Commit graph

5 commits

Author SHA1 Message Date
Son
372466ab06 do not use flask-sqlalchemy
- add __tablename__ for all models
- use sa and orm instead of db
- rollback all changes in tests
- remove session in @app.teardown_appcontext
2021-10-12 14:36:47 +02:00
Son NK
09d00df363 reformat imports 2021-06-27 17:50:36 +02:00
nicoo
586654e08e app.pw_models: Refactor, use constant-time equality 2021-05-29 17:42:46 +02:00
nicoo
ecd74b801b app.pw_models: Use unicode normalization
Per NIST [SP800-63B, §5.1.1.2] Memorized Secret Verifiers :
> the verifier SHOULD apply the Normalization Process for
> Stabilized Strings using either the NFKC or NFKD normalization

This is necessary for Unicode passwords to work reliably.
ASCII-only passwords aren't affected.

[SP800-63B, §5.1.1.2]: https://pages.nist.gov/800-63-3/sp800-63b.html#-5112-memorized-secret-verifiers
2021-05-27 22:16:07 +02:00
nicoo
52d4d2abdb app.models: minor refactor (extract pw auth) 2021-05-26 18:18:47 +02:00