From: Sergio Durigan Junior Date: Mon, 8 Aug 2016 20:16:35 -0400 Subject: Support python-bcrypt instead of py-bcrypt This patch basically makes sure that the arguments to bcrypt.hashpw are encoded to UTF-8. This is a requirement of python-bcrypt. Using python-bcrypt has the advantage that the library is well maintained and available on more distributions, like Debian. --- pagure/lib/login.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/pagure/lib/login.py b/pagure/lib/login.py index 4227c94..989fb4e 100644 --- a/pagure/lib/login.py +++ b/pagure/lib/login.py @@ -72,7 +72,8 @@ def get_users_by_group(session, group): def generate_hashed_value(password): """ Generate hash value for password """ - return '$2$' + bcrypt.hashpw(to_unicode(password), bcrypt.gensalt()) + return '$2$' + bcrypt.hashpw(password.encode("utf8"), + bcrypt.gensalt().encode("utf8")) def check_password(entered_password, user_password, seed=None): @@ -86,7 +87,7 @@ def check_password(entered_password, user_password, seed=None): _, version, user_password = user_password.split('$', 2) if version == '2': - password = bcrypt.hashpw(to_unicode(entered_password), user_password) + password = bcrypt.hashpw(entered_password.encode("utf8"), user_password.encode("utf8")) elif version == '1': password = '%s%s' % (to_unicode(entered_password), seed)