密码安全性

使用Werkzeug计算密码散列值

generate_password_hash(password, method=’pbkdf2:sha256’, salt_length=8)
check_password_hash(hash, password)

  1. from werkzeug.security import generate_password_hash, check_password_hash
  2. class User(db.Model):
  3.  # ...
  4.     password_hash = db.Column(db.String(128))
  6.     @property
  7.     def password(self):
  8.         raise AttributeError('password is not a readable attribute')
  10.     @password.setter
  11.     def password(self, password):
  12.         self.password_hash = generate_password_hash(password)
  14.     def verify_password(self, password):
  15.         return check_password_hash(self.password_hash, password)