# HG changeset patch
# User RhodeCode Admin <admin@rhodecode.com>
# Date 2023-03-10 09:09:09
# Node ID 8dd2ba8fed80bfa4e3c1734d34707f4e5cb94fae
# Parent  70c118757292950034671a9d50bad096ec833425

auth: re-orginize imports use hashlib helpers

diff --git a/rhodecode/lib/auth.py b/rhodecode/lib/auth.py
--- a/rhodecode/lib/auth.py
+++ b/rhodecode/lib/auth.py
@@ -28,7 +28,6 @@ import colander
 import time
 import collections
 import fnmatch
-import hashlib
 import itertools
 import logging
 import random
@@ -50,11 +49,14 @@ from rhodecode.model.db import (
     false, User, Repository, Permission, UserToPerm, UserGroupToPerm, UserGroupMember,
     UserIpMap, UserApiKeys, RepoGroup, UserGroup, UserNotice)
 from rhodecode.lib import rc_cache
-from rhodecode.lib.utils2 import safe_unicode, aslist, safe_str, md5, safe_int, sha1
 from rhodecode.lib.utils import (
     get_repo_slug, get_repo_group_slug, get_user_group_slug)
+from rhodecode.lib.type_utils import aslist
+from rhodecode.lib.hash_utils import sha1, sha256, md5
+from rhodecode.lib.str_utils import ascii_bytes, safe_str, safe_int, safe_bytes
 from rhodecode.lib.caching_query import FromCache
 
+
 if rhodecode.is_unix:
     import bcrypt
 
@@ -196,7 +198,7 @@ class _RhodeCodeCryptoSha256(_RhodeCodeC
 
     def hash_create(self, str_):
         self._assert_bytes(str_)
-        return hashlib.sha256(str_).hexdigest()
+        return sha256(str_)
 
     def hash_check(self, password, hashed):
         """
@@ -206,7 +208,7 @@ class _RhodeCodeCryptoSha256(_RhodeCodeC
         :param hashed: password in hashed form
         """
         self._assert_bytes(password)
-        return hashlib.sha256(password).hexdigest() == hashed
+        return sha256(password) == hashed
 
 
 class _RhodeCodeCryptoTest(_RhodeCodeCryptoBase):
@@ -274,7 +276,7 @@ def generate_auth_token(data, salt=None)
 
     if salt is None:
         salt = os.urandom(16)
-    return hashlib.sha1(safe_str(data) + salt).hexdigest()
+    return sha1(data + salt)
 
 
 def get_came_from(request):
@@ -1576,7 +1578,7 @@ class AuthUser(object):
     def get_cookie_store(self):
         return {
             'username': self.username,
-            'password': md5(self.password or ''),
+            'password': md5(safe_bytes(self.password or '')),
             'user_id': self.user_id,
             'is_authenticated': self.is_authenticated
         }
@@ -1675,7 +1677,7 @@ def get_csrf_token(session, force_new=Fa
     # from pyramid.csrf import get_csrf_token
 
     if (csrf_token_key not in session and save_if_missing) or force_new:
-        token = hashlib.sha1(str(random.getrandbits(128))).hexdigest()
+        token = sha1(ascii_bytes(str(random.getrandbits(128))))
         session[csrf_token_key] = token
         if hasattr(session, 'save'):
             session.save()
diff --git a/rhodecode/lib/hash_utils.py b/rhodecode/lib/hash_utils.py
--- a/rhodecode/lib/hash_utils.py
+++ b/rhodecode/lib/hash_utils.py
@@ -36,3 +36,11 @@ def sha1(s):
 
 def sha1_safe(s):
     return sha1(safe_bytes(s))
+
+
+def sha256(s):
+    return hashlib.sha256(s).hexdigest()
+
+
+def sha256_safe(s):
+    return sha256(safe_bytes(s))