Meteor Auth in Python

Hey all!

I’m working on an app that connects to my Meteor app using Python. It connects to MongoDB and I would like to do password Auth using this app. How would I go about checking Meteor passwords in Python?

If there’s no package available for Python and you’re prepared to do it yourself, here is the code you need to translate to Python :slight_smile:

Actually a lot of it is not related to passwords, so it might not be too much work. You just need to find an equivalent of bcrypt for Python.

I tried this:

hashed = hashlib.sha256(password_string).hexdigest()
encrypted = bcrypt.hashpw(hashed, bcrypt.gensalt(10))

But the encrypted string produced is different from the one Meteor generates. Any idea where I might be going wrong?

Anyone got any ideas how to get this to work?

This might be useful if you are using Django. In Meteor, a password will not contain the algorithm used “bcrypt_sha256$”. Just prepend the algorithm with the hash created in the Meteor app to validate in the Python Django framework.

from django.contrib.auth.hashers import BCryptSHA256PasswordHasher

hasher = BCryptSHA256PasswordHasher()
#encoded = hasher.encode(password="12345", salt=hasher.salt())

meteor_generated_hash = "$2a$10$aahDgK1G0kxmfZdjgU9G5.yG9W9guYSsxp/opdjCTFVhRUnxXs4BG"

print(hasher.verify("12345", "bcrypt_sha256$" + meteor_generated_hash))