Hash password

This commit is contained in:
Emily 2019-04-26 06:23:40 +01:00
parent e9a24588a0
commit 72d196ee7f
3 changed files with 14 additions and 4 deletions

View File

@ -56,9 +56,8 @@ class User(UserMixin):
SELECT *
FROM Bruker
WHERE Epost = %s
AND Passord = %s
LIMIT 1;
""", login)
""", (login[0],))
user = cur.fetchone()
@ -67,6 +66,9 @@ class User(UserMixin):
if user is None:
raise Exception("Invalid login")
if not glob.check_password(login[1], user[2]):
raise Exception("Incorrect password")
self.id, self.email, self.password, self.firstname, self.surname = user
def register_account(email, password, firstname, surname):
@ -77,7 +79,7 @@ def register_account(email, password, firstname, surname):
INSERT INTO
Bruker (Epost, Passord, Fornavn, Etternavn)
VALUES (%s, %s, %s, %s);
""", (email, password, firstname, surname))
""", (email, glob.hash_password(password), firstname, surname))
conn.commit()
cur.close()

View File

@ -2,6 +2,7 @@ import os
import json
import shutil
import mysql.connector
import bcrypt
# ------------------------------------------------------------------------------
# Global variables that is None by default and gets overwritten in other modules
@ -27,3 +28,9 @@ def get_sql_connection():
if sql_conn is None or not sql_conn.is_connected():
sql_conn = make_sql_connection()
return sql_conn
def hash_password(password):
return bcrypt.hashpw(password.encode(), bcrypt.gensalt(10, prefix=b"2a")).decode()
def check_password(p1, p2):
return bcrypt.checkpw(p1.encode(), p2.encode())

View File

@ -1,3 +1,4 @@
Flask>=1.0.2
Flask-WTF>=0.14.2
flask_login>=0.4.1
flask_login>=0.4.1
bcrypt