nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-02-04 08:13:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Made security.mdwn a little more explicit wrt bcrypt.

Browse Source
This commit is contained in:
Nick Daly 2013-11-12 21:13:02 -06:00
parent 2f7b56e6a9
commit 22cce897bc
2 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
doc/security.mdwn
View File

@ -8,23 +8,26 @@ Here is an overview of how user passwords are currently being stored in Plinth.
1. We check if the username or password is empty. If so, return an error message.
2. Use bcrypt (from passlib) to encrypt the password and generate a random salt.
2. Use bcrypt (from passlib) to hash the password with a random salt. bcrypt returns the hash in the format:
$2a$<base 10 number of rounds>$<22-character salt><31-character checksum>
This hashed string will be used in step 5.
3. If the password length is over 4096, bcrypt raises an exception. We catch this exception and return an error message.
4. Check if the username exists in user store. If so, return an error message.
5. If no error has occurred so far, create the new user. The username, hashed password, and salt are stored in the user store databaes. The salt is a substring of the hash output by bcrypt.
5. If no error has occurred so far, create the new user. The username, hashed password, and salt are stored in the user store database. The salt is a substring of the hash output by bcrypt.
### Checking password at login (check_credentials function in auth module):
1. We check if the username or password is empty. If so, return an error message.
2. Use bcrypt to encrypt the supplied password. This step is performed regardless of whether the user already exists. If the user exists, use the salt value stored for that user in the database. Otherwise, don't specify a salt (bcrypt will generate a random one).
2. Use bcrypt to hash the supplied password. This step is performed regardless of whether the user already exists. If the user exists, use the salt value stored for that user in the database, otherwise, a random salt is used.
3. If the password length is over 4096, bcrypt raises an exception. We catch this exception and return an error message.
4. Check if the user doesn't exist, or if the hashed password doesn't match the stored hash. Return an error message "Bad user-name or password" if either of these conditions are true.
5. If no error has occurred so far, return None to indicate that the supplied credentials are valid.

2
modules/installed/system/users.py
View File

@ -112,7 +112,7 @@ class edit(FormPlugin, PagePlugin):
u = cfg.users[kwargs['username']]
if not u:
main = _("<p>Could not find a user with username of %s!</p>" % kwargs['username'])
return self.fill_template(template="err", title=_("Unnown User"), main=main,
return self.fill_template(template="err", title=_("Unknown User"), main=main,
sidebar_left=self.sidebar_left, sidebar_right=sidebar_right)
main = _("""<strong>Edit User '%s'</strong>""" % u['username'])