ValueError: malformed sha256_crypt hash (checksum must be exactly 43 chars)

Question

I've a question about this error. I'm relatively new to this with flask, databases and sha256_crypt so I hope someone can easily help me with this.

I've made a login page and when I try to login with a right username, I alway get this error in my browser, when the password is right and when it's wrong.

error:

"builtins.ValueError ValueError: malformed sha256_crypt hash (checksum must be exactly 43 chars)"

code where I think the problem should be:

@app.route('/login', methods=['GET','POST']) 
def login():
    if request.method == 'POST':
    #get form fields
    username = request.form['username']
    password_candidate = request.form['password']

    #create cursor 
    cur = mysql.connection.cursor()

    #get user by username
    result = cur.execute("SELECT * FROM users WHERE username = %s", [username])

    if result > 0:
        #get stored hash
        data = cur.fetchone()
        password = data['password']

        #compare passwords 
        if sha256_crypt.verify(password_candidate, password):
            app.logger.info('PASSWORD MATCHED')
        else:
            app.logger.info('PASSWORD DOES NOT MATCH')

    else:
        app.logger.info('NO SUCH USER FOUND')



return render_template('login.html')

I have already searched a lot but I cant seem to find how to fix it and make it possible to login with a username and password from the database.

Thank you in advance

Robbe

Answer 1

As far as i can see you are using the sha256_ crypt to encrypt your passwords. This will require at least a minimum of 100 characters in your database. It might be that your database can't hold all the characters you are sending it to it.