thePR0M3TH3AN/seedPass
1
0
Fork 0
mirror of https://github.com/PR0M3TH3AN/SeedPass.git synced 2025-09-09 15:58:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #601 from PR0M3TH3AN/codex/mask-sensitive-data-with-asterisks

Browse Source 
Use masked input for passwords
This commit is contained in:
thePR0M3TH3AN
2025-07-17 10:18:41 -04:00
committed by GitHub
parent 09d1bf51fc 764631b8ba
commit b3c7d796e1
5 changed files with 11 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/main.py
View File

@@ -10,7 +10,6 @@ if vendor_dir.exists():
import os import os
import logging import logging
import signal import signal
import getpass
import time import time
import argparse import argparse
import asyncio import asyncio

4
src/password_manager/config_manager.py
View File

@@ -6,7 +6,7 @@ import logging
from pathlib import Path from pathlib import Path
from typing import List, Optional from typing import List, Optional
import getpass from utils.seed_prompt import masked_input
import bcrypt import bcrypt
@@ -93,7 +93,7 @@ class ConfigManager:
self.save_config(data) self.save_config(data)
if require_pin and data.get("pin_hash"): if require_pin and data.get("pin_hash"):
for _ in range(3): for _ in range(3):
pin = getpass.getpass("Enter settings PIN: ").strip() pin = masked_input("Enter settings PIN: ").strip()
if bcrypt.checkpw(pin.encode(), data["pin_hash"].encode()): if bcrypt.checkpw(pin.encode(), data["pin_hash"].encode()):
break break
print("Invalid PIN") print("Invalid PIN")

5
src/password_manager/manager.py
View File

@@ -12,7 +12,6 @@ with the password manager functionalities.
import sys import sys
import json import json
import logging import logging
import getpass
import os import os
import hashlib import hashlib
from typing import Optional, Literal from typing import Optional, Literal
@@ -668,8 +667,8 @@ class PasswordManager:
Prompts the user for the master password to decrypt the seed. Prompts the user for the master password to decrypt the seed.
""" """
try: try:
# Prompt for password # Prompt for password using masked input
password = getpass.getpass(prompt="Enter your login password: ").strip() password = prompt_existing_password("Enter your login password: ")
# Derive encryption key from password # Derive encryption key from password
iterations = ( iterations = (

8
src/tests/test_password_prompt.py
View File

@@ -9,16 +9,14 @@ from utils import password_prompt
def test_prompt_new_password(monkeypatch): def test_prompt_new_password(monkeypatch):
responses = cycle(["goodpass", "goodpass"]) responses = cycle(["goodpass", "goodpass"])
monkeypatch.setattr( monkeypatch.setattr(password_prompt, "masked_input", lambda prompt: next(responses))
password_prompt.getpass, "getpass", lambda prompt: next(responses)
)
result = password_prompt.prompt_new_password() result = password_prompt.prompt_new_password()
assert result == "goodpass" assert result == "goodpass"
def test_prompt_new_password_retry(monkeypatch, caplog): def test_prompt_new_password_retry(monkeypatch, caplog):
seq = iter(["pass1", "pass2", "passgood", "passgood"]) seq = iter(["pass1", "pass2", "passgood", "passgood"])
monkeypatch.setattr(password_prompt.getpass, "getpass", lambda prompt: next(seq)) monkeypatch.setattr(password_prompt, "masked_input", lambda prompt: next(seq))
caplog.set_level(logging.WARNING) caplog.set_level(logging.WARNING)
result = password_prompt.prompt_new_password() result = password_prompt.prompt_new_password()
assert "User entered a password shorter" in caplog.text assert "User entered a password shorter" in caplog.text
@@ -26,7 +24,7 @@ def test_prompt_new_password_retry(monkeypatch, caplog):
def test_prompt_existing_password(monkeypatch): def test_prompt_existing_password(monkeypatch):
monkeypatch.setattr(password_prompt.getpass, "getpass", lambda prompt: "mypassword") monkeypatch.setattr(password_prompt, "masked_input", lambda prompt: "mypassword")
assert password_prompt.prompt_existing_password() == "mypassword" assert password_prompt.prompt_existing_password() == "mypassword"

9
src/utils/password_prompt.py
View File

@@ -11,11 +11,10 @@ this module enhances code reuse, security, and maintainability across the applic
Ensure that all dependencies are installed and properly configured in your environment. Ensure that all dependencies are installed and properly configured in your environment.
""" """
import getpass from utils.seed_prompt import masked_input
import logging import logging
import sys import sys
import unicodedata import unicodedata
import traceback
from termcolor import colored from termcolor import colored
from colorama import init as colorama_init from colorama import init as colorama_init
@@ -53,8 +52,8 @@ def prompt_new_password() -> str:
while attempts < max_retries: while attempts < max_retries:
try: try:
password = getpass.getpass(prompt="Enter a new password: ").strip() password = masked_input("Enter a new password: ").strip()
confirm_password = getpass.getpass(prompt="Confirm your password: ").strip() confirm_password = masked_input("Confirm your password: ").strip()
if not password: if not password:
print( print(
@@ -128,7 +127,7 @@ def prompt_existing_password(
attempts = 0 attempts = 0
while attempts < max_retries: while attempts < max_retries:
try: try:
password = getpass.getpass(prompt=prompt_message).strip() password = masked_input(prompt_message).strip()
if not password: if not password:
print( print(