def register(request):
flag = True
possible = '0123456789abcdefghijklmnopqrstuvwxyz'
token = ''
current_datetime = datetime.datetime.now()
user = UsersModelForm()
if request.method == 'POST':
userf = UsersModelForm(request.POST)
username = userf.data['username']
password = userf.data['password']
passwordrepeat = userf.data['passwordrepeat']
email = userf.data['email']
if password != passwordrepeat:
flag = False
passVariable = {'user':user, 'flag': False}
return render_to_response('register.html', passVariable, context_instance=RequestContext(request))
elif password == passwordrepeat:
for i in range(1,10):
temp = random.choice(possible)
token = token + temp
print token
if userf.is_valid():
check = userf.save(commit=False)
check.email_token = token
check.email_token_expiry = current_datetime + timedelta(1)
check.save()
return HttpResponseRedirect('/')
else:
return render_to_response('register.html', {"user": user, 'flag': True}, context_instance=RequestContext(request))
我需要在保存到数据库表之前对userf.data['password']和userf.data['repeatpassword']应用散列方法。
哪种散列方法更适合使用python进行散列?
答案 0 :(得分:6)
使用bcrypt。
以下是README:
的示例import bcrypt
# Hash a password for the first time
hashed = bcrypt.hashpw(password, bcrypt.gensalt())
# gensalt's log_rounds parameter determines the complexity
# the work factor is 2**log_rounds, and the default is 12
hashed = bcrypt.hashpw(password, bcrypt.gensalt(10))
# Check that an unencrypted password matches one that has
# previously been hashed
if bcrypt.hashpw(plaintext, hashed) == hashed:
print "It matches"
else:
print "It does not match"
答案 1 :(得分:1)
您可以找到有关如何为django.contrib.auth here完成此操作的说明。有关详细信息,您还可以查看hashers module中的make_password功能。