zoukankan      html  css  js  c++  java
  • Django自带加密模块的使用

    django官网介绍:https://docs.djangoproject.com/en/2.1/topics/auth/passwords/#module-django.contrib.auth.hashers

    Manually managing a user’s password¶
    The django.contrib.auth.hashers module provides a set of functions to create and validate hashed passwords. You can use them independently from the User model.
    
    check_password(password, encoded)[source]¶
    If you’d like to manually authenticate a user by comparing a plain-text password to the hashed password in the database, use the convenience function check_password(). It takes two arguments: the plain-text password to check, and the full value of a user’s password field in the database to check against, and returns True if they match, False otherwise.
    
    make_password(password, salt=None, hasher='default')[source]¶
    Creates a hashed password in the format used by this application. It takes one mandatory argument: the password in plain-text. Optionally, you can provide a salt and a hashing algorithm to use, if you don’t want to use the defaults (first entry of PASSWORD_HASHERS setting). See Included hashers for the algorithm name of each hasher. If the password argument is None, an unusable password is returned (one that will never be accepted by check_password()).
    
    is_password_usable(encoded_password)[source]¶
    Returns False if the password is a result of User.set_unusable_password().
    
    Changed in Django 2.1:
    In older versions, this also returns False if the password is None or an empty string, or if the password uses a hasher that’s not in the PASSWORD_HASHERS setting. That behavior is considered a bug as it prevents users with such passwords from requesting a password reset.
    View Code

    通过django自带的类库,来加密解密很方便,下面来简单介绍下;

    在settings.py里添加:

    PASSWORD_HASHERS = [
        'django.contrib.auth.hashers.PBKDF2PasswordHasher',
        'accounts.hashers.PBKDF2WrappedSHA1PasswordHasher',
    ]

    导入包:

    from django.contrib.auth.hashers import make_password, check_password

    加密:

    make_password(password, salt=None, hasher='default')
    
    Creates a hashed password in the format used by this application.
    It takes one mandatory argument: the password in plain-text.
    Optionally, you can provide a salt and a hashing algorithm to use, if you don’t want to use the defaults (first entry of PASSWORD_HASHERS setting).
    See Included hashers for the algorithm name of each hasher.
    If the password argument is None, an unusable password is returned (one that will never be accepted by check_password()).

    验证:

    check_password(password, encoded)
    If you’d like to manually authenticate a user by comparing a plain-text password to the hashed password in the database, use the convenience function check_password(). 
    It takes two arguments: the plain-text password to check, and the full value of a user’s password field in the database to check against, and returns True if they match, False otherwise.

    注:

      

    hasher可取以下值:
    
        pbkdf2_sha256
        pbkdf2_sha1
        argon2
        bcrypt_sha256
        bcrypt
        sha1
        md5
        unsalted_sha1
        unsalted_md5
        crypt
  • 相关阅读:
    ORACLE 11.2.0.4 OCR VOTING DISK 模拟恢复场景
    Oracle Enterprise Linux 6.4 下配置vncserver
    Oracle Enterprise Linux 6.4 下挂载ISCSI 设备
    关于Solaris 的磁盘的分区
    【Google Earth】pro之视频录制
    【爱江山越野跑】ITRA积分认证流程
    android发送邮件
    android手机有多个摄像头,打开其中一个
    Android截图
    Android中的ACCESS_MOCK_LOCATION权限使用Demo
  • 原文地址:https://www.cnblogs.com/navysummer/p/9426507.html
Copyright © 2011-2022 走看看