Reputation: 11355
How to manually match username & password for users created with Flask-User
I'm implementing an api to an existing flask app, the login was created with Flask-User, however now I need to manually look up a user and match the password to authenticate.
The issue is I have no idea how to recreate the password hash to compare with the password Flask-User stored in the database.
Mostly because the Flask-User source at https://github.com/lingthio/Flask-User/blob/master/flask_user/passwords.py mentions a salt however from the database columns I have :
sqlite> pragma table_info(user);
0|id|INTEGER|1||1
1|username|VARCHAR(50)|1||0
2|password|VARCHAR(255)|1|''|0
3|reset_password_token|VARCHAR(100)|1|''|0
4|email|VARCHAR(255)|1||0
5|confirmed_at|DATETIME|0||0
6|is_active|BOOLEAN|1|'0'|0
7|first_name|VARCHAR(100)|1|''|0
8|last_name|VARCHAR(100)|1|''|0
There is no salt. So the question is how do I generate from a plaintext password a hash that I can compare to the hashes that Flask-User created. Here's an inconsequential sample hash;
$2a$12$84F1dCPN1bVYEzPswDvgZu5ma1Xk5lNepvX/X9kKFYj8Q6Dy6j95q
Upvotes: 0
Views: 602
Answers (1)
Reputation: 708
Maybe try the user_manager.hash_password function. https://pythonhosted.org/Flask-User/api.html
Upvotes: 1
Related Questions
- Flask bcrypt.check_password_hash() always returns False, can't narrow in on my mistake
- Generating and verifying password hashes with flask-bcrypt
- Using PassLib to Verify Hash from Flask User Passwords
- Check password hash created by Django in Flask
- Verifying username and password input through flask python
- using bcrypt password hashing for user authentication
- Flask Bcrypt password hash doesn’t match, How to solve it?
- Flask Admin - Automatically create password hash when creating a new user?
- flask_bcrypt password mismatch error in custom login
- "TypeError: hashpw() argument 1 must be str, not bytes" when trying to register a user with flask-security