更新登录逻辑,等待数据库进一步完善
This commit is contained in:
20
accounts/crypto.py
Normal file
20
accounts/crypto.py
Normal file
@@ -0,0 +1,20 @@
|
||||
import hashlib
|
||||
import hmac
|
||||
|
||||
|
||||
def salt_for_username(username: str) -> bytes:
|
||||
"""Derive a per-username salt using SHA-256(username).
|
||||
|
||||
The salt is deterministic for a given username and does not require storage.
|
||||
"""
|
||||
return hashlib.sha256(username.encode('utf-8')).digest()
|
||||
|
||||
|
||||
def derive_password(password_plain: str, salt: bytes, iterations: int = 100_000, dklen: int = 32) -> bytes:
|
||||
"""PBKDF2-SHA256 derive a fixed-length secret from a plaintext password and salt."""
|
||||
return hashlib.pbkdf2_hmac('sha256', password_plain.encode('utf-8'), salt, iterations, dklen=dklen)
|
||||
|
||||
|
||||
def hmac_sha256(key: bytes, message: bytes) -> bytes:
|
||||
"""Compute HMAC-SHA256 signature for the given message using key bytes."""
|
||||
return hmac.new(key, message, hashlib.sha256).digest()
|
||||
Reference in New Issue
Block a user