这个旧密码是md5格式。
如何将db中的md5值与用户输入的旧密码进行比较
import md5 oldpasswd_byuser = str(tom) oldpasswd_db =sha1 $ c60da $ 1835a9c3ccb1cc436ccaa577679b5d0321234c6f opw = md5.new(oldpasswd_byuser)#opw = md5.new(oldpasswd_byuser) .hexdigest() if(opw == oldpasswd_db):打印同一密码其他:打印密码无效解决方案
你放入的哈希是一个salted sha1 hexdigest,因为django(可能还有很多其他)存储它默认情况下
验证代码是否在 contrib / auth / models.py 。从那里你可以看到django默认使用md5。所有你需要做的是将旧的哈希值更新为以下格式:
md5 $< salt> $< hash> ;如果你的哈希没有盐渍但没有把盐留空( md5 $ $< hash> ),但是在下次用户执行有效登录时,将哈希更新为sha1。
I have this change password request form.In which the user enter their oldpasswords.
this oldpassword is the md5 format.
How to compare the md5 value from db to the oldpassword entered by user
import md5 oldpasswd_byuser=str("tom") oldpasswd_db="sha1$c60da$1835a9c3ccb1cc436ccaa577679b5d0321234c6f" opw= md5.new(oldpasswd_byuser) #opw= md5.new(oldpasswd_byuser).hexdigest() if(opw == oldpasswd_db): print "same password" else: print "Invalid password"解决方案
the hash you put in there is a salted sha1 hexdigest as django (and probably many others) stores it by default.
the code to verify it is in contrib/auth/models.py. From there you can see that django works with md5 by default. All you have to do is to update the old hashes to the following form:
md5$<salt>$<hash>if your hashes aren't salted yet leave the salt empty (md5$$<hash>), but update the hash to sha1 the next time the user performs a valid login.
更多推荐
Python md5密码值
发布评论