This module provides security related helpers such as secure password hashing tools and a random string generator.
Generates a random string using the given sequence pool.
To generate stronger passwords, use ASCII_PRINTABLE as pool.
Entropy is:
H = log2(N**L)
where:
Entropy chart:
-----------------------------------------------------------------
Symbol set Symbol Count (N) Entropy per symbol (H)
-----------------------------------------------------------------
HEXADECIMAL_DIGITS 16 4.0000 bits
DIGITS 10 3.3219 bits
LOWERCASE_ALPHA 26 4.7004 bits
UPPERCASE_ALPHA 26 4.7004 bits
PUNCTUATION 32 5.0000 bits
LOWERCASE_ALPHANUMERIC 36 5.1699 bits
UPPERCASE_ALPHANUMERIC 36 5.1699 bits
ALPHA 52 5.7004 bits
ALPHANUMERIC 62 5.9542 bits
ASCII_PRINTABLE 94 6.5546 bits
ALL_PRINTABLE 100 6.6438 bits
Parameters: |
|
---|---|
Returns: | A string with characters randomly chosen from the pool. |
Hashes a password.
The format of the string returned includes the method that was used so that check_password_hash() can check the hash.
This method can not generate unsalted passwords but it is possible to set the method to plain to enforce plaintext passwords. If a salt is used, hmac is used internally to salt the password.
Parameters: |
|
---|---|
Returns: | A formatted hashed string that looks like this: method$salt$hash
|
This function was ported and adapted from Werkzeug.
Checks a password against a given salted and hashed password value.
In order to support unsalted legacy passwords this method supports plain text passwords, md5 and sha1 hashes (both salted and unsalted).
Parameters: |
|
---|---|
Returns: | True if the password matched, False otherwise. |
This function was ported and adapted from Werkzeug.
Hashes a password.
Supports plaintext without salt, unsalted and salted passwords. In case salted passwords are used hmac is used.
Parameters: |
|
---|---|
Returns: | A hashed password. |
This function was ported and adapted from Werkzeug.