密码保护Python [英] Password Protection Python

问题描述

我有一个小的python程序，将由一小群人（<15人）在本地使用。但是为了问责，我想在程序开始时使用一个简单的用户名+密码检查（notn' t需要超级安全）。对于您的信息，我只是一个初学者，这是我第一次尝试它。当我搜索周围，我发现python有passlib加密。但即使在看了之后，我仍然不知道如何实现我的加密。所以我想知道一些事情。

I have a small python program which will be used locally by a small group of people (<15 people).But for accountability, i want to have a simple username+password check at the start of the program ( doesn't need to be super secure).For your information, I am just a beginner and this is my first time trying it.When i search around, i found that python has passlib for encryption. But even after looking though it i am still not sure how to implement my encryption.So, there are a few things that i want to know.

1. 如何在本地存储用户的密码？我当时知道的唯一方法是创建一个文本文件并从中读取/写入，但这将破坏加密的全部目的，因为人们只需打开文本文件并从中读取。


2. hash&盐意味着加密，它是如何工作的？ （简单简单的解释将会做。）


3. 实施用户名和密码检查的推荐方法是什么？

我很抱歉这个愚蠢的问题。但是如果你能回答我的问题，我会非常感激。

I am sorry for the stupid questions. But i will greatly appreciate if you could answers my question.

推荐答案

import getpass
import pickle
import hashlib
from os import path

def Encryption(data):
    return hashlib.sha224(data).hexdigest()

## First we check if the database exists.
if path.isfile('database.db'):
    fh = open('database.db', 'rb')
    db = pickle.load(fh)
    fh.close()
## If it doesn't, we will create one.
else:
    ## First we create the desired variable.
    db = {'torxed' : Encryption('wham'), 'someoneelse' : Encryption('pass')}
    ## Then we open a filehandle to it.
    fh = open('database.db', 'wb')
    ## And then we dump the variable into the filehandle.
    ## This will keep the variable intact between sessions,
    ## meaning the next time you start your script, the variable will look the same.
    pickle.dump(db, fh)
    fh.close()


## Then we ask the user for his/hers credentials.
user = raw_input('Username: ')
_pass = getpass.getpass('Password: ')

## If the user exists in the "db" and the decoded password
## Matches the logged in user, it's a-ok :)
if user in db and db[user] == Encryption(_pass):
    print 'You logged in'

添加更多用户

Adding more users

import pickle, hashlib

def Encryption(data):
    return hashlib.sha224(data).hexdigest()

with open('database.db', 'rb') as fh:
    db = pickle.load(fh)

db['new_user'] = Encryption('password')

with open('database.db', 'wb') as fh:
    pickle.dump(db, fh)

另一种方法是使用 sys.argv 在添加用户时从命令行获取用户名和密码，在这种情况下：

Another way would be to use sys.argv to get the username and password from the commandline when addings users, in that case:

import pickle, hashlib, sys
if len(sys.argv) < 3:
    raise ValueError('Need two parameters, username and password')

def Encryption(data):
    return hashlib.sha224(data).hexdigest()

with open('database.db', 'rb') as fh:
    db = pickle.load(fh)

db[sys.argv[1]] = Encryption(sys.argv[2])

with open('database.db', 'wb') as fh:
    pickle.dump(db, fh)

这篇关于密码保护Python的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！