How to use the werkzeug.security.generate_password_hash function in Werkzeug

To help you get started, we’ve selected a few Werkzeug examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github Sketchy502 / SDV-Summary / sdv / createadmin.py View on Github external
def init_admin():
    a = raw_input('Generate database? (y/n): ')
    if a == 'y':
        generate_admin()
        print('done')
    b = raw_input('Add user? (y/n): ')
    if b == 'y':
        connection = connect_db()
        c = connection.cursor()
        user = raw_input('Username: ')
        password = raw_input('Password: ')
        d = raw_input('Username: "'+str(user)+'", password: "'+str(password)+'", correct? (y/n): ')
        if d == 'y':
            c.execute("INSERT INTO admin (username, password) VALUES ("+sqlesc+","+sqlesc+")",(user, generate_password_hash(password)))
            connection.commit()
github DataFrogman / CSEC380-Final-Project / Activity4 / webserver / app.py View on Github external
default_limits=["24000 per day", "1000 per hour", "100 per minute"])
secretKey = os.urandom(24)
app.secret_key = secretKey

app.config['CORS_HEADERS'] = 'Content-Type'

cors = CORS(app)

testuser1 = 'admin'
testuser1hashedpass = generate_password_hash('admin')
cursor, conn = connection()
cursor.execute("INSERT INTO users(Username, Password, TotalVids, DateCreated) VALUES \
            ('{}', '{}', 0, '{}')".format(testuser1, testuser1hashedpass, datetime.datetime.now().strftime('%Y-%m-%d')))

testuser2 = 'test'
testuser2hashedpass = generate_password_hash('test')
#cursor, conn = connection()
cursor.execute("INSERT INTO users(Username, Password, TotalVids, DateCreated) VALUES \
            ('{}', '{}', 0, '{}')".format(testuser2, testuser2hashedpass, datetime.datetime.now().strftime('%Y-%m-%d')))

cursor.close()
conn.commit()
conn.close()


@app.route("/")
def home():
    return render_template('login.html')

@app.route("/homepage", methods=['GET','POST'])
def mainpage():
    cursor, conn = connection()
github johnnykv / heralding / beeswarm / server / webapp / auth.py View on Github external
def add_user(self, username, password, user_type, nickname=''):
        session = database_setup.get_session()
        userid = username
        pw_hash = generate_password_hash(password)
        u = User(id=userid, nickname=nickname, password=pw_hash, utype=user_type)
        session.add(u)
        session.commit()
github du2x / pystro / application / models / user.py View on Github external
def set_password(self, password):
        self.password_hash = generate_password_hash(password)
github chadlung / pywebhooks / pywebhooks / api / handlers / resources_handler.py View on Github external
try:
        # Note: The validate_username_in_header decorator will verify the
        # username and record. The api_key_restricted_resource will validate
        # the username as well as a valid API key
        record = Interactions.query(DEFAULT_ACCOUNTS_TABLE,
                                    filters={"username": username})
        endpoint = record[0]['endpoint']

        if not endpoint:
            return make_response(
                jsonify({'Error': 'Endpoint not found'}),
                client.NOT_FOUND
            )

        new_key = common.generate_key()
        salted_new_key = generate_password_hash(new_key)

        if not client_reset_key(endpoint, key_type, new_key):
            return make_response(
                jsonify({'Error': 'Failed to contact the endpoint or wrong '
                                  'HTTP status code returned'}),
                client.BAD_REQUEST
            )

        if key_type == 'api_key':
            update = {key_type: salted_new_key}
        else:
            update = {key_type: new_key}

        Interactions.update(DEFAULT_ACCOUNTS_TABLE,
                            filters={"username": username},
                            updates=update)
github miguelgrinberg / flack / flack / models.py View on Github external
def password(self, password):
        self.password_hash = generate_password_hash(password)
        self.token = None  # if user is changing passwords, also revoke token
github miguelgrinberg / Flask-HTTPAuth / examples / basic_auth.py View on Github external
authentication, using secure hashed passwords.

After running this example, visit http://localhost:5000 in your browser. To
gain access, you can use (username=john, password=hello) or
(username=susan, password=bye).
"""
from flask import Flask
from flask_httpauth import HTTPBasicAuth
from werkzeug.security import generate_password_hash, check_password_hash

app = Flask(__name__)
auth = HTTPBasicAuth()

users = {
    "john": generate_password_hash("hello"),
    "susan": generate_password_hash("bye")
}


@auth.verify_password
def verify_password(username, password):
    if username in users:
        return check_password_hash(users.get(username), password)
    return False


@app.route('/')
@auth.login_required
def index():
    return "Hello, %s!" % auth.username()

github skyduy / RESTfulAPI / RESTfulApi / models / init.py View on Github external
def create_password(raw):
    pwd = '{old}{new}'.format(old=raw, new='secret_for_ensure_password_security')
    return security.generate_password_hash(pwd)
github happyte / flask-blog / app / models.py View on Github external
    @password.setter      # 设置password属性的值时,赋值函数会调用generate_password_hash函数
    def password(self, password):
        self.password_hash = generate_password_hash(password)
github miguelgrinberg / Flask-HTTPAuth / examples / multi_auth.py View on Github external
from werkzeug.security import generate_password_hash, check_password_hash
from itsdangerous import TimedJSONWebSignatureSerializer as JWS


app = Flask(__name__)
app.config['SECRET_KEY'] = 'top secret!'
jws = JWS(app.config['SECRET_KEY'], expires_in=3600)

basic_auth = HTTPBasicAuth()
token_auth = HTTPTokenAuth('Bearer')
multi_auth = MultiAuth(basic_auth, token_auth)


users = {
    "john": generate_password_hash("hello"),
    "susan": generate_password_hash("bye")
}

for user in users.keys():
    token = jws.dumps({'username': user})
    print('*** token for {}: {}\n'.format(user, token))


@basic_auth.verify_password
def verify_password(username, password):
    g.user = None
    if username in users:
        if check_password_hash(users.get(username), password):
            g.user = username
            return True
    return False