# HG changeset patch
# User Andrew Shadura <andrew@shadura.me>
# Date 2016-07-03 12:21:00
# Node ID 023d9202481e9cd6e49d5f022f1edcbc18ad3870
# Parent  58809814b51d95d1560bd5765e4fa213249c58cd

setup: use modern bcrypt implementation instead of unsupported old one

py-bcrypt has been deprecated by bcrypt, and is no longer developed
or supported.

bcrypt requires bytestrings instead of strings, use safe_str to ensure
they're encoded before they're passed to bcrypt. Also, use check_pw
to minimise the number of manual conversions and comparisons.

Installation of bcrypt will probably compile a C extension and require
libffi-dev.

diff --git a/kallithea/lib/auth.py b/kallithea/lib/auth.py
--- a/kallithea/lib/auth.py
+++ b/kallithea/lib/auth.py
@@ -52,7 +52,7 @@ from kallithea.model.db import User, Rep
     RepoGroup, UserGroupRepoGroupToPerm, UserIpMap, UserGroupUserGroupToPerm, \
     UserGroup, UserApiKeys
 
-from kallithea.lib.utils2 import safe_unicode, aslist
+from kallithea.lib.utils2 import safe_str, safe_unicode, aslist
 from kallithea.lib.utils import get_repo_slug, get_repo_group_slug, \
     get_user_group_slug, conditional_cache
 from kallithea.lib.caching_query import FromCache
@@ -107,7 +107,7 @@ class KallitheaCrypto(object):
             return hashlib.sha256(str_).hexdigest()
         elif is_unix:
             import bcrypt
-            return bcrypt.hashpw(str_, bcrypt.gensalt(10))
+            return bcrypt.hashpw(safe_str(str_), bcrypt.gensalt(10))
         else:
             raise Exception('Unknown or unsupported platform %s' \
                             % __platform__)
@@ -126,7 +126,7 @@ class KallitheaCrypto(object):
             return hashlib.sha256(password).hexdigest() == hashed
         elif is_unix:
             import bcrypt
-            return bcrypt.hashpw(password, hashed) == hashed
+            return bcrypt.checkpw(safe_str(password), safe_str(hashed))
         else:
             raise Exception('Unknown or unsupported platform %s' \
                             % __platform__)
diff --git a/setup.py b/setup.py
--- a/setup.py
+++ b/setup.py
@@ -66,7 +66,7 @@ if sys.version_info < (2, 7):
     requirements.append("argparse")
 
 if not is_windows:
-    requirements.append("py-bcrypt>=0.3.0,<=0.4")
+    requirements.append("bcrypt>=2.0.0")
 
 
 dependency_links = [