OpenQuizz
Une application de gestion des contenus pédagogiques
|
Functions | |
def | pbkdf2_hex (data, salt, iterations=DEFAULT_PBKDF2_ITERATIONS, keylen=None, hashfunc=None) |
def | pbkdf2_bin (data, salt, iterations=DEFAULT_PBKDF2_ITERATIONS, keylen=None, hashfunc=None) |
def | safe_str_cmp (a, b) |
def | gen_salt (length) |
def | generate_password_hash (password, method="pbkdf2:sha256", salt_length=8) |
def | check_password_hash (pwhash, password) |
def | safe_join (directory, *pathnames) |
Variables | |
SALT_CHARS | |
DEFAULT_PBKDF2_ITERATIONS | |
def werkzeug.security.check_password_hash | ( | pwhash, | |
password | |||
) |
check a password against a given salted and hashed password value. In order to support unsalted legacy passwords this method supports plain text passwords, md5 and sha1 hashes (both salted and unsalted). Returns `True` if the password matched, `False` otherwise. :param pwhash: a hashed string like returned by :func:`generate_password_hash`. :param password: the plaintext password to compare against the hash.
def werkzeug.security.gen_salt | ( | length | ) |
Generate a random string of SALT_CHARS with specified ``length``.
def werkzeug.security.generate_password_hash | ( | password, | |
method = "pbkdf2:sha256" , |
|||
salt_length = 8 |
|||
) |
Hash a password with the given method and salt with a string of the given length. The format of the string returned includes the method that was used so that :func:`check_password_hash` can check the hash. The format for the hashed string looks like this:: method$salt$hash This method can **not** generate unsalted passwords but it is possible to set param method='plain' in order to enforce plaintext passwords. If a salt is used, hmac is used internally to salt the password. If PBKDF2 is wanted it can be enabled by setting the method to ``pbkdf2:method:iterations`` where iterations is optional:: pbkdf2:sha256:80000$salt$hash pbkdf2:sha256$salt$hash :param password: the password to hash. :param method: the hash method to use (one that hashlib supports). Can optionally be in the format ``pbkdf2:<method>[:iterations]`` to enable PBKDF2. :param salt_length: the length of the salt in letters.
def werkzeug.security.pbkdf2_bin | ( | data, | |
salt, | |||
iterations = DEFAULT_PBKDF2_ITERATIONS , |
|||
keylen = None , |
|||
hashfunc = None |
|||
) |
Returns a binary digest for the PBKDF2 hash algorithm of `data` with the given `salt`. It iterates `iterations` times and produces a key of `keylen` bytes. By default, SHA-256 is used as hash function; a different hashlib `hashfunc` can be provided. .. versionadded:: 0.9 :param data: the data to derive. :param salt: the salt for the derivation. :param iterations: the number of iterations. :param keylen: the length of the resulting key. If not provided the digest size will be used. :param hashfunc: the hash function to use. This can either be the string name of a known hash function or a function from the hashlib module. Defaults to sha256.
def werkzeug.security.pbkdf2_hex | ( | data, | |
salt, | |||
iterations = DEFAULT_PBKDF2_ITERATIONS , |
|||
keylen = None , |
|||
hashfunc = None |
|||
) |
Like :func:`pbkdf2_bin`, but returns a hex-encoded string. .. versionadded:: 0.9 :param data: the data to derive. :param salt: the salt for the derivation. :param iterations: the number of iterations. :param keylen: the length of the resulting key. If not provided, the digest size will be used. :param hashfunc: the hash function to use. This can either be the string name of a known hash function, or a function from the hashlib module. Defaults to sha256.
def werkzeug.security.safe_join | ( | directory, | |
* | pathnames | ||
) |
Safely join zero or more untrusted path components to a base directory to avoid escaping the base directory. :param directory: The trusted base directory. :param pathnames: The untrusted path components relative to the base directory. :return: A safe path, otherwise ``None``.
def werkzeug.security.safe_str_cmp | ( | a, | |
b | |||
) |
This function compares strings in somewhat constant time. This requires that the length of at least one string is known in advance. Returns `True` if the two strings are equal, or `False` if they are not. .. versionadded:: 0.7
DEFAULT_PBKDF2_ITERATIONS |
SALT_CHARS |