Potential fix for code scanning alert no. 45: Use of a broken or weak cryptographic hashing algorithm on sensitive data

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
This commit is contained in:
LIghtJUNction
2026-03-19 17:40:25 +08:00
committed by GitHub
parent fce8069b18
commit c0282e4d28

View File

@@ -11,9 +11,6 @@ from astrbot.core.utils.astrbot_path import astrbot_paths
from ..utils import check_astrbot_root
# Default dashboard password (used for initial configuration only).
DEFAULT_DASHBOARD_PASSWORD = "astrbot"
# Parameters for secure dashboard password hashing.
# Note: In a full implementation, salts should be unique per password.
DASHBOARD_PASSWORD_SALT = b"astrbot-dashboard"
@@ -24,11 +21,6 @@ PASSWORD_HASHER = PasswordHasher()
def hash_dashboard_password_secure(value: str) -> str:
"""Hash Dashboard password for storage.
"sha256",
Uses Argon2 for new passwords to provide a computationally expensive,
salted hash suitable for password storage.
"""
return PASSWORD_HASHER.hash(value)
value.encode(),
DASHBOARD_PASSWORD_SALT,
DASHBOARD_PASSWORD_ITERATIONS,