Compare commits
No commits in common. "unstable" and "main" have entirely different histories.
@ -3,8 +3,7 @@ import string
|
|||||||
from .decrypted_account import DecryptedAccount
|
from .decrypted_account import DecryptedAccount
|
||||||
|
|
||||||
FORBIDDEN_CHARS = frozenset("`\n\\")
|
FORBIDDEN_CHARS = frozenset("`\n\\")
|
||||||
FULL_PUNCTUATION = frozenset(string.punctuation)
|
PUNCTUATION = frozenset(string.punctuation).difference(FORBIDDEN_CHARS)
|
||||||
PUNCTUATION = FULL_PUNCTUATION.difference(FORBIDDEN_CHARS)
|
|
||||||
|
|
||||||
|
|
||||||
def _base_check(val: str, /) -> bool:
|
def _base_check(val: str, /) -> bool:
|
||||||
@ -22,9 +21,9 @@ def check_login(login: str) -> bool:
|
|||||||
return _base_check(login)
|
return _base_check(login)
|
||||||
|
|
||||||
|
|
||||||
def check_password(password: str) -> bool:
|
def check_password(passwd: str) -> bool:
|
||||||
"Returns true if password is valid"
|
"Returns true if password is valid"
|
||||||
return _base_check(password)
|
return _base_check(passwd)
|
||||||
|
|
||||||
|
|
||||||
def check_account(account: DecryptedAccount) -> bool:
|
def check_account(account: DecryptedAccount) -> bool:
|
||||||
@ -38,28 +37,14 @@ def check_account(account: DecryptedAccount) -> bool:
|
|||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
def check_gened_password(password: str, /) -> bool:
|
def check_gened_password(passwd: str, /) -> bool:
|
||||||
"""Retuns true if generated password is valid,
|
"""Retuns true if generated password is valid,
|
||||||
false otherwise.
|
false otherwise.
|
||||||
Password is valid if there is at least one lowercase character,
|
Password is valid if there is at least one lowercase character,
|
||||||
uppercase character and one punctuation character"""
|
uppercase character and one punctuation character"""
|
||||||
return (
|
return (
|
||||||
any(c.islower() for c in password)
|
any(c.islower() for c in passwd)
|
||||||
and any(c.isupper() for c in password)
|
and any(c.isupper() for c in passwd)
|
||||||
and any(c.isdigit() for c in password)
|
and any(c.isdigit() for c in passwd)
|
||||||
and any(c in PUNCTUATION for c in password)
|
and any(c in PUNCTUATION for c in passwd)
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
def check_master_password(password: str) -> bool:
|
|
||||||
"""Returns True if master password is valid.
|
|
||||||
Master password has to have at least one lowercase letter,
|
|
||||||
one uppercase letter, one digit, one punctuation character
|
|
||||||
and length must be at least 8"""
|
|
||||||
return (
|
|
||||||
len(password) >= 8
|
|
||||||
and any(c.islower() for c in password)
|
|
||||||
and any(c.isupper() for c in password)
|
|
||||||
and any(c.isdigit() for c in password)
|
|
||||||
and any(c in FULL_PUNCTUATION for c in password)
|
|
||||||
)
|
)
|
||||||
|
@ -14,7 +14,6 @@ from ..account_checks import (
|
|||||||
check_account_name,
|
check_account_name,
|
||||||
check_login,
|
check_login,
|
||||||
check_password,
|
check_password,
|
||||||
check_master_password,
|
|
||||||
)
|
)
|
||||||
from ..account_parsing import accounts_to_json, json_to_accounts
|
from ..account_parsing import accounts_to_json, json_to_accounts
|
||||||
