|
|
@@ -1122,20 +1122,22 @@ class AuthHandler(BaseHandler): |
|
|
|
Whether self.hash(password) == stored_hash. |
|
|
|
""" |
|
|
|
|
|
|
|
def _do_validate_hash(): |
|
|
|
def _do_validate_hash(checked_hash: bytes): |
|
|
|
# Normalise the Unicode in the password |
|
|
|
pw = unicodedata.normalize("NFKC", password) |
|
|
|
|
|
|
|
return bcrypt.checkpw( |
|
|
|
pw.encode("utf8") + self.hs.config.password_pepper.encode("utf8"), |
|
|
|
stored_hash, |
|
|
|
checked_hash, |
|
|
|
) |
|
|
|
|
|
|
|
if stored_hash: |
|
|
|
if not isinstance(stored_hash, bytes): |
|
|
|
stored_hash = stored_hash.encode("ascii") |
|
|
|
|
|
|
|
return await defer_to_thread(self.hs.get_reactor(), _do_validate_hash) |
|
|
|
return await defer_to_thread( |
|
|
|
self.hs.get_reactor(), _do_validate_hash, stored_hash |
|
|
|
) |
|
|
|
else: |
|
|
|
return False |
|
|
|
|
|
|
|