From 6e5b4cc793be9b0a3c3018b4d0ebeeab8866aa41 Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Fri, 8 Oct 2021 12:19:17 -0400 Subject: [PATCH] Island: Move password_matches_hash() to AuthenticationService --- monkey/monkey_island/cc/resources/auth/credential_utils.py | 5 ----- monkey/monkey_island/cc/services/authentication.py | 7 +++++-- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/monkey/monkey_island/cc/resources/auth/credential_utils.py b/monkey/monkey_island/cc/resources/auth/credential_utils.py index 27fe761ae..57d5ebc70 100644 --- a/monkey/monkey_island/cc/resources/auth/credential_utils.py +++ b/monkey/monkey_island/cc/resources/auth/credential_utils.py @@ -1,14 +1,9 @@ import json from typing import Tuple -import bcrypt from flask import Request, request -def password_matches_hash(plaintext_password, password_hash): - return bcrypt.checkpw(plaintext_password.encode("utf-8"), password_hash.encode("utf-8")) - - def get_username_password_from_request(_request: Request) -> Tuple[str, str]: cred_dict = json.loads(request.data) username = cred_dict.get("username", "") diff --git a/monkey/monkey_island/cc/services/authentication.py b/monkey/monkey_island/cc/services/authentication.py index 200643ea1..79749d546 100644 --- a/monkey/monkey_island/cc/services/authentication.py +++ b/monkey/monkey_island/cc/services/authentication.py @@ -2,7 +2,6 @@ import bcrypt import monkey_island.cc.environment.environment_singleton as env_singleton from monkey_island.cc.environment.user_creds import UserCreds -from monkey_island.cc.resources.auth.credential_utils import password_matches_hash from monkey_island.cc.server_utils.encryption import ( reset_datastore_encryptor, unlock_datastore_encryptor, @@ -63,10 +62,14 @@ def _credentials_match_registered_user(username: str, password: str) -> bool: if not registered_user: return False - return (registered_user.username == username) and password_matches_hash( + return (registered_user.username == username) and _password_matches_hash( password, registered_user.password_hash ) +def _password_matches_hash(plaintext_password, password_hash): + return bcrypt.checkpw(plaintext_password.encode("utf-8"), password_hash.encode("utf-8")) + + def _get_secret_from_credentials(username: str, password: str) -> str: return f"{username}:{password}"