Island: Move password_matches_hash() to AuthenticationService

monkey/monkey_island/cc/resources/auth/credential_utils.py

@@ -1,14 +1,9 @@
 import json
 from typing import Tuple
 
-import bcrypt
 from flask import Request, request
 
 
-def password_matches_hash(plaintext_password, password_hash):
-    return bcrypt.checkpw(plaintext_password.encode("utf-8"), password_hash.encode("utf-8"))
-
-
 def get_username_password_from_request(_request: Request) -> Tuple[str, str]:
     cred_dict = json.loads(request.data)
     username = cred_dict.get("username", "")

monkey/monkey_island/cc/services/authentication.py

@@ -2,7 +2,6 @@ import bcrypt
 
 import monkey_island.cc.environment.environment_singleton as env_singleton
 from monkey_island.cc.environment.user_creds import UserCreds
-from monkey_island.cc.resources.auth.credential_utils import password_matches_hash
 from monkey_island.cc.server_utils.encryption import (
     reset_datastore_encryptor,
     unlock_datastore_encryptor,
@@ -63,10 +62,14 @@ def _credentials_match_registered_user(username: str, password: str) -> bool:
     if not registered_user:
         return False
 
-    return (registered_user.username == username) and password_matches_hash(
+    return (registered_user.username == username) and _password_matches_hash(
         password, registered_user.password_hash
     )
 
 
+def _password_matches_hash(plaintext_password, password_hash):
+    return bcrypt.checkpw(plaintext_password.encode("utf-8"), password_hash.encode("utf-8"))
+
+
 def _get_secret_from_credentials(username: str, password: str) -> str:
     return f"{username}:{password}"