Merge pull request #142 from kaechele/master

Replace python libraries with better maintained versions

app/models.py

@@ -6,7 +6,7 @@ import bcrypt
 import urlparse
 import itertools
 import traceback
-import onetimepass
+import pyotp
 
 from datetime import datetime
 from distutils.version import StrictVersion
@@ -111,17 +111,18 @@ class User(db.Model):
         return 'otpauth://totp/PowerDNS-Admin:%s?secret=%s&issuer=PowerDNS-Admin' % (self.username, self.otp_secret)
 
     def verify_totp(self, token):
-        return onetimepass.valid_totp(token, self.otp_secret)
+        totp = pyotp.TOTP(self.otp_secret)
+        return totp.verify(int(token))
 
     def get_hashed_password(self, plain_text_password=None):
         # Hash a password for the first time
         #   (Using bcrypt, the salt is saved into the hash itself)
         pw = plain_text_password if plain_text_password else self.plain_text_password
-        return bcrypt.hashpw(pw, bcrypt.gensalt())
+        return bcrypt.hashpw(pw.encode('utf-8'), bcrypt.gensalt())
 
     def check_password(self, hashed_password):
         # Check hased password. Useing bcrypt, the salt is saved into the hash itself
-        return bcrypt.checkpw(self.plain_text_password, hashed_password)
+        return bcrypt.checkpw(self.plain_text_password.encode('utf-8'), hashed_password.encode('utf-8'))
 
     def get_user_info_by_id(self):
         user_info = User.query.get(int(self.id))

app/views.py

@@ -8,7 +8,8 @@ from functools import wraps
 from io import BytesIO
 
 import jinja2
-import pyqrcode
+import qrcode as qrc
+import qrcode.image.svg as qrc_svg
 from flask import g, request, make_response, jsonify, render_template, session, redirect, url_for, send_from_directory, abort
 from flask_login import login_user, logout_user, current_user, login_required
 from werkzeug import secure_filename
@@ -712,9 +713,9 @@ def qrcode():
         return redirect(url_for('index'))
 
     # render qrcode for FreeTOTP
-    url = pyqrcode.create(current_user.get_totp_uri())
+    img = qrc.make(current_user.get_totp_uri(), image_factory=qrc_svg.SvgImage)
     stream = BytesIO()
-    url.svg(stream, scale=3)
+    img.save(stream)
     return stream.getvalue(), 200, {
         'Content-Type': 'image/svg+xml',
         'Cache-Control': 'no-cache, no-store, must-revalidate',

create_db.py

@@ -1,4 +1,4 @@
-#!flask/bin/python
+#!/usr/bin/env python
 
 from migrate.versioning import api
 from config import SQLALCHEMY_DATABASE_URI

db_downgrade.py

@@ -1,4 +1,4 @@
-#!flask/bin/python
+#!/usr/bin/env python
 from migrate.versioning import api
 from config import SQLALCHEMY_DATABASE_URI
 from config import SQLALCHEMY_MIGRATE_REPO

db_migrate.py

@@ -1,4 +1,4 @@
-#!flask/bin/python
+#!/usr/bin/env python
 import imp
 from migrate.versioning import api
 from app import db

db_upgrade.py

@@ -1,4 +1,4 @@
-#!flask/bin/python
+#!/usr/bin/env python
 from migrate.versioning import api
 from config import SQLALCHEMY_DATABASE_URI
 from config import SQLALCHEMY_MIGRATE_REPO

requirements.txt

@@ -2,13 +2,13 @@ Flask>=0.10
 Flask-WTF>=0.11
 Flask-Login>=0.2.11
 configobj==5.0.5
-py-bcrypt==0.4
+bcrypt==3.1.0
 requests==2.7.0
 python-ldap==2.4.21
 Flask-SQLAlchemy==2.1
 SQLAlchemy==1.0.9
 sqlalchemy-migrate==0.10.0
-onetimepass==1.0.1
-PyQRCode==1.2
+pyotp==2.2.1
+qrcode==5.3
 Flask-OAuthlib==0.9.3
-dnspython>=1.12.0
+dnspython>=1.12.0

run.py

@@ -1,4 +1,4 @@
-#!flask/bin/python
+#!/usr/bin/env python
 from app import app
 from config import PORT