我目前正在尝试使用 bcrypt 来加密/散列我的种子密码并将它们存储在 MYSQL 中,但它一直给我相同的密码。我正在使用Python。任何帮助将不胜感激!
用户.py
from app.db import Base from sqlalchemy.orm import validates from sqlalchemy import Column, Integer, String salt = bcrypt.gensalt() class User(Base): __tablename__ = 'users' id = Column(Integer, primary_key=True) username = Column(String(50), nullable=False) email = Column(String(50), nullable=False, unique=True) password = Column(String(200), nullable=False) @validates('email') def validate_email(self, key, email): # make sure email address contains @ character assert '@' in email return email @validates('password') def validate_password(self, key, password): assert len(password) > 4 # encrypt password return bcrypt.hashpw(password.encode('utf-8'), salt)
种子.py
from app.models import User from app.db import Session, Base, engine # drop and rebuild tables Base.metadata.drop_all(engine) Base.metadata.create_all(engine) db = Session() # insert users db.add_all([ User(username='alesmonde0', email='nwestnedge0@cbc.ca', password='password123'), User(username='jwilloughway1', email='rmebes1@sogou.com', password='password123'), User(username='iboddam2', email='cstoneman2@last.fm', password='password123'), User(username='dstanmer3', email='ihellier3@goo.ne.jp', password='password123'), User(username='djiri4', email='gmidgley4@weather.com', password='password123') ]) db.commit() db.close()
您每次都传递相同的密码和盐:
如果您希望使用
bcrypt
相同的明文产生不同的哈希值,请在每次生成哈希值时重新生成盐(按照最佳实践,您应该这样做):假设:
如果以上都正确,则问题出在身份验证上,即“validate_password”方法根本不在 User 类中。 尝试正确识别它,它应该触发并散列密码。