diff --git a/app_auth.py b/app_auth.py
index 70323c2..cd19500 100644
--- a/app_auth.py
+++ b/app_auth.py
@@ -1,11 +1,12 @@
import hashlib, binascii, os
+import pprint
import google_auth
import configparser
config = configparser.ConfigParser()
config.read('config.ini')
app_debug = config.get("app","debug")
-salt = config.get("auth","FN_FLASK_SECRET_KEY")
+app_salt = config.get("auth","FN_FLASK_SECRET_KEY")
def is_logged_in():
if google_auth.is_logged_in():
@@ -14,18 +15,14 @@ def is_logged_in():
def hash_password(password):
"""Hash a password for storing."""
- pwdhash = hashlib.pbkdf2_hmac('sha512', password.encode('utf-8'),
- salt, 100000)
- pwdhash = binascii.hexlify(pwdhash)
- return (salt + pwdhash).decode('ascii')
+ pwdhash = hashlib.pbkdf2_hmac('sha512', password,
+ app_salt.encode('ascii'), 100000)
+ pwdhash = binascii.hexlify(pwdhash).decode('ascii')
+ return pwdhash
def verify_password(stored_password, provided_password):
"""Verify a stored password against one provided by user"""
- salt = salt
- stored_password = stored_password[64:]
- pwdhash = hashlib.pbkdf2_hmac('sha512',
- provided_password.encode('utf-8'),
- salt.encode('ascii'),
- 100000)
+ pwdhash = hashlib.pbkdf2_hmac('sha512', provided_password,
+ app_salt.encode('ascii'), 100000)
pwdhash = binascii.hexlify(pwdhash).decode('ascii')
return pwdhash == stored_password
diff --git a/templates/settings.html b/templates/settings.html
index b07f5ce..5b701f6 100644
--- a/templates/settings.html
+++ b/templates/settings.html
@@ -19,6 +19,7 @@
Google ID: {{ user_info.id }}