Library Auth dengan Double Hashing Argon2id + HMAC-SHA512

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for harisad171 from gravatar.com harisad171

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License
  • Author: Haris Mujianto
  • Requires: Python >=3.7
Classifiers
Report project as malware

Project description

harisad_auth 🛡️

harisad_auth adalah librari Python untuk keamanan autentikasi tingkat tinggi. Librari ini menggabungkan teknik Double Layer Hashing (HMAC-SHA512 + Argon2id) untuk menghasilkan hash yang sangat panjang dan tahan terhadap serangan brute-force modern. Selain itu, librari ini menyediakan manajemen sesi yang ringan mirip dengan flask-login.

✨ Fitur Utama

  • Ultra-Secure Hashing: Menggunakan SHA512 sebagai pre-processor dan Argon2id sebagai main hasher.
  • Custom Output Length: Menghasilkan hash sepanjang 128-255 karakter.
  • Session Management: Dilengkapi dengan LoginManager dan UserMixin.
  • Pepper Support: Menambahkan lapisan keamanan rahasia di sisi server.
  • JSON Ready: Didesain agar mudah diintegrasikan dengan penyimpanan file JSON atau database SQL.

🚀 Cara Instalasi

Pastikan Anda telah menginstal dependensi yang diperlukan:

pip install argon2-cffi

Lalu instal librari ini (jika sudah di PyPI):

pip install harisad_auth

🛠️ Panduan Penggunaan

1. Enkripsi Password (Double Hashing)

Librari ini menggunakan HMAC-SHA512 yang kemudian dibungkus oleh Argon2id.

from harisad_auth import SecureHasher

# 1. Inisialisasi dengan Pepper rahasia (Simpan di .env, jangan di DB)
hasher = SecureHasher(pepper="KunciRahasiaNegara123", hash_len=64)

# 2. Membuat Hash
password_user = "rahasiaku123"
hashed_password = hasher.hash_password(password_user)

print(f"Hasil Hash: {hashed_password}")
print(f"Panjang Hash: {len(hashed_password)} karakter") # ~180-220 karakter

# 3. Verifikasi Password
is_valid = hasher.verify_password(hashed_password, "rahasiaku123")
print(f"Status Cocok: {is_valid}") # True

2. Manajemen Login & Sesi

Gunakan LoginManager untuk melacak status pengguna yang sedang aktif di aplikasi Anda.

from harisad_auth import LoginManager, UserMixin

# 1. Buat Class User Anda sendiri
class User(UserMixin):
    def __init__(self, id, username):
        super().__init__()
        self.id = id
        self.username = username

# 2. Setup Manager
auth_manager = LoginManager()

# 3. Proses Login
user_data = User(id=101, username="harisad")
auth_manager.login_user(user_data)

# 4. Cek Status User saat ini
print(f"User Aktif: {auth_manager.current_user.username}")
print(f"Status Autentikasi: {auth_manager.current_user.is_authenticated}")

# 5. Logout
auth_manager.logout_user()
print(f"Apakah sudah logout? {not auth_manager.current_user.is_authenticated}")

3. Integrasi dengan Penyimpanan JSON

Contoh penggunaan praktis jika Anda menggunakan file JSON sebagai database:

import json
from harisad_auth import SecureHasher, LoginManager

hasher = SecureHasher(pepper="MY_SECRET")
manager = LoginManager()

# Simulasi database JSON
db_data = '{"username": "harisad", "password_hash": "$argon2id$v=19$m=65536..."}'
user_record = json.loads(db_data)

# Logika Verifikasi
password_input = "password_anda"
if hasher.verify_password(user_record['password_hash'], password_input):
    # Buat objek user dan masukkan ke session manager
    print("Akses Diterima!")
else:
    print("Akses Ditolak!")

🔐 Keamanan Kriptografi

Secara teknis, librari ini memproses data dengan alur:

  1. HMAC-SHA512: Mengamankan password asli dengan Pepper rahasia.
  2. Argon2id: Melakukan hashing memori-keras pada hasil SHA512 untuk mencegah peretasan menggunakan GPU.

📜 Lisensi

Proyek ini dilindungi di bawah lisensi MIT.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for harisad171 from gravatar.com harisad171

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License
  • Author: Haris Mujianto
  • Requires: Python >=3.7
Classifiers

Release history Release notifications | RSS feed

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

harisad_auth-0.1.0.tar.gz (4.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

harisad_auth-0.1.0-py3-none-any.whl (5.3 kB view details)

Uploaded Python 3

File details

Details for the file harisad_auth-0.1.0.tar.gz.

File metadata

  • Download URL: harisad_auth-0.1.0.tar.gz
  • Upload date:
  • Size: 4.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.10.12

File hashes

Hashes for harisad_auth-0.1.0.tar.gz
Algorithm Hash digest
SHA256 e14034b301fcb1f95b83797d5e2cb01e429bd859d899e75864103587a18338b0
MD5 2986d0a81d970553f4a779613cb95d1f
BLAKE2b-256 499a3a307af5a9548c18607840b282db0781417ceb9a7ea273b702ff0e9f12fa

See more details on using hashes here.

File details

Details for the file harisad_auth-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: harisad_auth-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 5.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.10.12

File hashes

Hashes for harisad_auth-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 986f13b225f0a13fc090e16c919161a568bdaeb214dd4f712fe90a2ceeec730d
MD5 6867e806f8651cfaf20d781231de4824
BLAKE2b-256 74c77f1fbd10dca9d45da868a4fc689ae6493e9a3edb22320b40c76d3fb4608c

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page