8000 🐛 (safe_str_cmp) Use `hmac.compare_digest` instead of `safe_str_cmp` · coduya/testing-python-apps@9acc053 · GitHub
[go: up one dir, main page]
Skip to content
10000

Commit 9acc053

Browse files
jslvtrjslvtr
committed
🐛 (safe_str_cmp) Use hmac.compare_digest instead of safe_str_cmp
In Werkzeug 2.1, `safe_str_cmp` has been removed (after being deprecated a while ago). The recommendation from the Werkzeug team is to use `hmac.compare_digest`. In this repo we were using `safe_str_cmp` in sections 7 and 8, so that has now been replaced.
1 parent 5585a1c commit 9acc053

File tree

2 files changed

+4
-4
lines changed

2 files changed

+4
-4
lines changed

section7/video_code/security.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,10 @@
1-
from werkzeug.security import safe_str_cmp
1+
from hmac import compare_digest
22
from models.user import UserModel
33

44

55
def authenticate(username, password):
66
user = UserModel.find_by_username(username)
7-
if user and safe_str_cmp(user.password, password):
7+
if user and compare_digest(user.password, password):
88
return user
99

1010

section8/video_code/security.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,10 @@
1-
from werkzeug.security import safe_str_cmp
1+
from hmac import compare_digest
22
from models.user import UserModel
33

44

55
def authenticate(username, password):
66
user = UserModel.find_by_username(username)
7-
if user and safe_str_cmp(user.password, password):
7+
if user and compare_digest(user.password, password):
88
return user
99

1010

0 commit comments

Comments
 (0)
0