use generated salts instead of fixed ones

2026-05-05 03:39:13 -05:00 · 2017-09-12 21:43:24 -04:00
parent b4f9fc3a5e
commit 8bc1bdd5f7
5 changed files with 20 additions and 15 deletions
@@ -1,12 +1,15 @@
 import scrypt  # pip install scrypt
+import sql

 def getVerificationHash(password):
-    salt = "dc73b57736511340f132e4b5521d178afa6311c45e0c25e6a9339038507852a6"
+    # getOption returns unicode bytes which scrypt doesn't like
+    salt = sql.getOption('verification_salt').encode('ascii', 'ignore')

    return getScryptHash(password, salt)

 def getEncryptionHash(password):
-    salt = "2503bfc386bc028772f803887eaaf4d4a5c1019036873e4ba5de79a4efb7e8d8"
+    # getOption returns unicode bytes which scrypt doesn't like
+    salt = sql.getOption('encryption_salt').encode('ascii', 'ignore')

    return getScryptHash(password, salt)

@@ -1,7 +1,7 @@
 from flask import Blueprint, jsonify
 from flask_login import login_required

-from sql import getResults, getSingleResult
+from sql import getResults, getSingleResult, getOption

 tree_api = Blueprint('tree_api', __name__)

@@ -40,5 +40,7 @@ def getTree():
    retObject = {}
    retObject['notes'] = rootNotes
    retObject['start_note_id'] = getSingleResult('select * from options where opt_name = "start_node"')['opt_value'];
+    retObject['verification_salt'] = getOption('verification_salt')
+    retObject['encryption_salt'] = getOption('encryption_salt')

    return jsonify(retObject)