mirror of
https://github.com/freedombox/FreedomBox.git
synced 2026-01-28 08:03:36 +00:00
31 lines
1.5 KiB
Markdown
31 lines
1.5 KiB
Markdown
# Security
|
|
|
|
## Password Storage
|
|
|
|
Here is an overview of how user passwords are currently being stored in Plinth.
|
|
|
|
### Storing a password (add_user function in auth module):
|
|
|
|
1. We check if the username or password is empty. If so, return an error message.
|
|
|
|
2. Use bcrypt (from passlib) to encrypt the password and generate a random salt.
|
|
|
|
3. If the password length is over 4096, bcrypt raises an exception. We catch this exception and return an error message.
|
|
|
|
4. Check if the username exists in user store. If so, return an error message.
|
|
|
|
5. If no error has occurred so far, create the new user. The username, hashed password, and salt are stored in the user store databaes. The salt is a substring of the hash output by bcrypt.
|
|
|
|
### Checking password at login (check_credentials function in auth module):
|
|
|
|
1. We check if the username or password is empty. If so, return an error message.
|
|
|
|
2. Use bcrypt to encrypt the supplied password. This step is performed regardless of whether the user already exists. If the user exists, use the salt value stored for that user in the database. Otherwise, don't specify a salt (bcrypt will generate a random one).
|
|
|
|
3. If the password length is over 4096, bcrypt raises an exception. We catch this exception and return an error message.
|
|
|
|
4. Check if the user doesn't exist, or if the hashed password doesn't match the stored hash. Return an error message "Bad user-name or password" if either of these conditions are true.
|
|
|
|
5. If no error has occurred so far, return None to indicate that the supplied credentials are valid.
|
|
|