59 lines
1.7 KiB
Python
59 lines
1.7 KiB
Python
from flask import Flask, request, jsonify, render_template, abort
|
|
import secrets, crypt, os
|
|
|
|
app = Flask(__name__, static_folder='static', template_folder='templates')
|
|
|
|
SALT_CHARS = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
|
|
MIN_LEN = 16
|
|
MIN_SALT_LEN = 8
|
|
MAX_SALT_LEN = 16
|
|
|
|
|
|
ALG_PREFIX = {
|
|
'sha512': '$6$',
|
|
'sha256': '$5$',
|
|
}
|
|
|
|
@app.route('/')
|
|
def index():
|
|
return render_template('index.html')
|
|
|
|
@app.route('/gensalt')
|
|
def gensalt():
|
|
length = max(MIN_SALT_LEN, min(MAX_SALT_LEN, int(request.args.get('length', MIN_SALT_LEN))))
|
|
salt = ''.join(secrets.choice(SALT_CHARS) for _ in range(length))
|
|
return jsonify({'salt': salt})
|
|
|
|
|
|
@app.route('/hash', methods=['POST'])
|
|
def do_hash():
|
|
data = request.get_json() or {}
|
|
password = data.get('password', '')
|
|
salt = data.get('salt', '')
|
|
algorithm = data.get('algorithm', 'sha512')
|
|
|
|
|
|
if not isinstance(password, str) or not isinstance(salt, str):
|
|
abort(400, 'Invalid input')
|
|
if len(password) < MIN_LEN:
|
|
abort(400, f'Password must be at least {MIN_LEN} characters')
|
|
if len(salt) < MIN_SALT_LEN or len(salt) > MAX_SALT_LEN:
|
|
abort(400, f'Salt must be between {MIN_SALT_LEN} and {MAX_SALT_LEN} characters')
|
|
|
|
prefix = ALG_PREFIX.get(algorithm)
|
|
|
|
if prefix is None:
|
|
abort(400, 'Unsupported algorithm')
|
|
|
|
|
|
full_salt = f"{prefix}{salt}"
|
|
hashed = crypt.crypt(password, full_salt)
|
|
return jsonify({'hash': hashed})
|
|
|
|
|
|
if __name__ == '__main__':
|
|
host = os.environ.get('HOST', '127.0.0.1')
|
|
port = int(os.environ.get('PORT', 4444))
|
|
debug = os.environ.get('DEBUG', '1') == '1'
|
|
app.run(host=host, port=port, debug=debug)
|