from ..decrypted_account import DecryptedAccount
|
from ..decrypted_account import DecryptedAccount
|
||||||
@ -83,7 +82,7 @@ async def _delete_all2(
|
|||||||
) -> None:
|
) -> None:
|
||||||
await base_handler(bot, mes, prev_mes)
|
await base_handler(bot, mes, prev_mes)
|
||||||
text = mes.text.strip()
|
text = mes.text.strip()
|
||||||
if encryption.master_pass.verify_master_pass(text, master_pass):
|
if encryption.master_pass.check_master_pass(text, master_pass):
|
||||||
db.delete.purge_accounts(engine, mes.from_user.id)
|
db.delete.purge_accounts(engine, mes.from_user.id)
|
||||||
db.delete.delete_master_pass(engine, mes.from_user.id)
|
db.delete.delete_master_pass(engine, mes.from_user.id)
|
||||||
await send_tmp_message(
|
await send_tmp_message(
|
||||||
@ -127,17 +126,6 @@ async def _set_master_pass2(
|
|||||||
if text == "/cancel":
|
if text == "/cancel":
|
||||||
return await send_tmp_message(bot, mes.chat.id, "Успешная отмена")
|
return await send_tmp_message(bot, mes.chat.id, "Успешная отмена")
|
||||||
|
|
||||||
if not check_master_password(text):
|
|
||||||
await send_tmp_message(
|
|
||||||
bot,
|
|
||||||
mes.chat.id,
|
|
||||||
"Не подходящий мастер пароль\\. Он должен быть не меньше "
|
|
||||||
"8 символов, иметь хотя бы один символ в нижнем и "
|
|
||||||
"верхнем регистре, хотя бы один специальный символ",
|
|
||||||
sleep_time=10,
|
|
||||||
)
|
|
||||||
return
|
|
||||||
|
|
||||||
master_password = encryption.master_pass.encrypt_master_pass(
|
master_password = encryption.master_pass.encrypt_master_pass(
|
||||||
mes.from_user.id,
|
mes.from_user.id,
|
||||||
text,
|
text,
|
||||||
@ -193,7 +181,7 @@ async def _reset_master_pass2(
|
|||||||
if text == "/cancel":
|
if text == "/cancel":
|
||||||
await send_tmp_message(bot, mes.chat.id, "Успешная отмена")
|
await send_tmp_message(bot, mes.chat.id, "Успешная отмена")
|
||||||
|
|
||||||
if not encryption.master_pass.verify_master_pass(text, master_pass):
|
if not encryption.master_pass.check_master_pass(text, master_pass):
|
||||||
await send_tmp_message(bot, mes.chat.id, "Неверный мастер пароль")
|
await send_tmp_message(bot, mes.chat.id, "Неверный мастер пароль")
|
||||||
return
|
return
|
||||||
|
|
||||||
@ -215,17 +203,6 @@ async def _reset_master_pass3(
|
|||||||
if text == "/cancel":
|
if text == "/cancel":
|
||||||
return await send_tmp_message(bot, mes.chat.id, "Успешная отмена")
|
return await send_tmp_message(bot, mes.chat.id, "Успешная отмена")
|
||||||
|
|
||||||
if not check_master_password(text):
|
|
||||||
await send_tmp_message(
|
|
||||||
bot,
|
|
||||||
mes.chat.id,
|
|
||||||
"Не подходящий мастер пароль\\. Он должен быть не меньше "
|
|
||||||
"8 символов, иметь хотя бы один символ в нижнем и "
|
|
||||||
"верхнем регистре, хотя бы один специальный символ",
|
|
||||||
sleep_time=10,
|
|
||||||
)
|
|
||||||
return
|
|
||||||
|
|
||||||
master_password = encryption.master_pass.encrypt_master_pass(
|
master_password = encryption.master_pass.encrypt_master_pass(
|
||||||
mes.from_user.id,
|
mes.from_user.id,
|
||||||
text,
|
text,
|
||||||
@ -357,7 +334,7 @@ async def _add_account5(
|
|||||||
return await send_tmp_message(bot, mes.chat.id, "Успешная отмена")
|
