
Flask snippets
« Salted » Passwords
Console Flask
Lancer la console :
(venv) flask shell
Importer la librairie :
>>> from werkzeug.security import generate_password_hash, check_password_hash
On peut tester si tout fonctionne :
>>> hash1 = generate_password_hash('myawesomepassword')
>>> hash2 = generate_password_hash('myawesomepassword')
>>> check_password_hash(hash1, 'myawesomepassword')
True
>>> check_password_hash(hash2, 'myawesomepassword')
True
Dans une app
L’implémentation est triviale :
from werkzeug.security import generate_password_hash, check_password_hash
class User(object):
def __init__(self, username, password):
self.username = username
self.set_password(password)
def set_password(self, password):
self.pw_hash = generate_password_hash(password)
def check_password(self, password):
return check_password_hash(self.pw_hash, password)
L’utilisation l’est aussi :
>>> me = User('nicolas', 'mypass')
>>> me.pw_hash
'sha1$Z9wtkQam$7e6e814998ab3de2b63401a58063c79d92865d79'
>>> me.check_password('mypass')
True
>>> me.check_password('mypassx')
False
Références externes
- Salted Passwords (en)
Commentaires récents