diff --git a/src/helperFunctions/web_interface.py b/src/helperFunctions/web_interface.py index 923347b6f..6b7da0cae 100644 --- a/src/helperFunctions/web_interface.py +++ b/src/helperFunctions/web_interface.py @@ -6,7 +6,6 @@ from common_helper_files import get_binary_from_file from matplotlib import cm, colors -from passlib.context import CryptContext from quantiphy import Quantity from helperFunctions.fileSystem import get_template_dir @@ -16,6 +15,8 @@ 'ĜĝĢģĞğĤĥÌìÍíÎîÏïıĪīĮįĴĵĶķĹĺĻļŁłĽľÑñŃńŇňŅņÖöÒòÓóÔôÕõŐőØøŒœ' 'ŔŕŘřẞߌśŜŝŞşŠšȘșŤťŢţÞþȚțÜüÙùÚúÛûŰűŨũŲųŮůŪūŴŵÝýŸÿŶŷŹźŽžŻż' ) +DES_PW_LEN = 13 +PW_SCHEME_INDICATORS = ['$1$', '$2$', '$2a$', '$2y$', '$5$', '$6$', '$y$', '$pbkdf2'] def get_color_list(number: int, limit: int = 10) -> list[str]: @@ -93,11 +94,9 @@ def password_is_legal(pw: str) -> bool: :param pw: The password string. :return: ``True`` if the password is accepted and ``False`` otherwise. """ - if not pw: + if not pw or len(pw) == DES_PW_LEN: return False - schemes = ['bcrypt', 'des_crypt', 'pbkdf2_sha256', 'pbkdf2_sha512', 'sha256_crypt', 'sha512_crypt', 'plaintext'] - ctx = CryptContext(schemes=schemes) - return ctx.identify(pw) == 'plaintext' + return not any(pw.startswith(indicator) for indicator in PW_SCHEME_INDICATORS) def cap_length_of_element(hid_element: str, maximum: int = 55) -> str: @@ -109,7 +108,7 @@ def cap_length_of_element(hid_element: str, maximum: int = 55) -> str: :param maximum: The length after witch the element is capped. :return: The capped string. """ - return f'~{hid_element[-(maximum - 1):]}' if len(hid_element) > maximum else hid_element + return f'~{hid_element[-(maximum - 1) :]}' if len(hid_element) > maximum else hid_element def _format_si_prefix(number: float, unit: str) -> str: diff --git a/src/install/requirements_frontend.txt b/src/install/requirements_frontend.txt index 86177e611..521c46001 100644 --- a/src/install/requirements_frontend.txt +++ b/src/install/requirements_frontend.txt @@ -1,31 +1,31 @@ -argon2_cffi~=23.1.0 -bcrypt~=4.1.3 +argon2_cffi~=25.1.0 +bcrypt~=4.3.0 email-validator~=2.2.0 flask-login~=0.6.3 flask-paginate~=2024.4.12 -flask-security-too~=5.4.3 -flask-wtf~=1.2.1 -flask~=3.0.3 +flask-security-too~=5.6.2 +flask-wtf~=1.2.2 +flask~=3.1.1 flask-restx~=1.3.0 flask-sqlalchemy~=3.1.1 -gql~=3.5.0 +gql~=3.5.3 itsdangerous~=2.2.0 -matplotlib~=3.7.5 -more-itertools~=10.5.0 -prompt-toolkit~=3.0.50 +matplotlib~=3.10.3 +more-itertools~=10.7.0 +prompt-toolkit~=3.0.51 python-dateutil~=2.9.0 quantiphy~=2.20 -uwsgi~=2.0.28 -virtualenv~=20.29.1 +uwsgi~=2.0.30 +virtualenv~=20.31.2 # npm installation -nodeenv~=1.8.0 +nodeenv~=1.9.1 # must be below dependent packages (flask, flask-login, flask-restx) -werkzeug~=3.0.6 +werkzeug~=3.1.3 # Used for username validation by flask-security -bleach~=6.1.0 +bleach~=6.2.0 # Figuring out if the analysis is outdated semver~=3.0.4 diff --git a/src/plugins/analysis/file_system_metadata/test/test_file_system_metadata_routes.py b/src/plugins/analysis/file_system_metadata/test/test_file_system_metadata_routes.py index 54b4e295d..ef47280f2 100644 --- a/src/plugins/analysis/file_system_metadata/test/test_file_system_metadata_routes.py +++ b/src/plugins/analysis/file_system_metadata/test/test_file_system_metadata_routes.py @@ -1,7 +1,7 @@ from base64 import b64encode +from contextlib import contextmanager import pytest -from decorator import contextmanager from flask import Flask from flask_restx import Api diff --git a/src/plugins/analysis/qemu_exec/test/test_routes.py b/src/plugins/analysis/qemu_exec/test/test_routes.py index d54da2fe6..410507f73 100644 --- a/src/plugins/analysis/qemu_exec/test/test_routes.py +++ b/src/plugins/analysis/qemu_exec/test/test_routes.py @@ -1,4 +1,5 @@ -from decorator import contextmanager +from contextlib import contextmanager + from flask import Flask from flask_restx import Api diff --git a/src/test/unit/helperFunctions/test_web_interface.py b/src/test/unit/helperFunctions/test_web_interface.py index ab414d82a..28f8a823e 100644 --- a/src/test/unit/helperFunctions/test_web_interface.py +++ b/src/test/unit/helperFunctions/test_web_interface.py @@ -50,6 +50,7 @@ def test_is_superuser(input_data, expected): ('abc', True), ('1234567890abc', False), ('$5$FOOBAR99$f12dcbf3354f40a0ac341f712e4d72b74f4bb788dbc33aa86bd92d23c53188e5', False), + ('$pbkdf2-sha256$29000$do5RynkPgdCacy4FYCwFQA$w0QXDH5F.S2h8f0RYmHBmTPza5CHNR72jydO83UYUx8', False), ], ) def test_password_is_legal(input_data, expected): diff --git a/src/test/unit/test_manage_users.py b/src/test/unit/test_manage_users.py index 6a0b1c12b..5c8a0afea 100644 --- a/src/test/unit/test_manage_users.py +++ b/src/test/unit/test_manage_users.py @@ -19,6 +19,7 @@ }, } ) +PASSWORD = 'mock_password_123' class Prompt(NamedTuple): @@ -28,7 +29,7 @@ class Prompt(NamedTuple): @pytest.fixture def prompt(monkeypatch): - monkeypatch.setattr('getpass.getpass', lambda _: 'mock_password') + monkeypatch.setattr('getpass.getpass', lambda _: PASSWORD) with create_pipe_input() as pipe: session = PromptSession( input=pipe, @@ -120,4 +121,4 @@ def test_password_is_hashed(prompt): start_user_management(test_app, store, db, prompt.session) with test_app.app_context(): user = store.find_user(email='test_user') - assert user.password != 'mock_password' + assert user.password != PASSWORD