zcash-grant-system/backend/grant/utils/admin.py

from functools import wraps
from hashlib import sha256

from flask import session
from grant.settings import SECRET_KEY, ADMIN_PASS_HASH

admin_auth = {
    "username": "admin",
    "password": ADMIN_PASS_HASH,
    "salt": SECRET_KEY
}


def generate_admin_password_hash(password, salt=None):
    if not salt:
        salt = admin_auth['salt']  # do this in body to catch testing patch
    pass_salt = ('%s%s' % (password, salt)).encode('utf-8')
    pass_hash = sha256(pass_salt).hexdigest()
    return pass_hash


def admin_login(username, password):
    pass_hash = generate_admin_password_hash(password)
    if username == admin_auth['username'] and pass_hash == admin_auth['password']:
        session['admin_username'] = username
        return True
    return False


def admin_logout():
    del session['admin_username']
    return True


def admin_is_authed():
    return 'admin_username' in session


def admin_auth_required(f):
    @wraps(f)
    def decorated(*args, **kwargs):
        if admin_is_authed():
            return f(*args, **kwargs)
        else:
            return {"message": "Authentication required"}, 401

    return decorated
Admin authentication environment variable + generation command (#78) * store admin pass hash in ENV + add gen-admin-auth command * allow custom salt for hash generation * remove unused import * dynamically pull salt for testing admin password hash generator func * Fix middleware name. 2019-01-16 21:20:10 -08:00			`from functools import wraps`
			`from hashlib import sha256`

Run reformatter on all files (#98) 2019-01-23 07:00:30 -08:00			`from flask import session`
Admin authentication environment variable + generation command (#78) * store admin pass hash in ENV + add gen-admin-auth command * allow custom salt for hash generation * remove unused import * dynamically pull salt for testing admin password hash generator func * Fix middleware name. 2019-01-16 21:20:10 -08:00			`from grant.settings import SECRET_KEY, ADMIN_PASS_HASH`

			`admin_auth = {`
			`"username": "admin",`
			`"password": ADMIN_PASS_HASH,`
			`"salt": SECRET_KEY`
			`}`


			`def generate_admin_password_hash(password, salt=None):`
			`if not salt:`
			`salt = admin_auth['salt'] # do this in body to catch testing patch`
			`pass_salt = ('%s%s' % (password, salt)).encode('utf-8')`
			`pass_hash = sha256(pass_salt).hexdigest()`
			`return pass_hash`


			`def admin_login(username, password):`
			`pass_hash = generate_admin_password_hash(password)`
			`if username == admin_auth['username'] and pass_hash == admin_auth['password']:`
			`session['admin_username'] = username`
			`return True`
			`return False`


			`def admin_logout():`
			`del session['admin_username']`
			`return True`


			`def admin_is_authed():`
			`return 'admin_username' in session`


			`def admin_auth_required(f):`
			`@wraps(f)`
			`def decorated(args, *kwargs):`
			`if admin_is_authed():`
			`return f(args, *kwargs)`
			`else:`
			`return {"message": "Authentication required"}, 401`

			`return decorated`