Home Explore Help
Sign In
FFDN
/
Cavote
4
0
Fork 0
Files Issues 2 Pull Requests 0
Browse Source

Better crypto for storing passwords

Instead of hash(passwd), store hash(SALT, key, passwd) where:
 - SALT is application-specific
 - key is random and changed each time passwd changes

To login as admin the first time, go and see /login/1/victory
Rogdham 12 years ago
parent
ea22ed1525
commit
a88b78af17
2 changed files with 35 additions and 15 deletions
Unified View Show Diff Stats
  1. 32 13
      main.py
  2. 3 2
      schema.sql

+ 32 - 13
main.py
View File 

@@ -15,11 +15,12 @@ import smtplib
 
 import string
 
 import string
 
 
 
 DATABASE = '/tmp/cavote.db'
 
 DATABASE = '/tmp/cavote.db'
 
+PASSWD_SALT = 'change this value to some random chars!'
 
 SECRET_KEY = '{J@uRKO,xO-PK7B,jF?>iHbxLasF9s#zjOoy=+:'
 
 SECRET_KEY = '{J@uRKO,xO-PK7B,jF?>iHbxLasF9s#zjOoy=+:'
 
 DEBUG = True
 
 DEBUG = True
 
 TITLE = u"Cavote FFDN"
 
 TITLE = u"Cavote FFDN"
 
 EMAIL = '"' + TITLE + '"' + ' <' + u"cavote@ffdn.org" + '>'
 
 EMAIL = '"' + TITLE + '"' + ' <' + u"cavote@ffdn.org" + '>'
 
-VERSION = "cavote 0.1.0"
 
+VERSION = "cavote 0.1.1"
 
 SMTP_SERVER = "10.33.33.30"
 
 SMTP_SERVER = "10.33.33.30"
 
 PATTERNS = {u'Oui/Non': [u'Oui', u'Non'], u'Oui/Non/Blanc': [u'Oui', u'Non', u'Blanc'], u'Oui/Non/Peut-être': [u'Oui', u'Non', u'Peut-être']}
 
 PATTERNS = {u'Oui/Non': [u'Oui', u'Non'], u'Oui/Non/Blanc': [u'Oui', u'Non', u'Blanc'], u'Oui/Non/Peut-être': [u'Oui', u'Non', u'Peut-être']}
 
 
 
@@ -57,8 +58,17 @@ def init_db():
 
 #----------------
 
 #----------------
 
 # Login / Logout
 
 # Login / Logout
 
 
 
-def valid_login(username, password):
 
-    return query_db('select * from users where email = ? and password = ?', [username, crypt(password)], one=True)
 
+def valid_login(email, password):
 
+    # get user key
 
+    user_key = query_db('select key from users where email = ?', (email,),
 
+            one=True)
 
+    if not user_key:
 
+        # no such user
 
+        return None
 
+    user_key = user_key['key']
 
+    # try password
 
+    return query_db('select * from users where email = ? and password = ?',
 
+            [email, crypt(password, user_key)], one=True)
 
 
 
 def connect_user(user):
 
 def connect_user(user):
 
     session['user'] = user
 
     session['user'] = user
 
@@ -68,8 +78,12 @@ def connect_user(user):
 
 def disconnect_user():
 
 def disconnect_user():
 
     session.pop('user', None)
 
     session.pop('user', None)
 
 
 
-def crypt(passwd):
 
-    return hashlib.sha1(passwd).hexdigest() 
+def crypt(passwd, user_key):
 
+    # the per-user salt should not be stored in the db
 
+    # storing the passwd... but this is better than nothing
 
+    per_user_salt = hashlib.sha1(user_key).hexdigest()
 
+    salt_passwd = '%s%s%s' % (app.config['PASSWD_SALT'], per_user_salt, passwd)
 
+    return hashlib.sha1(salt_passwd).hexdigest()
 
 
 
 def keygen():
 
 def keygen():
 
     return hashlib.sha1(os.urandom(24)).hexdigest()
 
     return hashlib.sha1(os.urandom(24)).hexdigest()
 
@@ -116,7 +130,7 @@ def password_lost():
 
         if user is None:
 
         if user is None:
 
             flash('Cet utilisateur n\'existe pas !', 'error')
 
             flash('Cet utilisateur n\'existe pas !', 'error')
 
         else:
 
         else:
 
-            key = keygen()
 
+            key = 'v%s' % keygen() # start with v: valid key
 
             g.db.execute('update users set key = ? where id = ?', [key, user['id']])
 
             g.db.execute('update users set key = ? where id = ?', [key, user['id']])
 
             g.db.commit()
 
             g.db.commit()
 
             link = request.url_root + url_for('login_key', userid=user['id'], key=key)
 
             link = request.url_root + url_for('login_key', userid=user['id'], key=key)
 
@@ -145,12 +159,10 @@ def password_lost():
 
