Hey guys ive been working on this for days now using bcrypt and other methods to store an encrypted password in a mysql server. Nothing seems to be working, and no one seems to be having a solution to this problem. Currently using fernet as a replacement for bcrypt but it still does not work. I created a class to encrypt:
class PwdCipher:
def generate_key(self,usr:str):
if os.path.isfile("pass_keys/"+usr+".key"):
return 1
else:
key = Fernet.generate_key()
with open("pass_keys/"+usr+".key","wb") as key_file:
key_file.write(key)
return 0
def load_key(self,usr:str):
if os.path.isfile("pass_keys/"+usr+".key"):
return open("pass_keys/"+usr+".key","rb").read()
else:
return 1
def encrypt(self,usr:str,pwd:str):
if self.generate_key(usr) == 0:
key = self.load_key(usr)
encoded_pwd = pwd.encode()
f = Fernet(key)
return f.encrypt(encoded_pwd)
else:
return 1
def decrypt(self,usr:str,encrypted_pwd):
if self.load_key(usr) == 1:
return 1
else:
key = self.load_key(usr)
f = Fernet(key)
encoded_pwd = encrypted_pwd.encode()
decrypted_msg = f.decrypt(encoded_pwd)
print(decrypted_msg)
Which is called on by this:
def root_task_handler(self,task):
if task[0][2:] == "create_user":
usr = task[1]
pwd = task[2]
email = task[3][:-1]
encrypted_pwd = self.pwd_cipher.encrypt(usr,pwd)
if encrypted_pwd == 1:
print("[" + str(datetime.datetime.now()) + " - INFO] " + "USR KEY ALREADY EXISTS ...ABORTING " + usr)
else:
if self.query.create_user(usr,encrypted_pwd,email) == 0:
print("[" + str(datetime.datetime.now()) + " - INFO] " + "ROOT USER CREATED ACCOUNT " + usr)
elif task[0][2:] == "delete_user":
usr = task[1]
pwd = task[2][:-1]
encrypted_pwd = self.query.get_password(usr)
db_pwd = self.pwd_cipher.decrypt(usr,encrypted_pwd)
Im begging for an answer at this point. Please if you know anything let me know: I would appreciate this a lot:)
I don't have an answer to my question. But a solution is to just encrypt the password in MySql. The only thing that works.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.