Hey all!
I’m working on an app that connects to my Meteor app using Python. It connects to MongoDB and I would like to do password Auth using this app. How would I go about checking Meteor passwords in Python?
Hey all!
I’m working on an app that connects to my Meteor app using Python. It connects to MongoDB and I would like to do password Auth using this app. How would I go about checking Meteor passwords in Python?
If there’s no package available for Python and you’re prepared to do it yourself, here is the code you need to translate to Python
Actually a lot of it is not related to passwords, so it might not be too much work. You just need to find an equivalent of bcrypt for Python.
I tried this:
hashed = hashlib.sha256(password_string).hexdigest()
encrypted = bcrypt.hashpw(hashed, bcrypt.gensalt(10))
But the encrypted string produced is different from the one Meteor generates. Any idea where I might be going wrong?
Anyone got any ideas how to get this to work?
This might be useful if you are using Django. In Meteor, a password will not contain the algorithm used “bcrypt_sha256$”. Just prepend the algorithm with the hash created in the Meteor app to validate in the Python Django framework.
from django.contrib.auth.hashers import BCryptSHA256PasswordHasher
hasher = BCryptSHA256PasswordHasher()
#encoded = hasher.encode(password="12345", salt=hasher.salt())
meteor_generated_hash = "$2a$10$aahDgK1G0kxmfZdjgU9G5.yG9W9guYSsxp/opdjCTFVhRUnxXs4BG"
print(hasher.verify("12345", "bcrypt_sha256$" + meteor_generated_hash))