I would like to use bcrypt
to hash passwords and later verify if a supplied password is correct.
Hashing passwords is easy:
import bcrypt password = u'foobar' password_hashed = bcrypt.hashpw(password, bcrypt.gensalt()) # then store password_hashed in a database
How can I compare a plain text password to the stored hash?
With py-bcrypt, you don't need to store the salt separately: bcrypt
stores the salt in the hash.
You can simply use the hash as a salt, and the salt is stored in the beginning of the hash.
>>> import bcrypt >>> salt = bcrypt.gensalt() >>> hashed = bcrypt.hashpw('secret', salt) >>> hashed.find(salt) 0 >>> hashed == bcrypt.hashpw('secret', hashed) True >>>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With