| 
									
										
										
										
											2023-05-15 08:51:32 +08:00
										 |  |  | import base64 | 
					
						
							|  |  |  | import binascii | 
					
						
							|  |  |  | import hashlib | 
					
						
							|  |  |  | import re | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | password_pattern = r"^(?=.*[a-zA-Z])(?=.*\d).{8,}$" | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-08-15 17:53:12 +08:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-05-15 08:51:32 +08:00
										 |  |  | def valid_password(password): | 
					
						
							|  |  |  |     # Define a regex pattern for password rules | 
					
						
							|  |  |  |     pattern = password_pattern | 
					
						
							|  |  |  |     # Check if the password matches the pattern | 
					
						
							|  |  |  |     if re.match(pattern, password) is not None: | 
					
						
							|  |  |  |         return password | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-10-21 10:03:40 +08:00
										 |  |  |     raise ValueError("Password must contain letters and numbers, and the length must be greater than 8.") | 
					
						
							| 
									
										
										
										
											2023-05-15 08:51:32 +08:00
										 |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | def hash_password(password_str, salt_byte): | 
					
						
							| 
									
										
										
										
											2024-08-15 17:53:12 +08:00
										 |  |  |     dk = hashlib.pbkdf2_hmac("sha256", password_str.encode("utf-8"), salt_byte, 10000) | 
					
						
							| 
									
										
										
										
											2023-05-15 08:51:32 +08:00
										 |  |  |     return binascii.hexlify(dk) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | def compare_password(password_str, password_hashed_base64, salt_base64): | 
					
						
							|  |  |  |     # compare password for login | 
					
						
							|  |  |  |     return hash_password(password_str, base64.b64decode(salt_base64)) == base64.b64decode(password_hashed_base64) |