Mirrors/mealie
1
0
Fork 0
mirror of https://github.com/mealie-recipes/mealie.git synced 2026-02-26 17:53:12 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix: Truncate Long Passwords (>72 bytes) (#6335)

Browse Source
This commit is contained in:
Michael Genson
2025-10-09 18:46:06 -05:00
committed by GitHub
parent 5620370ade
commit b7b191a5ee
2 changed files with 36 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
mealie/core/security/hasher.py
View File

@@ -21,13 +21,16 @@ class FakeHasher:
class BcryptHasher:
def _get_password_bytes(self, password: str) -> bytes:
return password.encode("utf-8")[:72]
def hash(self, password: str) -> str:
password_bytes = password.encode("utf-8")
password_bytes = self._get_password_bytes(password)
hashed = bcrypt.hashpw(password_bytes, bcrypt.gensalt())
return hashed.decode("utf-8")
def verify(self, password: str, hashed: str) -> bool:
password_bytes = password.encode("utf-8")
password_bytes = self._get_password_bytes(password)
hashed_bytes = hashed.encode("utf-8")
return bcrypt.checkpw(password_bytes, hashed_bytes)