From bfaf5655aec6a7f708c2f8477a908878a060ebf0 Mon Sep 17 00:00:00 2001
From: zoeller-freinet <86965592+zoeller-freinet@users.noreply.github.com>
Date: Tue, 9 Nov 2021 21:09:15 +0100
Subject: [PATCH] Clarify salt re-use for API keys (#1037)

---
 powerdnsadmin/models/api_key.py | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/powerdnsadmin/models/api_key.py b/powerdnsadmin/models/api_key.py
index 9c7d9d3..cb05890 100644
--- a/powerdnsadmin/models/api_key.py
+++ b/powerdnsadmin/models/api_key.py
@@ -87,6 +87,15 @@ class ApiKey(db.Model):
         else:
             pw = self.plain_text_password
 
+        # The salt value is currently re-used here intentionally because
+        # the implementation relies on just the API key's value itself
+        # for database lookup: ApiKey.is_validate() would have no way of
+        # discerning whether any given key is valid if bcrypt.gensalt()
+        # was used. As far as is known, this is fine as long as the
+        # value of new API keys is randomly generated in a
+        # cryptographically secure fashion, as this then makes
+        # expendable as an exception the otherwise vital protection of
+        # proper salting as provided by bcrypt.gensalt().
         return bcrypt.hashpw(pw.encode('utf-8'),
                              current_app.config.get('SALT').encode('utf-8'))