Clarified documentation on fake_login_attempt and restored bcrypt import

This commit is contained in:
Christopher Allan Webber 2011-04-03 16:37:15 -05:00
parent 692fd1c981
commit 51479a1d22

View File

@ -15,9 +15,10 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
import os import os
import random import random
import bcrypt
def bcrypt_check_password(raw_pass, stored_hash, extra_salt=None): def bcrypt_check_password(raw_pass, stored_hash, extra_salt=None):
""" """
@ -71,7 +72,9 @@ def fake_login_attempt():
Pretend we're trying to login. Pretend we're trying to login.
Nothing actually happens here, we're just trying to take up some Nothing actually happens here, we're just trying to take up some
time. time, approximately the same amount of time as
bcrypt_check_password, so as to avoid figuring out what users are
on the system by intentionally faking logins a bunch of times.
""" """
rand_salt = bcrypt.gensalt(5) rand_salt = bcrypt.gensalt(5)