I'm developing a fairly simple Python web app and I want to allow users to log in. I know the solution will probably involve installing some sort of framework rather than doing it in straight Python and I'm OK with that, I'm just wondering, what would be the easiest, most hassle-free way to add authentification? The app is already written in straight Python so any extra code I use will only be used to for this purpose.
+2
A:
Store the user's login, the salted hash of their password, and the salt in a database. (If you're going for cryptographic overkill, you can use a very expensive-to-compute hashing algorithm like bcrypt
.)
You can use SQLite as that's bundled with Python, but it would probably make more sense to install a database separately and use that.
Beau Martínez
2010-09-12 17:12:20
Thanks! I think I will use SHA256.
2010-09-12 19:07:52