我正在处理此应用程序,并且已经设置了注册和登录页面。一切正常,唯一的问题是密码验证。我正在使用SHA256,每次尝试记录时都会遇到此错误:ValueError: not a valid sha256_crypt hash这里是一个def寄存器
def register():
if request.method=="POST":
name = request.form.get("name")
username = request.form.get("username")
password = request.form.get("password")
confirm = request.form.get("confirm")
secure_password = sha256_crypt.encrypt(str(password))def login():
if request.method == "POST":
username = request.form.get("username")
password = request.form.get("password")
usernamedata = db.execute("SELECT username FROM users WHERE username=:username", {"username":username}).fetchone()
passwordata = db.execute("SELECT password FROM users WHERE username=:username", {"username":username}).fetchone()
if usernamedata is None:
flash("No username", "danger")
return render_template("/login.html")
else:
for passwor_data in passwordata:
if sha256_crypt.verify(password,passwor_data):
flash("You are now logged in","success")
return redirect("/index.html")您正在遍历for passwor_data in passwordata:中哈希的每个字符,因此它抛出此错误,并抱怨第二个参数不是有效的sha256哈希。
应该是这样的:
if sha256_crypt.verify(password, passwordata):
flash("You are now logged in","success")
return redirect("/index.html")
简短示例:
from passlib.hash import sha256_crypt
password = "test"
passwordata = sha256_crypt.encrypt(password)
if sha256_crypt.verify(password, passwordata):
print("OK")