Verified Commit 82eefab9 authored by Jelle van der Waa's avatar Jelle van der Waa 🚧
Browse files

Use brypt for password generation

Our production server has no passwords with a md5sum without a salt, and
as our production database should only contain bcrypt salted passwords
in the future.
parent df161ef3
Pipeline #8972 passed with stage
in 5 minutes and 13 seconds
......@@ -16,6 +16,8 @@ import random
import sys
import time
import bcrypt
LOG_LEVEL = logging.DEBUG # logging level. set to logging.INFO to reduce output
SEED_FILE = "/usr/share/dict/words"
USER_ID = 5 # Users.ID of first bogus user
......@@ -182,11 +184,11 @@ for u in user_keys:
#
pass
h = hashlib.new('md5')
h.update(u.encode())
h = bcrypt.hashpw(u.encode(), bcrypt.gensalt(rounds=4)).decode()
s = ("INSERT INTO Users (ID, AccountTypeID, Username, Email, Passwd)"
" VALUES (%d, %d, '%s', '%s@example.com', '%s');\n")
s = s % (seen_users[u], account_type, u, u, h.hexdigest())
s = s % (seen_users[u], account_type, u, u, h)
out.write(s)
log.debug("Number of developers: %d" % len(developers))
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment