You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
4,6c4,6<< A Flask extension providing bcrypt hasing and comparison facilities.<--->> A Flask extension providing bcrypt hashing and comparison facilities.>28a29,30> import hashlib>40,41c42,44< To this this function, simple import it from the module and use it in a < similar fashion as the method would be used. Here is a quick example::---> To use this function, simply import it from the module and use it in a > similar fashion as the original method would be used. Here is a quick> example::43c46< from flask.ext.bcrypt import generate_password_hash---> from flask_bcrypt import generate_password_hash57,61c60,65<< To this this function, simple import it from the module and use it in a < similar fashion as the method would be used. Here is a quick example::<< from flask.ext.bcrypt import check_password_hash--->> To use this function, simply import it from the module and use it in a > similar fashion as the original method would be used. Here is a quick> example::>> from flask_bcrypt import check_password_hash63c67<--->119c123,138<--->> You may also set the hash version using the `BCRYPT_HASH_PREFIX` field in> the configuration of the Flask app. If not set, this will default to `2b`.> (See bcrypt for more details)>> By default, the bcrypt algorithm has a maximum password length of 72 bytes> and ignores any bytes beyond that. A common workaround is to hash the> given password using a cryptographic hash (such as `sha256`), take its> hexdigest to prevent NULL byte problems, and hash the result with bcrypt.> If the `BCRYPT_HANDLE_LONG_PASSWORDS` configuration value is set to `True`,> the workaround described above will be enabled.> **Warning: do not enable this option on a project that is already using> Flask-Bcrypt, or you will break password checking.**> **Warning: if this option is enabled on an existing project, disabling it> will break password checking.**>123a143,144> _prefix = '2b'> _handle_long_passwords = False135,139c156,181<< def generate_password_hash(self, password, rounds=None):< '''Generates a password hash using bcrypt. Specifying `rounds` < sets the log_rounds parameter of `bcrypt.gensalt()` which determines < the complexity of the salt. 12 is the default value.---> self._prefix = app.config.get('BCRYPT_HASH_PREFIX', '2b')> self._handle_long_passwords = app.config.get(> 'BCRYPT_HANDLE_LONG_PASSWORDS', False)>> def _unicode_to_bytes(self, unicode_string):> '''Converts a unicode string to a bytes object.>> :param unicode_string: The unicode string to convert.'''> if PY3:> if isinstance(unicode_string, str):> bytes_object = bytes(unicode_string, 'utf-8')> else:> bytes_object = unicode_string> else:> if isinstance(unicode_string, unicode):> bytes_object = unicode_string.encode('utf-8')> else:> bytes_object = unicode_string> return bytes_object>> def generate_password_hash(self, password, rounds=None, prefix=None):> '''Generates a password hash using bcrypt. Specifying `rounds`> sets the log_rounds parameter of `bcrypt.gensalt()` which determines> the complexity of the salt. 12 is the default value. Specifying `prefix`> sets the `prefix` parameter of `bcrypt.gensalt()` which determines the > version of the algorithm used to create the hash.147a190> :param prefix: The algorithm version to use.154a198,199> if prefix is None:> prefix = self._prefix157,158c202,203< if PY3 and isinstance(password, str):< password = bytes(password, 'utf-8')---> password = self._unicode_to_bytes(password)> prefix = self._unicode_to_bytes(prefix)160,161c205,207< if not PY3 and isinstance(password, unicode):< password = password.encode('utf-8')---> if self._handle_long_passwords:> password = hashlib.sha256(password).hexdigest()> password = self._unicode_to_bytes(password)163c209,210< return bcrypt.hashpw(password, bcrypt.gensalt(rounds))---> salt = bcrypt.gensalt(rounds=rounds, prefix=prefix)> return bcrypt.hashpw(password, salt)181,182c228,229< if PY3 and isinstance(pw_hash, str):< pw_hash = bytes(pw_hash, 'utf-8')---> pw_hash = self._unicode_to_bytes(pw_hash)> password = self._unicode_to_bytes(password)184,185c231,233< if PY3 and isinstance(password, str):< password = bytes(password, 'utf-8')---> if self._handle_long_passwords:> password = hashlib.sha256(password).hexdigest()> password = self._unicode_to_bytes(password)187,192d234< if not PY3 and isinstance(pw_hash, unicode):< pw_hash = pw_hash.encode('utf-8')<< if not PY3 and isinstance(password, unicode):< password = password.encode('utf-8')<194d235<
pypi was updated a long time ago and lacks such features as long_passwords and etc
bcrypt==3.2.0
Flask-Bcrypt==0.7.1
The text was updated successfully, but these errors were encountered:
I noticed that
Flask-Bcrypt==0.7.1
installed from pypi is not the same found in this repo (no matter it's 0.7.1 too https://github.com/maxcountryman/flask-bcrypt/blob/13df85ab1b4d7602a967c7ec1c6707c8cda459c6/flask_bcrypt.py)here's comparison pypi vs repo (repo is newer)
pypi was updated a long time ago and lacks such features as
long_passwords
and etcThe text was updated successfully, but these errors were encountered: