Merge branch 'master' of https://github.com/hailey/sms-proj

app_auth.py

@@ -1,11 +1,12 @@
 import hashlib, binascii, os
+import pprint
 import google_auth
 import configparser
 
 config = configparser.ConfigParser()
 config.read('config.ini')
 app_debug = config.get("app","debug")
-salt = config.get("auth","FN_FLASK_SECRET_KEY")
+app_salt = config.get("auth","FN_FLASK_SECRET_KEY")
 
 def is_logged_in():
     if google_auth.is_logged_in():
@@ -14,18 +15,14 @@ def is_logged_in():
 
 def hash_password(password):
     """Hash a password for storing."""
-    pwdhash = hashlib.pbkdf2_hmac('sha512', password.encode('utf-8'),
-                                salt, 100000)
-    pwdhash = binascii.hexlify(pwdhash)
-    return (salt + pwdhash).decode('ascii')
+    pwdhash = hashlib.pbkdf2_hmac('sha512', password,
+                                app_salt.encode('ascii'), 100000)
+    pwdhash = binascii.hexlify(pwdhash).decode('ascii')
+    return pwdhash
 
 def verify_password(stored_password, provided_password):
     """Verify a stored password against one provided by user"""
-    salt = salt
-    stored_password = stored_password[64:]
-    pwdhash = hashlib.pbkdf2_hmac('sha512',
-                                  provided_password.encode('utf-8'),
-                                  salt.encode('ascii'),
-                                  100000)
+    pwdhash = hashlib.pbkdf2_hmac('sha512', provided_password,
+                                  app_salt.encode('ascii'), 100000)
     pwdhash = binascii.hexlify(pwdhash).decode('ascii')
     return pwdhash == stored_password

templates/settings.html

@@ -19,6 +19,7 @@
         <div class='googleID'>Google ID: {{ user_info.id }}</div>
     </div>
     <div id='passwdForm'>
+      <div class='largeField'><h3>Local Password</h3></div>
       <div class='passwd'>Password: <input type='password' id='passwdone' /></div>
       <div class='passwd'>Confirm: <input type='password' id='passwdtwo' /></div>
       <div class='submitpw'><input type='button' value='Update Password' /></div>