diff options
| author | Justin Santa Barbara <justin@fathomdb.com> | 2012-02-08 11:50:34 -0800 |
|---|---|---|
| committer | Justin Santa Barbara <justin@fathomdb.com> | 2012-02-08 13:54:20 -0800 |
| commit | 26655dc7b7a5cf8374e1ecf4a9852e38a47be3b8 (patch) | |
| tree | 4406ad77a406c2a7b0fdc1dbe8652fffe5848098 /keystone/common | |
| parent | 524d3d1c419ad5fb71039fe7022195a9b8f9980e (diff) | |
| download | keystone-26655dc7b7a5cf8374e1ecf4a9852e38a47be3b8.tar.gz keystone-26655dc7b7a5cf8374e1ecf4a9852e38a47be3b8.tar.xz keystone-26655dc7b7a5cf8374e1ecf4a9852e38a47be3b8.zip | |
Fix comment on bcrypt and avoid hard-coding 29 as the salt length
Change-Id: Ifc78535ea79e071b7953769ff26eed8ecf666dc2
Diffstat (limited to 'keystone/common')
| -rw-r--r-- | keystone/common/utils.py | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/keystone/common/utils.py b/keystone/common/utils.py index 6997eddd..43a4d420 100644 --- a/keystone/common/utils.py +++ b/keystone/common/utils.py @@ -151,15 +151,14 @@ def hash_password(password): def check_password(password, hashed): """Check that a plaintext password matches hashed. - Due to the way bcrypt works, hashing a password with the hashed - version of that password as salt will return the hashed version - of that password (mostly). Neat! + hashpw returns the salt value concatenated with the actual hash value. + It extracts the actual salt if this value is then passed as the salt. """ if password is None: return False password_utf8 = password.encode('utf-8') - check = bcrypt.hashpw(password_utf8, hashed[:29]) + check = bcrypt.hashpw(password_utf8, hashed) return check == hashed |