Project description

django_firebase_scrypt

A Django password hasher based off scrypt to use for user accounts imported from Firebase.

Installation

Install dependencies according to your Python version and OS:

# Debian/Ubuntu
$ sudo apt-get install build-essential libssl-dev python-dev

# Fedora, RHEL
$ sudo yum install gcc openssl-devel python-devel

# Alpine Linux (Docker Containers)
$ apk add gcc openssl-dev python-dev

# (If you're on Python3, install the Python3 versions of the above packages)

# Mac
# Without setting the flags below, install will fail to find the necessary files
$ brew install openssl
$ export CFLAGS="-I$(brew --prefix openssl)/include $CFLAGS"
$ export LDFLAGS="-L$(brew --prefix openssl)/lib $LDFLAGS"

Then install this package

pip install django-firebase-scrypt

Usage

Add this to your hashers settings.py like so

PASSWORD_HASHERS = (
  'django_firebase_scrypt.FirebaseScryptPasswordHasher',
  'django.contrib.auth.hashers.PBKDF2PasswordHasher',
  'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
  'django.contrib.auth.hashers.SHA1PasswordHasher',
  'django.contrib.auth.hashers.MD5PasswordHasher',
  'django.contrib.auth.hashers.CryptPasswordHasher',
  'django.contrib.auth.hashers.Argon2PasswordHasher',
  'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
)

# Retrieve these from  the Firebase console - see https://firebaseopensource.com/projects/firebase/scrypt/
FIREBASE_SIGNER_KEY = "jxspr8Ki0RYycVU8zykbdLGjFQ3McFUH0uiiTvC8pVMXAn210wjLNmdZJzxUECKbm0QsEmYUSDzZvpjeJ9WmXA=="
FIREBASE_SALT_SEPARATOR = "Bw=="
FIREBASE_ROUNDS = 8
FIREBASE_MEMCOST = 14

You can also move FirebaseScryptPasswordHasher to the bottom of your hashers if you only want to use it to validate old, migrated hashes instead of generating them for new users.

Migration

Migrate your Firebase users to Django. You can do so as follows:

# Grab your users and their password hashes using the auth:export command
$ auth:export users.json

import json

import django
django.setup()
from django.contrib.auth import get_user_model

from django_firebase_scrypt import FirebaseScryptPasswordHasher

User = get_user_model()

with open("users.json", "r") as user_file:
    firebase_users = json.load(user_file)["users"]

for firebase_user in firebase_users:
    django_password = f"{FirebaseScryptPasswordHasher.algorithm}${firebase_user['salt']}${firebase_user['passwordHash']}"
    django_user = User(email=firebase_user["email"], password=django_password, ...any_other_user_fields)
    django_user.save()

Project details

These details have not been verified by PyPI

Project links

Homepage

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Release history Release notifications | RSS feed

This version

0.0.2

Apr 13, 2020

0.0.1

Apr 13, 2020

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django_firebase_scrypt-0.0.2.tar.gz (3.2 kB view hashes)

Uploaded Apr 13, 2020 Source

Built Distribution

django_firebase_scrypt-0.0.2-py3-none-any.whl (4.3 kB view hashes)

Uploaded Apr 13, 2020 Python 3

Hashes for django_firebase_scrypt-0.0.2.tar.gz

Hashes for django_firebase_scrypt-0.0.2.tar.gz
Algorithm	Hash digest
SHA256	`18376267e800d9eefe0500f9f4128341c5cfeee52436bb669a6ba622e77d5398`
MD5	`6dda8dc33c386c6894996f8d40479c76`
BLAKE2b-256	`aa8fe449d00ae7d04668febac0decf42d06ac947b9f109f0ec36e2373f9f51f3`

Hashes for django_firebase_scrypt-0.0.2-py3-none-any.whl

Hashes for django_firebase_scrypt-0.0.2-py3-none-any.whl
Algorithm	Hash digest
SHA256	`e5460db77581ced70a3c2a87cbeb6bebad30813998d09e86ffe2f28f66f854e6`
MD5	`87547cc10edbf7188971d3bc8b61613b`
BLAKE2b-256	`33abf9f8a737435b45912109c58c467d6dacb5839864ff59c4d86c79678794ab`