stackoom
  简体   繁体   中英

How to store hashed passwords on SQLite3 database?

 原文  2020-06-22 12:43:56       python/ sqlite

Question

I want to store passwords on a sqlite3 database on python, however I don't want to store the passwords in plaintext for obvious reasons. I have used bcrypt to hash the passwords, but I keep running into issues.

import tkinter as tk
import bcrypt
import sqlite3

conn = sqlite3.connect('TEST_DB.db')
c = conn.cursor()


class MainApplication():
    def __init__(self, root):
        self.password_var = tk.StringVar()
        password_entry = tk.Entry(root, textvariable=self.password_var)
        password_entry.pack()

        password = self.password_var.get()

        hashable_pw = bytes(password, encoding='utf-8')
        hashed_pw = bcrypt.hashpw(hashable_pw, bcrypt.gensalt())
        print(hashed_pw)

        c.execute("INSERT INTO Accounts (password) VALUES(?)", (hashed_pw,))
        conn.commit()

if __name__ == "__main__":
    root = tk.Tk()
    MainApplication(root)
    root.mainloop()

Printing the hashed password yields the results I want

b'$2b$12$4SPZzQKBSKS1H1WHYRoC6.9pZTy1veZpc6x5MdM/LA1zgoKZWV6I.'

But when I insert that value into the database table, it shows in this format.

Also, I have attempted to check the hash in the database against the plaintext password entered.

f = c.execute("SELECT password FROM Accounts WHERE user_ID=1")
        conn.commit()
        print("RETURNED HASH:", f)

        if bcrypt.checkpw(password, hashed_pw):
            print("It matches")
        else:
            print("Didn't match")

I believe based on how the format is shown in the database, there are some formatting issues involving that.

Here is the error message

TypeError: Unicode-objects must be encoded before checking

Updated to show database code

import sqlite3

conn = sqlite3.connect('TEST_DB.db')
c = conn.cursor()

c.execute("""CREATE TABLE Accounts (
            user_id INTEGER PRIMARY KEY AUTOINCREMENT,
            email_address NVARCHAR(320) NOT NULL DEFAULT '',
            password CHAR(60) NOT NULL DEFAULT '',
            )""")
conn.commit()

1 answers

solution1
 0  2021-02-20 08:10:35

password = self.password_var.get().encode("utf-8") it should resolve the issue.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Python - How to store hashed passwords How to store a hashed password to database? How to stop django to store images path in sqlite3 database SQLite3 reading Usernames&Passwords from database Store tweets with quotes in a SQLite3 database How to unlock database with sqlite3? Where/how to store application defined properties about a (SQLite3) database in the database? insering the hashed password into sqlite3 table How to store a date in a SQLite3 schema for Flask? How to store two dimensional array with sqlite3?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM