Ensuring that password hashes are compared correctly under python3

2016-09-07 13:25:51 -07:00 · 2016-09-07 13:25:51 -07:00 · a60e372c5a
parent 76cece7b90
commit a60e372c5a
3 changed files with 7 additions and 7 deletions
--- a/lemur/auth/views.py
+++ b/lemur/auth/views.py
@ -289,7 +289,7 @@ class Providers(Resource):
    def get(self):
        active_providers = []

-        for provider in current_app.config.get("ACTIVE_PROVIDERS"):
+        for provider in current_app.config.get("ACTIVE_PROVIDERS", []):
            provider = provider.lower()

            if provider == "google":
--- a/lemur/users/models.py
+++ b/lemur/users/models.py
@ -8,6 +8,7 @@

 .. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
 """
+import sys
 from sqlalchemy.orm import relationship
 from sqlalchemy import Column, Integer, String, Boolean, DateTime
 from sqlalchemy.event import listen
@ -62,7 +63,10 @@ class User(db.Model):
        :return:
        """
        if self.password:
-            self.password = bcrypt.generate_password_hash(self.password)
+            if sys.version_info[0] >= 3:
+                self.password = bcrypt.generate_password_hash(self.password).decode('utf-8')
+            else:
+                self.password = bcrypt.generate_password_hash(self.password)
            return self.password

    @property
--- a/lemur/utils.py
+++ b/lemur/utils.py
@ -54,11 +54,7 @@ def get_keys():

    # when running lemur create_config, this code needs to work despite
    # the fact that there is not a current_app with a config at that point
-    try:
-        keys = current_app.config.get('LEMUR_ENCRYPTION_KEYS')
-    except Exception:
-        print("no encryption keys")
-        return []
+    keys = current_app.config.get('LEMUR_ENCRYPTION_KEYS', [])

    # this function is expected to return a list of keys, but we want
    # to let people just specify a single key