Django自带加密模块

Manually managing a user’s password

The  django.contrib.auth.hashers module provides a set of functions to create and validate hashed password. You can use them independently from the  User model.

check_password( password,  encoded)

If you’d like to manually authenticate a user by comparing a plain-text password to the hashed password in the database, use the convenience function  check_password(). It takes two arguments: the plain-text password to check, and the full value of a user’s  password field in the database to check against, and returns  True if they match,  False otherwise.

Changed in Django 1.6:

In Django 1.4 and 1.5, a blank string was unintentionally considered to be an unusable password, resulting in this method returning False for such a password.

make_password( password[,  salt,  hashers])

Creates a hashed password in the format used by this application. It takes one mandatory argument: the password in plain-text. Optionally, you can provide a salt and a hashing algorithm to use, if you don’t want to use the defaults (first entry of  PASSWORD_HASHERS setting). Currently supported algorithms are:  'pbkdf2_sha256',  'pbkdf2_sha1',  'bcrypt_sha256'(see Using bcrypt with Django),  'bcrypt',  'sha1',  'md5',  'unsalted_md5' (only for backward compatibility) and  'crypt' if you have the  crypt library installed. If the password argument is  None, an unusable password is returned (a one that will be never accepted by  check_password()).

 

 

1 >>> from django.contrib.auth.hashers import make_password, check_password
2 生成密码：
3  
4 >>> make_password("www.111cn.net", None, 'pbkdf2_sha256')
5 u'pbkdf2_sha256$12000$H6HRZD4DDiKg$RXBGBTiFWADyw+J9O7114vxKvysBVP+lz7oSYxkoic0='

1 >>> make_password("www.111cn.net", None, 'pbkdf2_sha256')
2 u'pbkdf2_sha256$12000$H6HRZD4DDiKg$RXBGBTiFWADyw+J9O7114vxKvysBVP+lz7oSYxkoic0='
3  
4 >>> make_password("www.111cn.net", None, 'pbkdf2_sha256')
5 u'pbkdf2_sha256$12000$9l09rJd9MbQj$0tJVXBZFN6WwD/qI3WELdrRWOU7Inb7im3uB/np2PPg='
6  
7 >>> make_password("www.111cn.net", None, 'pbkdf2_sha256') == make_password("www.111cn.net", None,
8 'pbkdf2_sha256')
9 False

1 >>> text = "www.111cn.net"
2 >>> passwd = make_password(text, None, 'pbkdf2_sha256')
3 >>> print passwd 
4 pbkdf2_sha256$12000$xzMLhCNvQbb8$i1XDnJIpb/cRRGRX2x7Ym74RNfPRCUp5pbU6Sn+V3J0=
5 >>> print check_password(text, passwd)
6 True

1 >>> make_password(text, "a", 'pbkdf2_sha256')
2 u'pbkdf2_sha256$12000$a$5HkIPczRZGSTKUBa5uzZmRuAWdp2Qe6Oemhdasvzv4Q='
3 >>> make_password(text, "a", 'pbkdf2_sha256')
4 u'pbkdf2_sha256$12000$a$5HkIPczRZGSTKUBa5uzZmRuAWdp2Qe6Oemhdasvzv4Q='

1 >>> make_password(text, "", 'pbkdf2_sha256')
2 u'pbkdf2_sha256$12000$KBcG81bWMAvd$aJNgfTOGFhOGogLSTE2goEM3ifKZZ1hydsuFEqnzHXU='
3  
4 >>> make_password(text, "", 'pbkdf2_sha256')
5 u'pbkdf2_sha256$12000$fNv3YU4kgyLR$1FI8mxArDHt6Hj/eR72YCylGTAkW7YMWTj+wV4VHygY='

1 make_password(text, None, 'pbkdf2_sha256')

make_password第三个参数是表示生成密文的一种方式，根据文档给出的大概有这几种：

1  pbkdf2_sha256
2     pbkdf2_sha1
3     bcrypt_sha256
4     bcrypt
5     sha1
6     unsalted_md5
7     crypt

 https://docs.djangoproject.com/en/1.6/topics/auth/passwords/

转载于:https://www.cnblogs.com/linkong1081/articles/3948813.html