#hashing passwords in python

Yoo nice

ok

So did u try that

just talk here

can u explain

Here try this

#🎤｜chit-chat message

ok

It worked for my env issue

I had dotenv imported and in requirements but it said that it could not find "dotenv" so I just removed the import line, and removed it from requirements.txt and it worked

Hmmm

Ok

Import the module

But don't put it in requirements.txt

btw should I use flask-bcrypt, python-bcrypt, or bcrypt 😭

Oh wait wait, this is not a railway issue? Are you just having general trouble with Ur code?

the requirements.txt is only for railway btw

general trouble 💀

i thought I said it

Bro idek I have never made a flask app in my life

so normal

Oh lol

ok

Yeah try importing it again or, maybe that doesn't exist anymore, so double check the module documentation and see

i dont know what the error means

if only I knew

I think it means that encode_base64 is not found inside Ur module

Try

but idk wheer I used that yk

here ill supply some code

Importing base64 and just doing base64.encode

the hashing of the password works yk but its the checking wheer I have the issue

Ah shit I GTG
Send the code

        username = request.values.get("username").lower()
        password = request.values.get("password")

        ip_address = request.headers.get("X-Forwarded-For")
    
        info = users.find_one({"_id": username})
        if not info:
            return jsonify({"message": "User does not exist"}), 403
        
        check = bcrypt.checkpw(password, info['password'])
        if not check:
            return jsonify({"message": "Invalid password"}), 403```

in the register

"password": bcrypt.hashpw(password, salt),```

If y'all are still having issues, I'm happy to help. Gonna need an explanation of the problem though, not gonna read all your conversations in the 3 different channels lol

No problem, yeah some help would be nice since im at a dead end :(. So basically I have a website with accounts and on register it gets password from the form in html and encodes it and then saves that to a mongodb document in a collection. when you login its supposed to check if the password you entered matches the hashed password thats stored in the database

thats really it

but im having issues with checking it I believe

there ya go ^!

Gotcha, but when are you saving the user's password?

I'd really have to see your entire repo to fully debug. I'm not sure what users or info looks like. Before throwing your code into production, test it separately first. You know that your request.values.get functions should work, so deal with a dummy bcrypt script locally before putting it in your repo

so when a user fills out /register a ajax request gets sent to the backend with the email username and password. using that it creates a document in the collection of users with all the info, the username, email, time created, last updated, avatar, background, etc. (they are all set to blanks other than the things from the request) the passwords is also there and the goal is for that to get hashed. then the user is redirected to /login and it’s the same thing except all it does is check if the username and password match you know. the password is compared to the hashed password of the found username using checkpw and that’s where i’m having issues. i’m not on my pc for the rest of tonight but i can send you the repo tomorrow if you’d like.

sorry i kinda explained the entire thing for more detail