Récupération correcte du sel dans le mot de passe encodé

7 years ago · 6e08d3f415
1 changed files with 3 additions and 3 deletions
--- a/re2o/login.py
+++ b/re2o/login.py
@ -114,9 +114,9 @@ class CryptPasswordHasher(hashers.BasePasswordHasher):
        Check password against encoded using CRYPT algorithm
        """
        assert encoded.startswith(self.algorithm)
-        salt = hash_password_salt(challenge_password)
-        return constant_time_compare(crypt.crypt(password.encode(), salt),
-                                     challenge.encode())
+        salt = hash_password_salt(encoded)
+        return constant_time_compare(crypt.crypt(password, salt),
+                                     encoded)

    def safe_summary(self, encoded):
        """