csxkdv/TNC-Pass-Salt-Gen
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Code updated to use crypt

Browse Source
This commit is contained in:
Eri
2025-10-12 03:06:45 +02:00
parent f5aabf7f2a
commit 5b88979921
5 changed files with 47 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
app.py
View File

@@ -1,16 +1,17 @@
from flask import Flask, request, jsonify, render_template, abort
from passlib.hash import sha512_crypt, sha256_crypt, md5_crypt
import secrets, os
import secrets, crypt, os
app = Flask(__name__, static_folder='static', template_folder='templates')
SALT_CHARS = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
MIN_LEN = 16
MIN_SALT_LEN = 8
MAX_SALT_LEN = 16
ALG_MAP = {
'sha512': sha512_crypt,
'sha256': sha256_crypt
ALG_PREFIX = {
'sha512': '$6$',
'sha256': '$5$',
}
@app.route('/')
@@ -19,9 +20,11 @@ def index():
@app.route('/gensalt')
def gensalt():
salt = ''.join(secrets.choice(SALT_CHARS) for _ in range(MAX_SALT_LEN))
length = max(MIN_SALT_LEN, min(MAX_SALT_LEN, int(request.args.get('length', MIN_SALT_LEN))))
salt = ''.join(secrets.choice(SALT_CHARS) for _ in range(length))
return jsonify({'salt': salt})
@app.route('/hash', methods=['POST'])
def do_hash():
data = request.get_json() or {}
@@ -29,23 +32,25 @@ def do_hash():
salt = data.get('salt', '')
algorithm = data.get('algorithm', 'sha512')
if not isinstance(password, str) or not isinstance(salt, str):
abort(400, 'Invalid input')
if len(password) < MIN_LEN:
abort(400, f'Password must be at least {MIN_LEN} characters')
if len(salt) < MIN_LEN or len(salt) > MAX_SALT_LEN:
abort(400, f'Salt must be between {MIN_LEN} and {MAX_SALT_LEN} characters')
if len(salt) < MIN_SALT_LEN or len(salt) > MAX_SALT_LEN:
abort(400, f'Salt must be between {MIN_SALT_LEN} and {MAX_SALT_LEN} characters')
hash_class = ALG_MAP.get(algorithm)
if hash_class is None:
prefix = ALG_PREFIX.get(algorithm)
if prefix is None:
abort(400, 'Unsupported algorithm')
# truncate salt to MAX_SALT_LEN just in case
salt_to_use = salt[:MAX_SALT_LEN]
hashed = hash_class.using(salt=salt_to_use).hash(password)
full_salt = f"{prefix}{salt}"
hashed = crypt.crypt(password, full_salt)
return jsonify({'hash': hashed})
if __name__ == '__main__':
host = os.environ.get('HOST', '127.0.0.1')
port = int(os.environ.get('PORT', 4444))