Merge pull request #1404 from pbiering/fix-1350

fix for #1350
Kozea · Mar 6, 2024 · dfaef5d · dfaef5d
2 parents 96a4927 + 1593742
commit dfaef5d
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 8 deletions.
diff --git a/config b/config
@@ -60,7 +60,7 @@
 
 # Htpasswd encryption method
 # Value: plain | bcrypt | md5
-# bcrypt requires the installation of radicale[bcrypt].
+# bcrypt requires the installation of 'bcrypt' module.
 #htpasswd_encryption = md5
 
 # Incorrect authentication delay (seconds)

diff --git a/radicale/auth/htpasswd.py b/radicale/auth/htpasswd.py
@@ -73,15 +73,11 @@ def __init__(self, configuration: config.Configuration) -> None:
             self._verify = self._md5apr1
         elif encryption == "bcrypt":
             try:
-                from passlib.hash import bcrypt
+                import bcrypt
             except ImportError as e:
                 raise RuntimeError(
                     "The htpasswd encryption method 'bcrypt' requires "
-                    "the passlib[bcrypt] module.") from e
-            # A call to `encrypt` raises passlib.exc.MissingBackendError with a
-            # good error message if bcrypt backend is not available. Trigger
-            # this here.
-            bcrypt.hash("test-bcrypt-backend")
+                    "the bcrypt module.") from e
             self._verify = functools.partial(self._bcrypt, bcrypt)
         else:
             raise RuntimeError("The htpasswd encryption method %r is not "
@@ -92,7 +88,7 @@ def _plain(self, hash_value: str, password: str) -> bool:
         return hmac.compare_digest(hash_value.encode(), password.encode())
 
     def _bcrypt(self, bcrypt: Any, hash_value: str, password: str) -> bool:
-        return bcrypt.verify(password, hash_value.strip())
+        return bcrypt.checkpw(password=password.encode('utf-8'), hashed_password=hash_value.encode())
 
     def _md5apr1(self, hash_value: str, password: str) -> bool:
         return apr_md5_crypt.verify(password, hash_value.strip())