django.contrib.auth.hashers.BCryptSHA256PasswordHasher

class documentation

class BCryptSHA256PasswordHasher(BasePasswordHasher): (source)

Known subclasses: django.contrib.auth.hashers.BCryptPasswordHasher

Secure password hashing using the bcrypt algorithm (recommended) This is considered by many to be the most secure algorithm but you must first install the bcrypt library. Please be warned that this library depends on native C code and might cause portability issues.

Method	`decode`	Return a decoded database value.
Method	`encode`	Create an encoded database value.
Method	`harden_runtime`	Bridge the runtime gap between the work factor supplied in `encoded` and the work factor suggested by this hasher.
Method	`must_update`	Undocumented
Method	`safe_summary`	Return a summary of safe values.
Method	`salt`	Generate a cryptographically secure nonce salt in ASCII with an entropy of at least `salt_entropy` bits.
Method	`verify`	Check if the given password is correct.
Class Variable	`algorithm`	Undocumented
Class Variable	`library`	Undocumented
Class Variable	`rounds`	Undocumented

Inherited from BasePasswordHasher:

Class Variable	`salt_entropy`	Undocumented
Method	`_check_encode_args`	Undocumented
Method	`_load_library`	Undocumented

def decode(self, encoded): (source) ¶

overrides django.contrib.auth.hashers.BasePasswordHasher.decode

Return a decoded database value. The result is a dictionary and should contain `algorithm`, `hash`, and `salt`. Extra keys can be algorithm specific like `iterations` or `work_factor`.

def encode(self, password, salt): (source) ¶

overrides django.contrib.auth.hashers.BasePasswordHasher.encode

Create an encoded database value. The result is normally formatted as "algorithm$salt$hash" and must be fewer than 128 characters.

def harden_runtime(self, password, encoded): (source) ¶

overrides django.contrib.auth.hashers.BasePasswordHasher.harden_runtime

Bridge the runtime gap between the work factor supplied in `encoded` and the work factor suggested by this hasher. Taking PBKDF2 as an example, if `encoded` contains 20000 iterations and `self.iterations` is 30000, this method should run password through another 10000 iterations of PBKDF2. Similar approaches should exist for any hasher that has a work factor. If not, this method should be defined as a no-op to silence the warning.

def must_update(self, encoded): (source) ¶

overrides django.contrib.auth.hashers.BasePasswordHasher.must_update

Undocumented

def safe_summary(self, encoded): (source) ¶

overrides django.contrib.auth.hashers.BasePasswordHasher.safe_summary

Return a summary of safe values. The result is a dictionary and will be used where the password field must be displayed to construct a safe representation of the password.

def salt(self): (source) ¶

overrides django.contrib.auth.hashers.BasePasswordHasher.salt

Generate a cryptographically secure nonce salt in ASCII with an entropy of at least `salt_entropy` bits.

def verify(self, password, encoded): (source) ¶

overrides django.contrib.auth.hashers.BasePasswordHasher.verify

Check if the given password is correct.

algorithm: str = (source) ¶

overrides django.contrib.auth.hashers.BasePasswordHasher.algorithm

overridden in django.contrib.auth.hashers.BCryptPasswordHasher

Undocumented

library: tuple[str, ...] = (source) ¶

overrides django.contrib.auth.hashers.BasePasswordHasher.library

Undocumented

rounds: int = (source) ¶

Undocumented