From 02101b6f827c4b311b483b4ea702c10f3daf4642 Mon Sep 17 00:00:00 2001
From: Hailey <hailey@athnex.com>
Date: Fri, 11 Oct 2019 21:27:45 -0700
Subject: [PATCH] Adding some hasing functions

---
 app_auth.py             | 19 ++++++++-----------
 templates/settings.html |  1 +
 2 files changed, 9 insertions(+), 11 deletions(-)

diff --git a/app_auth.py b/app_auth.py
index 70323c2..cd19500 100644
--- a/app_auth.py
+++ b/app_auth.py
@@ -1,11 +1,12 @@
 import hashlib, binascii, os
+import pprint
 import google_auth
 import configparser
 
 config = configparser.ConfigParser()
 config.read('config.ini')
 app_debug = config.get("app","debug")
-salt = config.get("auth","FN_FLASK_SECRET_KEY")
+app_salt = config.get("auth","FN_FLASK_SECRET_KEY")
 
 def is_logged_in():
     if google_auth.is_logged_in():
@@ -14,18 +15,14 @@ def is_logged_in():
 
 def hash_password(password):
     """Hash a password for storing."""
-    pwdhash = hashlib.pbkdf2_hmac('sha512', password.encode('utf-8'),
-                                salt, 100000)
-    pwdhash = binascii.hexlify(pwdhash)
-    return (salt + pwdhash).decode('ascii')
+    pwdhash = hashlib.pbkdf2_hmac('sha512', password,
+                                app_salt.encode('ascii'), 100000)
+    pwdhash = binascii.hexlify(pwdhash).decode('ascii')
+    return pwdhash
 
 def verify_password(stored_password, provided_password):
     """Verify a stored password against one provided by user"""
-    salt = salt
-    stored_password = stored_password[64:]
-    pwdhash = hashlib.pbkdf2_hmac('sha512',
-                                  provided_password.encode('utf-8'),
-                                  salt.encode('ascii'),
-                                  100000)
+    pwdhash = hashlib.pbkdf2_hmac('sha512', provided_password,
+                                  app_salt.encode('ascii'), 100000)
     pwdhash = binascii.hexlify(pwdhash).decode('ascii')
     return pwdhash == stored_password
diff --git a/templates/settings.html b/templates/settings.html
index b07f5ce..5b701f6 100644
--- a/templates/settings.html
+++ b/templates/settings.html
@@ -19,6 +19,7 @@
         <div class='googleID'>Google ID: {{ user_info.id }}</div>
     </div>
     <div id='passwdForm'>
+      <div class='largeField'><h3>Local Password</h3></div>
       <div class='passwd'>Password: <input type='password' id='passwdone' /></div>
       <div class='passwd'>Confirm: <input type='password' id='passwdtwo' /></div>
       <div class='submitpw'><input type='button' value='Update Password' /></div>