mgr/dashboard: fixed password generation in Auth controller

Fixes: http://tracker.ceph.com/issues/23404
Signed-off-by: Ricardo Dias <rdias@suse.com>

diff --git a/src/pybind/mgr/dashboard/controllers/auth.py b/src/pybind/mgr/dashboard/controllers/auth.py
index 28a2f28f7d36f9a94f701b2019247179cb62f6c2..1e40d022e2cbbdda05f08a9d78bcd4a2f0567ca3 100644 (file)
--- a/src/pybind/mgr/dashboard/controllers/auth.py
+++ b/src/pybind/mgr/dashboard/controllers/auth.py
@@ -2,7 +2,6 @@
 from __future__ import absolute_import
 
 import time
-import sys
 
 import bcrypt
 import cherrypy
@@ -58,9 +57,9 @@ class Auth(RESTController):
     def password_hash(password, salt_password=None):
         if not salt_password:
             salt_password = bcrypt.gensalt()
-        if sys.version_info > (3, 0):
-            return bcrypt.hashpw(password, salt_password)
-        return bcrypt.hashpw(password.encode('utf8'), salt_password)
+        else:
+            salt_password = salt_password.encode('utf8')
+        return bcrypt.hashpw(password.encode('utf8'), salt_password).decode('utf8')
 
     @staticmethod
     def check_auth():

diff --git a/src/pybind/mgr/dashboard/requirements.txt b/src/pybind/mgr/dashboard/requirements.txt
index f6191ea38572554e0a27c29cdff0a56cb12c6974..4484ed6609a273501b9dcf0ebbf4601a7c24e442 100644 (file)
--- a/src/pybind/mgr/dashboard/requirements.txt
+++ b/src/pybind/mgr/dashboard/requirements.txt
@@ -1,6 +1,7 @@
 astroid==1.6.1
 attrs==17.4.0
 backports.functools-lru-cache==1.4
+bcrypt==3.1.4
 cheroot==6.0.0
 CherryPy==13.1.0
 configparser==3.5.0
@@ -21,7 +22,6 @@ pycparser==2.18
 pylint==1.8.2
 pytest==3.3.2
 pytest-cov==2.5.1
-python-bcrypt==0.3.2
 pytz==2017.3
 requests==2.18.4
 singledispatch==3.4.0.3