无法使用 passlib 验证密码
Can't verify password using passlib
所以我又回到了旧项目上,但我找不到问题所在。
这是第一次创建密码的部分,这是来自主脚本:
def first():
if os.path.isfile("secret.txt"):
folder()
else:
os.system("echo > secret.txt")
password = getpass.getpass("Set your password please --> ")
while len(password) < 4:
print("Password must have more then 4 characters!")
else:
password1 = getpass.getpass("repeat your password please --> ")
while password1 != password:
print("Password don't match")
password1 = getpass.getpass("repeat your password please --> ")
if password1 == password:
a = open('secret.txt', 'w').close()
f = open('secret.txt', 'w')
hashed_password = pbkdf2_sha256.hash(password)
f.write(hashed_password)
os.system("attrib +h secret.txt")
folder()
这是登录脚本,从这里检查密码:
def log_in():
f = open("secret.txt", "r")
Password = f.read()
x = 0
while x < 5:
getPass = getpass.getpass("Password:")
if not pbkdf2_sha256.verify("getPass", Password):
print("Password is invalid")
x = x + 1
else:
f.close()
os.system('cls')
print("Welcome back sir\n")
x = 10
time.sleep(2)
if x == 5:
print("acces denied")
time.sleep(5)
os.system("nothing.bat")
所以问题是当我尝试验证密码时它说它不正确但密码是相同的。在文档中说:
Note that since each call generates a new salt, the contents of the resulting hash will differ between calls (despite using the same password as input):
如果这是 .verify() 的问题,我该怎么办?
我不确定这些信息是否足够,如果不够我会 post 整个源代码
我可能遗漏了一些愚蠢的东西,但我似乎找不到它..
我认为问题是:
if not pbkdf2_sha256.verify("getPass", Password):
改为:
if not pbkdf2_sha256.verify(getPass, Password):
您调用的字符串 "getPass" 不是用户输入的密码。
所以我又回到了旧项目上,但我找不到问题所在。 这是第一次创建密码的部分,这是来自主脚本:
def first():
if os.path.isfile("secret.txt"):
folder()
else:
os.system("echo > secret.txt")
password = getpass.getpass("Set your password please --> ")
while len(password) < 4:
print("Password must have more then 4 characters!")
else:
password1 = getpass.getpass("repeat your password please --> ")
while password1 != password:
print("Password don't match")
password1 = getpass.getpass("repeat your password please --> ")
if password1 == password:
a = open('secret.txt', 'w').close()
f = open('secret.txt', 'w')
hashed_password = pbkdf2_sha256.hash(password)
f.write(hashed_password)
os.system("attrib +h secret.txt")
folder()
这是登录脚本,从这里检查密码:
def log_in():
f = open("secret.txt", "r")
Password = f.read()
x = 0
while x < 5:
getPass = getpass.getpass("Password:")
if not pbkdf2_sha256.verify("getPass", Password):
print("Password is invalid")
x = x + 1
else:
f.close()
os.system('cls')
print("Welcome back sir\n")
x = 10
time.sleep(2)
if x == 5:
print("acces denied")
time.sleep(5)
os.system("nothing.bat")
所以问题是当我尝试验证密码时它说它不正确但密码是相同的。在文档中说:
Note that since each call generates a new salt, the contents of the resulting hash will differ between calls (despite using the same password as input):
如果这是 .verify() 的问题,我该怎么办?
我不确定这些信息是否足够,如果不够我会 post 整个源代码
我可能遗漏了一些愚蠢的东西,但我似乎找不到它..
我认为问题是:
if not pbkdf2_sha256.verify("getPass", Password):
改为:
if not pbkdf2_sha256.verify(getPass, Password):
您调用的字符串 "getPass" 不是用户输入的密码。