Brcrypt hashing for Flask.
Project description
Flask-Bcrypt
Why Fork?
Original repo gets some updates at GitHub, but new versions are not uploaded to pypi at all. Maintainer declined to keep pypi project up to date. So here's this repo: pypi package is automatically updated and is in sync with the master branch.
Description
Flask-Bcrypt is a Flask extension that provides bcrypt hashing utilities for your application.
Due to the recent increased prevalence of powerful hardware, such as modern GPUs, hashes have become increasingly easy to crack. A proactive solution to this is to use a hash that was designed to be "de-optimized". Bcrypt is such a hashing facility; unlike hashing algorithms such as MD5 and SHA1, which are optimized for speed, bcrypt is intentionally structured to be slow.
For sensitive data that must be protected, such as passwords, bcrypt is an advisable choice.
Installation
Install using pip:
pip install Bcrypt-Flask
Usage
To use the extension simply import the class wrapper and pass the Flask app object back to here. Do so like this:
from flask import Flask
from flask_bcrypt import Bcrypt
app = Flask(__name__)
bcrypt = Bcrypt(app)
Two primary hashing methods are now exposed by way of the bcrypt object. Use them like so:
pw_hash = bcrypt.generate_password_hash('hunter2')
bcrypt.check_password_hash(pw_hash, 'hunter2') # returns True
Configuration
(Flask config)
BCRYPT_LOG_ROUNDS: default12BCRYPT_HASH_PREFIX: default'2b'BCRYPT_HANDLE_LONG_PASSWORDS: defaultFalse. By default, the bcrypt algorithm has a maximum password length of 72 bytes and ignores any bytes beyond that. A common workaround is to hash the given password using a cryptographic hash (such assha256), take its hexdigest to prevent NULL byte problems, and hash the result with bcrypt. If theBCRYPT_HANDLE_LONG_PASSWORDSconfiguration value is set toTrue, the workaround described above will be enabled. Warning: do not enable this option on a project that is already using Flask-Bcrypt, or you will break password checking. Warning: if this option is enabled on an existing project, disabling it will break password checking.
Documentation
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file Bcrypt-Flask-1.0.2.tar.gz.
File metadata
- Download URL: Bcrypt-Flask-1.0.2.tar.gz
- Upload date:
- Size: 6.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.4.2 importlib_metadata/4.6.1 pkginfo/1.7.1 requests/2.26.0 requests-toolbelt/0.9.1 tqdm/4.61.2 CPython/3.8.11
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 689044bbc7654e5b3db6928e54851be2b519e76a6851dfa344a9a18ab39fc1f2 |
|
| MD5 | 18ecb37a93dc07f2eae69aaa5e1e792b |
|
| BLAKE2b-256 | 4481fff762b7f79fbcc712b6d81e98f4954a82fa525615eea3f55d252a3756fa |
File details
Details for the file Bcrypt_Flask-1.0.2-py3-none-any.whl.
File metadata
- Download URL: Bcrypt_Flask-1.0.2-py3-none-any.whl
- Upload date:
- Size: 6.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.4.2 importlib_metadata/4.6.1 pkginfo/1.7.1 requests/2.26.0 requests-toolbelt/0.9.1 tqdm/4.61.2 CPython/3.8.11
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 32b4ca64dcb3910183e52cdd66c8480bce6f4ac4607faf008297c47c5c44ab67 |
|
| MD5 | 68fdf672d6fa4237095376fa7ec856e1 |
|
| BLAKE2b-256 | 3ac7736e83781652e92a42ae679e86e34b47e206d61a51181e5683385323e473 |
