All geek questions in one place

Python password generator for django

How can I manually create a password for django? For example, in another application, but using the same database as django. For username 'admin' password like this

pbkdf2_sha256$10000$T0BzrDwfZSrI$pSgvDEam9V9jcdYpYDVkYMMwtSnRrFdf6Aqow82Tjr8=
+6
source share
2 answers

I think this might be what you are looking for:

Manual user password management

make_password (password [, salt, hash]]

Creates a hashed password in the format used by this application. One required argument is required: password in text format. Optionally, you can provide salt and a hash algorithm if you do not want to use the default settings (first write the PASSWORD_HASHERS parameter). The currently supported algorithms are: 'pbkdf2_sha256', 'pbkdf2_sha1', 'bcrypt_sha256' (see Using bcrypt with Django), 'bcrypt', 'sha1', 'md5', 'unsalted_md5' (only for backward compatibility) and ' crypt 'if you have a crypt library installed. If the password argument is None, an unacceptable password (one that will never be accepted by check_password ()).

I need a write function to use without django

Well, fortunately, Django is open source, so you can go and get what you need. The function source is displayed here .

+10
source

The most common ( not secure ) hash algorithm is md5 . Extracting a few ideas from a Django password system might be as follows:

 import hashlib def make_password(password): assert password hash = hashlib.md5(password).hexdigest() return hash def check_password(hash, password): """Generates the hash for a password and compares it.""" generated_hash = make_password(password) return hash == generated_hash >>> hash = make_password('hello123') >>> hash 'f30aa7a662c728b7407c54ae6bfd27d1' >>> check_password(hash, 'hello123') True >>> check_password(hash, 'Hello123') False

Use make_password to generate the hash and check_password to check if the entered password matches the saved one.

As @Emil noted, Django supports multiple passwords, such as pbkdf2_sha256 and pbkdf2_sha1, storing the string as a 3x value, separated by $ : algorithm$salt$hash . salt is a randomly generated string to prevent the same password from being repeated in the database.

+3
source

Source: https://habr.com/ru/post/954955/

More articles:


All Articles