-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsecure.py
46 lines (34 loc) · 988 Bytes
/
secure.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
import re
import hmac
import hashlib
import random
from string import letters
from google.appengine.ext import db
"""
########## Hash User Cookie ##########
- hash cookies to prevent user fraud
"""
SECRET = "Sl33pyZ0ey"
def make_secure_val(value):
return "%s|%s" % (value, hmac.new(SECRET,value).hexdigest())
def check_secure_val(secure_val):
val = secure_val.split('|')[0]
if secure_val == make_secure_val(val):
return val
"""
########## Hash Password ##########
- password security
"""
def make_salt(length = 5):
return ''.join(random.choice(letters) for x in xrange(length))
def make_pw_hash(name, pw, salt = None):
if not salt:
salt = make_salt()
h = hashlib.sha256(name + pw + salt).hexdigest()
return '%s,%s' % (salt, h)
def valid_pw(name, password, h):
salt = h.split(',')[0]
return h == make_pw_hash(name, password, salt)
# store user
def users_key(group = 'default'):
return db.Key.from_path('users', group)