堆栈内存溢出
  简体   繁体   English

使用django-rest-framework进行密码哈希处理?

[英]Password hash using django-rest-framework?

 原文  2018-09-09 11:37:38       python/ django/ django-rest-framework/ django-authentication/ django-rest-auth

问题描述

I figured out that django-auth hashes passwords per default with random salt in the background: https://docs.djangoproject.com/en/2.1/topics/auth/passwords/ 我发现django-auth默认在后台使用随机盐对密码进行哈希处理: https : //docs.djangoproject.com/en/2.1/topics/auth/passwords/

However, I am not quite sure yet, what's the difference between django-auth and django-rest-auth . 但是,我还不确定, django-authdjango-rest-auth什么区别。

And I could not find information whether django-rest-auth will also hash and salt passwords automatically. 而且我找不到信息django-rest-auth是否也会自动对密码进行哈希和盐析。

Could someone explain what exactly the differences are between django-auth and django-rest-auth , when to choose which and why there are two libraries for the same problem? 有人可以解释django-authdjango-rest-auth之间到底有什么区别,何时选择哪个以及为什么有两个库针对同一问题?

It is quite confusing for me as a beginner. 作为一个初学者,这让我很困惑。

1 个解决方案

解决方案1
 1 已采纳  2018-09-09 12:03:36

django-rest-auth 's documentation explains the purpose of the project pretty well: django-rest-auth的文档很好地说明了该项目的目的

Since the introduction of django-rest-framework, Django apps have been able to serve up app-level REST API endpoints. 自引入django-rest-framework以来,Django应用程序已能够提供应用程序级REST API端点。 As a result, we saw a lot of instances where developers implemented their own REST registration API endpoints here and there, snippets, and so on. 结果,我们看到了很多实例,其中开发人员在各处实现了自己的REST注册API端点,代码片段等。 We aim to solve this demand by providing django-rest-auth, a set of REST API endpoints to handle User Registration and Authentication tasks. 我们旨在通过提供django-rest-auth(一套用于处理用户注册和身份验证任务的REST API端点)来解决这一需求。 By having these API endpoints, your client apps such as AngularJS, iOS, Android, and others can communicate to your Django backend site independently via REST APIs for User Management. 通过具有这些API端点,您的客户端应用程序(例如AngularJS,iOS,Android等)可以通过用于用户管理的REST API独立地与Django后端站点进行通信。 Of course, we'll add more API endpoints as we see the demand. 当然,我们会根据需求添加更多的API端点。

The project exists to provide a set of common API endpoints for authentication. 该项目的存在是为了提供一组用于身份验证的通用API端点。 It doesn't handle authentication tasks itself, so it doesn't have to worry about things like password hashing. 它本身不处理身份验证任务,因此不必担心密码哈希等问题。

For example, its PasswordChangeSerializer uses the SetPasswordForm from django.contrib.auth . 例如,其PasswordChangeSerializer使用 django.contrib.authSetPasswordForm It gets to use all the good stuff that Django's built-in auth framework provides. 它可以使用Django内置身份验证框架提供的所有好东西。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 密码验证在 django-rest-framework 中不起作用 - Password validation not work in django-rest-framework 使用API​​TestCase和django-rest-framework - using APITestCase with django-rest-framework 在django-rest-framework的过滤器中使用自定义方法 - Using custom methods in filter with django-rest-framework 使用视图的django-rest-framework通过POST返回500 - django-rest-framework using views returns 500 with a POST 使用 django-rest-framework 以 python 关键字序列化 JSON - Serialize JSON with a python keyword using the django-rest-framework 使用django-rest-framework将模型对象序列化为JSON dict - Serialize model objects into a JSON dict using django-rest-framework 在 Django-REST-framework 中为 ModelViewSet 使用 defaultRouter() 时重定向错误 - Wrong redirects when using defaultRouter() for ModelViewSet in Django-REST-framework 使用序列化程序类 django-rest-framework 插入数据 - Insert data using serializer class django-rest-framework 使用 django-rest-framework 在 OneToOneField 上插入数据 - Insert data on OneToOneField using django-rest-framework 如何使用django-rest-framework序列化ValuesQuerySet? - How to serialize a ValuesQuerySet using django-rest-framework?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM