IEEE.org     |     IEEE Xplore Digital Library     |     IEEE Standards     |     IEEE Spectrum     |     More Sites

Verified Commit 42ac9a41 authored by Emi Simpson's avatar Emi Simpson
Browse files

[api] Improved handling of malformed hashes

parent fab79235
Pipeline #1055 failed with stage
in 47 seconds
......@@ -44,7 +44,10 @@ def try_validate_password(hash: bytes, password: str) -> Optional[Literal[Valida
assert password_hasher.verify(hash, password)
except argon2.exceptions.VerifyMismatchError:
return ValidatePasswordError.BadPassword
except argon2.exceptions.InvalidHash:
except (argon2.exceptions.InvalidHash, argon2.exceptions.VerificationError):
print('Failed password hashing indicates invalid server state!')
print(f'Failed hash: {hash}')
print('Password not printed for security reasons.')
return ValidatePasswordError.InvalidServerState
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment