diff options
author | Erik Johnston <erikj@jki.re> | 2016-07-06 09:59:59 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-07-06 09:59:59 +0100 |
commit | 2e3c8acc68f4a2358aaba8363c7eaeaded2b329a (patch) | |
tree | 7e98683829b1b0a34038819f8f02992bd882c067 /scripts/hash_password | |
parent | Merge pull request #904 from matrix-org/dbkr/register_email_no_untrusted_id_s... (diff) | |
parent | Update password config comment (diff) | |
download | synapse-2e3c8acc68f4a2358aaba8363c7eaeaded2b329a.tar.xz |
Merge pull request #910 from KentShikama/hash_password_followup
Follow up to adding password pepper
Diffstat (limited to 'scripts/hash_password')
-rwxr-xr-x | scripts/hash_password | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/scripts/hash_password b/scripts/hash_password index e784600989..215ab25cfe 100755 --- a/scripts/hash_password +++ b/scripts/hash_password @@ -1,10 +1,16 @@ #!/usr/bin/env python import argparse + +import sys + import bcrypt import getpass +import yaml + bcrypt_rounds=12 +password_pepper = "" def prompt_for_pass(): password = getpass.getpass("Password: ") @@ -28,12 +34,22 @@ if __name__ == "__main__": default=None, help="New password for user. Will prompt if omitted.", ) + parser.add_argument( + "-c", "--config", + type=argparse.FileType('r'), + help="Path to server config file. Used to read in bcrypt_rounds and password_pepper.", + ) args = parser.parse_args() + if "config" in args and args.config: + config = yaml.safe_load(args.config) + bcrypt_rounds = config.get("bcrypt_rounds", bcrypt_rounds) + password_config = config.get("password_config", {}) + password_pepper = password_config.get("pepper", password_pepper) password = args.password if not password: password = prompt_for_pass() - print bcrypt.hashpw(password, bcrypt.gensalt(bcrypt_rounds)) + print bcrypt.hashpw(password + password_pepper, bcrypt.gensalt(bcrypt_rounds)) |