1

I am new to programming and to learn I tried to make an authentification program that stores password and usernames in .txt files using passlib:

But I am getting this error when I try to verify my hashed password in my password.txt file:`Traceback (most recent call last):

  File "C:/Users/PycharmProjects/Apprentissage/Authentification.py", line 107, in <module>
    get_line_number_pseudo()
  File "C:/Users/PycharmProjects/Apprentissage/Authentification.py", line 84, in get_line_number_pseudo
    get_line_number_password()
  File "C:/Users/PycharmProjects/Apprentissage/Authentification.py", line 67, in get_line_number_password
    print(sha1_crypt.verify(password, password_file_lines[0]))
  File "C:\Users\AppData\Roaming\Python\Python37\site-packages\passlib\utils\handlers.py", line 757, in verify
    self = cls.from_string(hash, **context)
  File "C:\Users\AppData\Roaming\Python\Python37\site-packages\passlib\handlers\sha1_crypt.py", line 86, in from_string
    return cls(rounds=rounds, salt=salt, checksum=chk)
  File "C:\Users\AppData\Roaming\Python\Python37\site-packages\passlib\utils\handlers.py", line 1761, in __init__
    super(HasRounds, self).__init__(**kwds)
  File "C:\UsersAppData\Roaming\Python\Python37\site-packages\passlib\utils\handlers.py", line 1376, in __init__
    super(HasSalt, self).__init__(**kwds)
  File "C:\Users\AppData\Roaming\Python\Python37\site-packages\passlib\utils\handlers.py", line 593, in __init__
    self.checksum = self._norm_checksum(checksum)
  File "C:\Users\AppData\Roaming\Python\Python37\site-packages\passlib\utils\handlers.py", line 623, in _norm_checksum
    raise exc.ChecksumSizeError(self, raw=raw)
ValueError: malformed sha1_crypt hash (checksum must be exactly 28 chars)`

register i've made work well but the sign in part doesn't. CODE:`

from passlib.hash import sha1_crypt
tries = 0

pseudonyme = open("pseudo.txt")
password_file = open("password.txt")
password_file_lines = password_file.readlines()
found = False


def new_hash_password():
    global pass2
    pass2 = sha1_crypt.hash()
    new_valid_password()


def new_player_password():
    global tries, pass2
    while True:
        pass1 = input('Please enter a password: ')

        pass2 = input('Now please enter the password again to check: ')

        if pass1 == pass2:
            print('You are now logged in welcome!')
            new_hash_password()
        else:
            print('I am sorry but the password does not match')
            tries += 1
        if tries == 3:
            quit()


def new_valid_password():
    global password, pass2
    lines_list = open("password.txt").read()
    password_list = []
    password_list.append(pass2)
    password_list.append(lines_list)
    with open('password.txt', 'w') as filehandle:
        filehandle.writelines("%s\n" % place for place in password_list)
    print(password_list)
    password_file.close()

    new_valid_pseudo()


def new_valid_pseudo():
    global pseudo2
    lines_list = open('pseudo.txt').read()
    new_pseudo = pseudo2
    pseudo_list= []
    pseudo_list.append(new_pseudo)
    pseudo_list.append(lines_list)

    with open('pseudo.txt', 'w') as filehandle:
        filehandle.writelines("%s\n" % place for place in pseudo_list)
    print("Hi", pseudo2, ",Welcome on pylilgame!")
    pseudonyme.close()
    # connection to server
    quit()


def get_line_number_password():
    global password_check, i
    password = input("Please enter your password:")
    with open("password.txt"):
        print(sha1_crypt.verify(password, password_file_lines[0]))
        lookup = password_check
        for num, line in enumerate(password_file):
            if lookup in line:
                print(num)


def get_line_number_pseudo():
    global pseudo, i

    with open('pseudo.txt', 'r') as f:
        lines = f.read().split("\n")

    for i, line in enumerate(lines):
        if pseudo in line.split():  # or word in line.split() to search for full words
            print("Word \"{}\" found in line {}".format(pseudo, i + 1))

            get_line_number_password(


if __name__ == "__main__":

    hello = input("Would you like to sign in or sign up(SI or SU)")

    if hello == "SI":
        pseudo = input("PSEUDO:")
        if pseudo in pseudonyme.read():
            print("The pseudo exists")
            get_line_number_pseudo()
        else:
            print("This pseudonyme doesn't exist!")
    if hello == "SU":
        while True:
            pseudo = input("PSEUDO:")
            if pseudo in pseudonyme.read():
                print("This pseudonyme is already taken!")

            else:
                pseudo2 = input("TYPE YOUR PSEUDO AGAIN:")
                if pseudo2 == pseudo:
                    new_player_password()

                else:
                    print("QUIT")

Thank you in advance for any help provided!!

Antwane
  • 20,760
  • 7
  • 51
  • 84
Thewizy
  • 11
  • 5
  • Let's start with the obvious: `password_file_lines` contains a list of lines from your `password.txt` file **including** a new line (`\n`) at the end of each - try with `print(sha1_crypt.verify(password, password_file_lines[0].rstrip()))`. Regardless of whether this solves your problem or not, I'd strongly encourage you to learn about variable scopes when it comes to Python so that you don't rely on globals / implied globals all the time. Reading a bit on [`hash salting`](https://en.wikipedia.org/wiki/Salt_(cryptography)) would also do you a ton of good when it comes to security. – zwer Sep 24 '18 at 14:53
  • Thank you very much the print(sha1_crypt.verify(password, password_file_lines[0].rstrip())) works perfectly ! – Thewizy Sep 25 '18 at 12:13
  • I'm going to read about hash salting as you mentioned thank you again! – Thewizy Sep 25 '18 at 12:14

1 Answers1

0

Try deleting the Table from the database and then rerun it, this sometime happens when the characters of password hash gets truncated because of max character limit of the column. That's why while verifying it during login it is unable to do it and its throws such error

Rakesh Gombi
  • 322
  • 1
  • 3
  • 10