From ffc271a53abfb6b77cb09162947bbcf87e5bcdd4 Mon Sep 17 00:00:00 2001 From: James Lu Date: Sat, 19 Nov 2016 17:47:55 -0800 Subject: [PATCH] login: Use a slightly faster CryptContext --- coremods/login.py | 7 ++++++- example-conf.yml | 2 +- pylink-mkpasswd | 4 ++-- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/coremods/login.py b/coremods/login.py index 5b7280c..9fc810e 100644 --- a/coremods/login.py +++ b/coremods/login.py @@ -4,7 +4,12 @@ login.py - Implement core login abstraction. from pylinkirc import conf, utils, world from pylinkirc.log import log -from passlib.apps import custom_app_context as pwd_context +from passlib.context import CryptContext + +pwd_context = CryptContext(["sha512_crypt", "sha256_crypt"], + all__vary_rounds=0.1, + sha256_crypt__default_rounds=180000, + sha512_crypt__default_rounds=90000) def checkLogin(user, password): """Checks whether the given user and password is a valid combination.""" diff --git a/example-conf.yml b/example-conf.yml index 2e7189b..115b7bf 100644 --- a/example-conf.yml +++ b/example-conf.yml @@ -51,7 +51,7 @@ login: user1: # Defines the password for the user. You can encrypt passwords using the # 'mkpasswd' command or the 'pylink-mkpasswd' utility included with PyLink. - password: "$6$rounds=617998$BwHhwX4wB5R0H9uw$Lyo.4icYjVSnSCDsjNIO5Ap5LAcyqLspBcUqVR0qlIB9o6vKU.WyrttHZum4dVW35cuc2wGP2SKa5Bv/svdiv1" + password: "$6$rounds=81447$WlVlZYCgbnjPmVqy$28Tu/Zl0xNpePqimax2wABKn5GCoWomYEI1Pu5jqYyQNULazR4BxQmscZ0MgBHqBCCke.3u5eOtBSZwL3WwVf0" # Determines whether the password given is in plain-text. Defaults to false # (plain text) for backwards compatibility. diff --git a/pylink-mkpasswd b/pylink-mkpasswd index a2da79a..9982cd0 100755 --- a/pylink-mkpasswd +++ b/pylink-mkpasswd @@ -3,8 +3,8 @@ Password hashing utility for PyLink IRC Services. """ -import passlib -from passlib.apps import custom_app_context as pwd_context +#import passlib +from pylinkirc.coremods.login import pwd_context if __name__ == '__main__': import argparse