sumit
Reputation: 15464
What is the logic behind django password encryption
I need to make mobile app using sencha as client and django as server
I am sending request as follows to server
url: 'http://localhost:8000/api/user/?format=jsonp',
method: 'GET',
headers : {'Authorization' : CryptoJS.HmacSHA256("password", "1154590211545902"),'Content-Type':'application/json;charset=utf-8'
}
I need to query request.META.get('HTTP_AUTHORIZATION') with the password in the database.
request.META.get('HTTP_AUTHORIZATION') return encrypted value for the password like ea121221rtrtrt7878237878787 which is irreversible
Any ideas? Thank you
Upvotes: 1
Views: 2558
Answers (2)
Siva Arunachalam
Reputation: 7740
- Django authentication module doesn't store the password in the database as a plain text.
- rather it apply hashing algorithms like 'SHA1' on the password and stores it (as a hash value).
- From the hash value you can't get the password as plain text.
- You can apply the same hashing algorithm on the given password and check against the stored password.
Upvotes: 2
Daniel Roseman
Reputation: 599600
Assuming you're using the built-in authentication framework, this is fully documented: Manually checking a user's password.
Upvotes: 1
Related Questions
- How to decrypt django pbkdf2_sha256 algorthim password?
- How to decrypt django hashed sha256 password?
- Reversing django.contrib.auth.models.User password, sha1 to readable string
- Crypting/decrypting user passwords used for basic auth in Django
- Django : crypt password with SHA1
- Django authentication and cryptography - How does it works?
- What's the Django User password's encryption method?
- How to encrypt to Django default pbkdf2_sha256 encryption?
- Passwords being stored as sha1 and pbkdf2_sha256
- how to decompile user password in django