Merge pull request #310 from matrix-org/markjh/bcrypt_rounds

Add config for how many bcrypt rounds to use for password hashes
author: Mark Haines <mjark@negativecurvature.net> 2015-10-16 17:05:21 +0100
committer: Mark Haines <mjark@negativecurvature.net> 2015-10-16 17:05:21 +0100
commit: b19b9535f6146a745e22b661fa5a94ab15887184 (patch)
tree: 4800b6821afcd711e694592e0943a8e7889f0705 /synapse/handlers
parent: Merge pull request #311 from matrix-org/markjh/postgres_fixes (diff)
parent: Add config for how many bcrypt rounds to use for password hashes (diff)
download: synapse-b19b9535f6146a745e22b661fa5a94ab15887184.tar.xz
1 files changed, 2 insertions, 1 deletions
diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py
index 484f719253..055d395b20 100644
--- a/synapse/handlers/auth.py
+++ b/synapse/handlers/auth.py
@@ -44,6 +44,7 @@ class AuthHandler(BaseHandler):
             LoginType.EMAIL_IDENTITY: self._check_email_identity,
             LoginType.DUMMY: self._check_dummy_auth,
         }
+        self.bcrypt_rounds = hs.config.bcrypt_rounds
         self.sessions = {}
 
     @defer.inlineCallbacks
@@ -432,7 +433,7 @@ class AuthHandler(BaseHandler):
         Returns:
             Hashed password (str).
         """
-        return bcrypt.hashpw(password, bcrypt.gensalt())
+        return bcrypt.hashpw(password, bcrypt.gensalt(self.bcrypt_rounds))
 
     def validate_hash(self, password, stored_hash):
         """Validates that self.hash(password) == stored_hash.
author	Mark Haines <mjark@negativecurvature.net>	2015-10-16 17:05:21 +0100
committer	Mark Haines <mjark@negativecurvature.net>	2015-10-16 17:05:21 +0100
commit	b19b9535f6146a745e22b661fa5a94ab15887184 (patch)
tree	4800b6821afcd711e694592e0943a8e7889f0705 /synapse/handlers
parent	Merge pull request #311 from matrix-org/markjh/postgres_fixes (diff)
parent	Add config for how many bcrypt rounds to use for password hashes (diff)
download	synapse-b19b9535f6146a745e22b661fa5a94ab15887184.tar.xz