首先,我正在使用带有Sqlite的Python瓶。我遇到的麻烦是当我尝试加盐和哈希然后停止程序。我读过的每个页面都会以其他方式生成密码,因此我不知道该怎么做。我试过的所有方法都是错误的。
def create(self):
username = request.forms.get('username')
password = request.forms.get('password')
email = request.forms.get('email')
sex = request.forms.get('sex')
usertype = request.forms.get('usertype')
registration = datetime.utcnow()
salt = request.forms.get('password') ########## salt and hash
hash = hashlib.sha512(password + salt).hexdigest()
c = self.db.execute('insert into users (username, email, password, registration, sex, usertype) values (?, ?, ?, ?, ?, ?)', \
(hash, salt, username, email, password, registration, sex, usertype))
答案 0 :(得分:1)
使用“passlib”进行密码散列和检查。阅读其文档并使用它建议的现代算法之一,如bcrypt,pbkdf2,sha512_crypt。