Ich versuche derzeit, bcrypt zu verwenden, um meine Seed-Passwörter zu verschlüsseln/zu hashen und sie in MYSQL zu speichern, aber es gibt mir immer wieder das gleiche Passwort. Ich verwende Python. Jede Hilfe wäre sehr dankbar!
user.py
from app.db import Base from sqlalchemy.orm import validates from sqlalchemy import Column, Integer, String salt = bcrypt.gensalt() class User(Base): __tablename__ = 'users' id = Column(Integer, primary_key=True) username = Column(String(50), nullable=False) email = Column(String(50), nullable=False, unique=True) password = Column(String(200), nullable=False) @validates('email') def validate_email(self, key, email): # make sure email address contains @ character assert '@' in email return email @validates('password') def validate_password(self, key, password): assert len(password) > 4 # encrypt password return bcrypt.hashpw(password.encode('utf-8'), salt)
seed.py
from app.models import User from app.db import Session, Base, engine # drop and rebuild tables Base.metadata.drop_all(engine) Base.metadata.create_all(engine) db = Session() # insert users db.add_all([ User(username='alesmonde0', email='nwestnedge0@cbc.ca', password='password123'), User(username='jwilloughway1', email='rmebes1@sogou.com', password='password123'), User(username='iboddam2', email='cstoneman2@last.fm', password='password123'), User(username='dstanmer3', email='ihellier3@goo.ne.jp', password='password123'), User(username='djiri4', email='gmidgley4@weather.com', password='password123') ]) db.commit() db.close()
您每次都传递相同的密码和盐:
如果您希望使用
bcrypt
相同的明文产生不同的哈希值,请在每次生成哈希值时重新生成盐(按照最佳实践,您应该这样做):假设:
如果以上都正确,则问题出在身份验证上,即“validate_password”方法根本不在 User 类中。 尝试正确识别它,它应该触发并散列密码。