無法使用Python使用散列密碼進行驗證
[英]could not validate with the hashed password using Python
問題描述
我需要一個幫助。 使用Python登錄時,我需要使用用戶輸入的密碼來驗證哈希密碼。 我在下面解釋我的代碼。
from bcrypt import hashpw, gensalt
def signsave(request):
"""This function helps to save signup data"""
if request.method == 'POST':
name = request.POST.get('uname')
password = request.POST.get('pass')
con_pass = request.POST.get('conpass')
if password == con_pass:
hashed = hashpw(password.encode('utf8'), gensalt(13))
passw = User(
uname=name,
password=hashed
)
passw.save()
message = "Registered successfully"
return render(request, 'bookingservice/login.html',
{'msg': message})
else:
message = "The password did not match "
return render(request, 'bookingservice/signup.html',
{'msg': message})
在這里,我使用Bcrypt對用戶輸入的密碼進行哈希處理並將其存儲到數據庫中。
def loginsave(request):
"""This function helps to login the user """
if request.method == 'POST':
password = request.POST.get('pass')
uname = request.POST.get('uname')
if password == '':
return render(request, 'bookingservice/login.html', {})
else:
per = User.objects.all().filter(Q(uname__icontains=uname)).count()
if per > 0:
user = User.objects.filter(Q(uname__icontains=uname))
for use in user:
uid = use.id
user_name = use.uname
enc_pass = use.password
hashed = hashpw(password.encode('utf8'), gensalt(13))
if hashpw(password.encode('utf8'), hashed) == enc_pass:
request.session['id'] = uid
return render(request, 'bookingservice/home.html',
{'count': per, 'username': user_name})
else:
return render(request, 'bookingservice/login.html', {})
else:
return render(request, 'bookingservice/login.html', {})
在這里,我從數據庫中檢索哈希密碼,並將其與用戶輸入值進行匹配。 在這種情況下,用戶登錄時有效密碼也不匹配。 我需要將密碼以散列格式存儲在數據庫中,該密碼將在用戶登錄時再次匹配。 請幫忙。
1 個解決方案
解決方案1
0 已采納 2017-09-20 09:46:45
鹽通過bcrypt存儲在密碼的散列中。
在bcrypt中使用checkpw方法。
from bcrypt import hashpw, gensalt, checkpw
def loginsave(request):
"""This function helps to login the user """
if request.method == 'POST':
password = request.POST.get('pass')
uname = request.POST.get('uname')
if password == '':
return render(request, 'bookingservice/login.html', {})
else:
per = User.objects.all().filter(Q(uname__icontains=uname)).count()
if per > 0:
user = User.objects.filter(Q(uname__icontains=uname))
for use in user:
uid = use.id
user_name = use.uname
enc_pass = use.password
hashed = hashpw(password.encode('utf8'), user_salt)
if hashpw(password.encode('utf8'), hashed) == enc_pass:
if checkpw(password, enc_pass):
request.session['id'] = uid
return render(request, 'bookingservice/home.html',
{'count': per, 'username': user_name})
else:
return render(request, 'bookingservice/login.html', {})
else:
return render(request, 'bookingservice/login.html', {})
Python是否可以識別Java中使用BCrypt的哈希密碼?
[英]Can a hashed password using BCrypt in Java be recognised by Python?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.