我想通过对密码进行散列然后在PSQL DB上检查散列来验证密码
我正在尝试比较哈希值-但是出现了Invalid Salt.
这是我的代码:
@app.route("/hello", methods=["POST", "GET"])
def hello():
email = request.form.get("email")
password = request.form.get("password")
password = bcrypt.generate_password_hash(password).decode('utf-8')
db.execute("INSERT INTO users (email, password) VALUES (:email,
:password)",{"email": email, "password": password})
db.commit()
AND
@app.route("/check", methods=["POST", "GET"])
def check():
email = request.form.get("login_email")
check_email_in_db = db.execute("SELECT COUNT(*) FROM users WHERE email = :email", {"email": email}).fetchall()
if check_email_in_db[0][0] == 1 :
email = request.form.get("login_email")
password = request.form.get("login_password")
retrive_password_from_db = db.execute("SELECT password FROM
users WHERE email = :email", {"email": email}).fetchall()
retrive_password_from_db = retrive_password_from_db[0][0]
if bcrypt.check_password_hash(password, retrive_password_from_db):
return("this works")
else:
return("something is wrong")
答案 0 :(得分:0)
好的,我知道了。我所要做的就是在散列时指定回合:
password = bcrypt.generate_password_hash(password, 10).decode('utf-8')