def constant_time_compare(a: typing.AnyStr, b: typing.AnyStr) -> bool:
     return hmac.compare_digest(a, b)
 
+import scrypt
+def password(byte_n: int=32):
+    return binascii.hexlify(os.urandom(byte_n)).decode("utf8")
+def salt(byte_n: int=64) -> bytes:
+    return base64.b64encode(os.urandom(byte_n)).decode("utf8")
+def hash(given_salt: str, data: str):
+    return base64.b64encode(scrypt.hash(data, given_salt)).decode("utf8")
+def hash_verify(salt: str, data: str, compare: str):
+    given_hash = hash(salt, data)
+    return constant_time_compare(given_hash, compare)
+
 from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives import serialization
 from cryptography.hazmat.primitives import hashes
author	jesopo	2020-02-24 11:43:55 +0000
committer	jesopo	2020-02-24 11:43:55 +0000
commit	cca3817537f1e895db4598594520bfbc24a36cb7 (patch)
tree	8aaabbdecf5db4289f37e07f5e3dc6a322a3966f /src/utils/security.py
parent	fix utils.datetime.format.to_pretty_time typehinting (diff)
signature