From 31d3d4e315d83419002211ed12160e0f72d297b9 Mon Sep 17 00:00:00 2001
From: chenyanpan <chenyanpan@huawei.com>
Date: Fri, 4 Sep 2020 14:47:01 +0800
Subject: [PATCH] catch check_password_hash exception

https://gitee.com/src-openeuler/patch-tracking/issues/I1TWVU
---
 patch-tracking/patch_tracking/api/auth.py | 26 ++++++++++++++++++++---
 1 file changed, 23 insertions(+), 3 deletions(-)

diff --git a/patch-tracking/patch_tracking/api/auth.py b/patch-tracking/patch_tracking/api/auth.py
index df9ed248..6916f9bc 100644
--- a/patch-tracking/patch_tracking/api/auth.py
+++ b/patch-tracking/patch_tracking/api/auth.py
@@ -1,10 +1,13 @@
 """
 http basic auth
 """
+import logging
 from werkzeug.security import check_password_hash
 from flask_httpauth import HTTPBasicAuth
 from flask import current_app as app
 
+logger = logging.getLogger(__name__)
+
 auth = HTTPBasicAuth()
 
 
@@ -13,7 +16,24 @@ def verify_password(username, password):
     """
     verify password
     """
-    if username == app.config["USER"] and \
-            check_password_hash(app.config["PASSWORD"], password):
-        return username
+    try:
+        if username == app.config["USER"] and \
+                check_password_hash(app.config["PASSWORD"], password):
+            return username
+    except ValueError as err:
+        logger.error(err)
+        return None
+    logger.error("verify password failed")
     return None
+
+
+if __name__ == "__main__":
+    try:
+        print(
+            check_password_hash(
+                " pbkdf2:sha256:150000$ClAZjafb$ec0718c193c000e70812a0709919596e7523ab581c25ea6883aadba33c2edf0d",
+                "Test@123"
+            )
+        )
+    except ValueError as err:
+        print(err)
-- 
GitLab