mirror of
https://git.anonymousland.org/anonymousland/synapse-product.git
synced 2024-10-01 08:25:44 -04:00
use bcrypt.checkpw
in bcrypt 3.1.0 checkpw got introduced (already 2 years ago) This makes use of that with enhancements which might get introduced by that Signed-Off-by: Matthias Kesler <krombel@krombel.de>
This commit is contained in:
parent
d032785aa7
commit
ed9b5eced4
@ -863,8 +863,10 @@ class AuthHandler(BaseHandler):
|
|||||||
"""
|
"""
|
||||||
|
|
||||||
def _do_validate_hash():
|
def _do_validate_hash():
|
||||||
return bcrypt.hashpw(password.encode('utf8') + self.hs.config.password_pepper,
|
return bcrypt.checkpw(
|
||||||
stored_hash.encode('utf8')) == stored_hash
|
password.encode('utf8') + self.hs.config.password_pepper,
|
||||||
|
stored_hash.encode('utf8')
|
||||||
|
)
|
||||||
|
|
||||||
if stored_hash:
|
if stored_hash:
|
||||||
return make_deferred_yieldable(threads.deferToThread(_do_validate_hash))
|
return make_deferred_yieldable(threads.deferToThread(_do_validate_hash))
|
||||||
|
@ -31,7 +31,7 @@ REQUIREMENTS = {
|
|||||||
"pyyaml": ["yaml"],
|
"pyyaml": ["yaml"],
|
||||||
"pyasn1": ["pyasn1"],
|
"pyasn1": ["pyasn1"],
|
||||||
"daemonize": ["daemonize"],
|
"daemonize": ["daemonize"],
|
||||||
"bcrypt": ["bcrypt"],
|
"bcrypt": ["bcrypt>=3.1.0"],
|
||||||
"pillow": ["PIL"],
|
"pillow": ["PIL"],
|
||||||
"pydenticon": ["pydenticon"],
|
"pydenticon": ["pydenticon"],
|
||||||
"ujson": ["ujson"],
|
"ujson": ["ujson"],
|
||||||
|
Loading…
Reference in New Issue
Block a user