 @app.route('/login/<userid>/<key>')
 
 @app.route('/login/<userid>/<key>')
 
 def login_key(userid, key):
 
 def login_key(userid, key):
 
     user = query_db('select * from users where id = ? and key = ?', [userid, key], one=True)
 
     user = query_db('select * from users where id = ? and key = ?', [userid, key], one=True)
 
-    if user is None or user['key'] == "invalid":
 
+    if user is None or user['key'][0] != "v":
 
         abort(404)
 
         abort(404)
 
     else:
 
     else:
 
         connect_user(user)
 
         connect_user(user)
 
-        g.db.execute('update users set key = "invalid" where id = ?', [user['id']])
 
-        g.db.commit()
 
         flash(u"Veuillez mettre à jour votre mot de passe", 'info')
 
         flash(u"Veuillez mettre à jour votre mot de passe", 'info')
 
         return redirect(url_for('user_password', userid=user['id']))
 
         return redirect(url_for('user_password', userid=user['id']))
 
 
 
@@ -193,7 +205,12 @@ def user_password(userid):
 
         abort(401)
 
         abort(401)
 
     if request.method == 'POST':
 
     if request.method == 'POST':
 
         if request.form['password'] == request.form['password2']:
 
         if request.form['password'] == request.form['password2']:
 
-            g.db.execute('update users set password = ? where id = ?', [crypt(request.form['password']), session['user']['id']])
 
+            # new (invalid) key
 
+            key = 'i%s' % keygen() # start with i: invalid key
 
+            print "\n\nchange key for %s\n" % key # FIXME TMP
 
+            g.db.execute('update users set password = ?, key = ? where id = ?',
 
+                    [crypt(request.form['password'], key),
 
+                        key, session['user']['id']])
 
             g.db.commit()
 
             g.db.commit()
 
             flash(u'Votre mot de passe a été mis à jour.', 'success')
 
             flash(u'Votre mot de passe a été mis à jour.', 'success')
 
         else:
 
         else:
 
@@ -231,13 +248,15 @@ def admin_user_add():
 
             if query_db('select * from users where email=?', [request.form['email']], one=True) is None:
 
             if query_db('select * from users where email=?', [request.form['email']], one=True) is None:
 
                 if request.form['username']:
 
                 if request.form['username']:
 
                     if query_db('select * from users where name=?', [request.form['username']], one=True) is None:
 
                     if query_db('select * from users where name=?', [request.form['username']], one=True) is None:
 
-                        password = keygen()
 
                         admin = 0
 
                         admin = 0
 
                         if 'admin' in request.form.keys():
 
                         if 'admin' in request.form.keys():
 
                             admin = 1
 
                             admin = 1
 
-                        key = keygen()
 
+                        key = 'v%s' % keygen()
 
                         g.db.execute('insert into users (email, name, organization, password, is_admin, key) values (?, ?, ?, ?, ?, ?)',
 
                         g.db.execute('insert into users (email, name, organization, password, is_admin, key) values (?, ?, ?, ?, ?, ?)',
 
-                                [request.form['email'], request.form['username'], request.form['organization'], password, admin, key])
 
+                                [request.form['email'],
 
+                                    request.form['username'],
 
+                                    request.form['organization'],
 
+                                    '', admin, key])
 
                         g.db.commit()
 
                         g.db.commit()
 
                         user = query_db('select * from users where email = ?', [request.form["email"]], one=True)
 
                         user = query_db('select * from users where email = ?', [request.form["email"]], one=True)
 
                         if user:
 
                         if user:

+ 3 - 2
schema.sql
View File 

@@ -83,9 +83,10 @@ create table user_choice (
 
 
 
 -- Test data
 
 -- Test data
 
 
 
-INSERT INTO users (id, email, password, name, organization, is_admin, key) VALUES (1, "admin@admin.fr", "d033e22ae348aeb5660fc2140aec35850c4da997", "Toto (admin) Tata", "World corp", 1, "test"); -- mdp = admin
 
+INSERT INTO users (id, email, password, name, organization, is_admin, key)
 
+VALUES (1, "admin@admin.fr", "", "Toto (admin) Tata", "World corp", 1, "victory");
 
+-- to login, go to /login/1/victory
 
 INSERT INTO groups (id, name, system) VALUES (1, "Tous", 1);
 
 INSERT INTO groups (id, name, system) VALUES (1, "Tous", 1);
 
 INSERT INTO groups (name) VALUES ("CA");
 
 INSERT INTO groups (name) VALUES ("CA");
 
 INSERT INTO groups (name) VALUES ("Membres");
 
 INSERT INTO groups (name) VALUES ("Membres");
 
 INSERT INTO user_group (id_user, id_group) VALUES(1, 1);
 
 INSERT INTO user_group (id_user, id_group) VALUES(1, 1);
 
-