return await send_tmp_message(bot, mes.chat.id, "Успешная отмена")
|
||||||
|
|
||||||
master_password = db.get.get_master_pass(engine, mes.from_user.id)
|
master_password = db.get.get_master_pass(engine, mes.from_user.id)
|
||||||
if not encryption.master_pass.verify_master_pass(text, master_password):
|
if not encryption.master_pass.check_master_pass(text, master_password):
|
||||||
return await send_tmp_message(
|
return await send_tmp_message(
|
||||||
bot,
|
bot,
|
||||||
mes.chat.id,
|
mes.chat.id,
|
||||||
@ -447,7 +424,7 @@ async def _get_account3(
|
|||||||
mes.from_user.id,
|
mes.from_user.id,
|
||||||
)
|
)
|
||||||
|
|
||||||
if not encryption.master_pass.verify_master_pass(text, master_password):
|
if not encryption.master_pass.check_master_pass(text, master_password):
|
||||||
return await send_tmp_message(
|
return await send_tmp_message(
|
||||||
bot,
|
bot,
|
||||||
mes.chat.id,
|
mes.chat.id,
|
||||||
@ -541,7 +518,7 @@ async def _delete_account3(
|
|||||||
) -> None:
|
) -> None:
|
||||||
await base_handler(bot, mes, prev_mes)
|
await base_handler(bot, mes, prev_mes)
|
||||||
text = mes.text.strip()
|
text = mes.text.strip()
|
||||||
if not encryption.master_pass.verify_master_pass(text, master_pass):
|
if not encryption.master_pass.check_master_pass(text, master_pass):
|
||||||
await send_tmp_message(bot, mes.chat.id, "Неверный пароль")
|
await send_tmp_message(bot, mes.chat.id, "Неверный пароль")
|
||||||
return
|
return
|
||||||
|
|
||||||
@ -597,7 +574,7 @@ async def _export2(
|
|||||||
engine,
|
engine,
|
||||||
mes.from_user.id,
|
mes.from_user.id,
|
||||||
)
|
)
|
||||||
if not encryption.master_pass.verify_master_pass(text, master_password):
|
if not encryption.master_pass.check_master_pass(text, master_password):
|
||||||
return await send_tmp_message(
|
return await send_tmp_message(
|
||||||
bot,
|
bot,
|
||||||
mes.chat.id,
|
mes.chat.id,
|
||||||
@ -705,7 +682,7 @@ async def _import3(
|
|||||||
engine,
|
engine,
|
||||||
mes.from_user.id,
|
mes.from_user.id,
|
||||||
)
|
)
|
||||||
if not encryption.master_pass.verify_master_pass(text, master_password):
|
if not encryption.master_pass.check_master_pass(text, master_password):
|
||||||
return await send_tmp_message(
|
return await send_tmp_message(
|
||||||
bot,
|
bot,
|
||||||
mes.chat.id,
|
mes.chat.id,
|
||||||
|
@ -20,7 +20,7 @@ class Cipher:
|
|||||||
algorithm=hashes.SHA256(),
|
algorithm=hashes.SHA256(),
|
||||||
length=32,
|
length=32,
|
||||||
salt=salt,
|
salt=salt,
|
||||||
iterations=480000,
|
iterations=100000,
|
||||||
)
|
)
|
||||||
return cls(kdf.derive(password))
|
return cls(kdf.derive(password))
|
||||||
|
|
||||||
|
@ -31,7 +31,7 @@ def encrypt_master_pass(user_id: int, password: str) -> MasterPass:
|
|||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
def verify_master_pass(password: str, master_password: MasterPass) -> bool:
|
def check_master_pass(password: str, master_password: MasterPass) -> bool:
|
||||||
"""Checks if the master password is correct"""
|
"""Checks if the master password is correct"""
|
||||||
kdf = _get_kdf(master_password.salt)
|
kdf = _get_kdf(master_password.salt)
|
||||||
try:
|
try:
|
||||||
|
Reference in New Issue
Block a user