alee/vigilar
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: correct set-password docstring (scrypt, not bcrypt) #4

Merged
alee merged 1 commits from fix/audit-followups into main 2026-04-05 16:53:23 +00:00
Conversation 1 Commits 1 Files Changed 1 +1 -4
1 changed files with 1 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
vigilar/cli/cmd_config.py
View File

@@ -60,12 +60,9 @@ def show_cmd(config_path: str | None) -> None:
@config_cmd.command("set-password") @config_cmd.command("set-password")
@click.option("--config", "-c", "config_path", default=None, help="Path to vigilar.toml.") @click.option("--config", "-c", "config_path", default=None, help="Path to vigilar.toml.")
def set_password_cmd(config_path: str | None) -> None: def set_password_cmd(config_path: str | None) -> None:
"""Generate a bcrypt hash for the web UI password.""" """Generate a scrypt hash for the web UI password."""
try: try:
import hashlib
password = click.prompt("Enter web UI password", hide_input=True, confirmation_prompt=True) password = click.prompt("Enter web UI password", hide_input=True, confirmation_prompt=True)
# Use SHA-256 hash (bcrypt requires external dep, but cryptography is available)
from cryptography.hazmat.primitives.kdf.scrypt import Scrypt from cryptography.hazmat.primitives.kdf.scrypt import Scrypt
import os import os