nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-01-21 07:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix check for already existing username in add_user. Add documentation of process for storing and validating hashed passwords.

Browse Source
This commit is contained in:
James Valleroy 2013-11-04 01:14:17 +00:00 committed by Nick Daly
parent f7ad1089a5
commit 3a696e0bb9
3 changed files with 32 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/Makefile
View File

@ -6,7 +6,7 @@ PDFLATEX=pdflatex
# List text files in the order in which you want them to appear in the
# complete manual:
SOURCES=README.mdwn INSTALL.mdwn themes.mdwn hacking.mdwn TODO.mdwn modules.mdwn scripts.mdwn faq.mdwn COPYING.mdwn colophon.mdwn
SOURCES=README.mdwn INSTALL.mdwn themes.mdwn hacking.mdwn TODO.mdwn modules.mdwn scripts.mdwn security.mdwn faq.mdwn COPYING.mdwn colophon.mdwn
OTHER=
TODO_SOURCES=$(patsubst TODO.mdwn,,$(SOURCES))
MAN_SOURCES=$(patsubst COPYING.mdwn,copyright_notice00,$(SOURCES))

30
doc/security.mdwn Normal file
View File

@ -0,0 +1,30 @@
# Security
## Password Storage
Here is an overview of how user passwords are currently being stored in Plinth.
### Storing a password (add_user function in auth module):
1. We check if the username or password is empty. If so, return an error message.
2. Use bcrypt (from passlib) to encrypt the password and generate a random salt. This step is performed regardless of whether the user already exists.
3. If the password length is over 4096, bcrypt raises an exception. We catch this exception and return an error message.
4. Check if the username exists in user store. If so, return an error message.
5. If no error has occurred so far, create the new user. The username, hashed password, and salt are stored in the user store databaes. The salt is a substring of the hash output by bcrypt.
### Checking password at login (check_credentials function in auth module):
1. We check if the username or password is empty. If so, return an error message.
2. Use bcrypt to encrypt the supplied password. This step is performed regardless of whether the user already exists. If the user exists, use the salt value stored for that user in the database. Otherwise, don't specify a salt (bcrypt will generate a random one).
3. If the password length is over 4096, bcrypt raises an exception. We catch this exception and return an error message.
4. Check if the user doesn't exist, or if the hashed password doesn't match the stored hash. Return an error message "Bad user-name or password" if either of these conditions are true.
5. If no error has occurred so far, return None to indicate that the supplied credentials are valid.

2
modules/installed/lib/auth.py
View File

@ -33,7 +33,7 @@ def add_user(username, passphrase, name='', email='', expert=False):
error = "Password is too long."
if error is None:
if username in cfg.users.get_all():
if username in map(lambda x: x[0], cfg.users.get_all()):
error = "User already exists!"
else:
di = {