Flask-Scrypt

Flask-Scrypt is a Flask extension used to generate scrypt password hashes and random salts. For those looking for extra security compared to SHA-1 and MD5 encryption. Flask-Scrypt depends on py-scrypt which should install automatically but can be installed manually using pip install scrypt

Installation

Install the extension with one of the following commands:

$ pip install flask-scrypt

or alternatively if you must:

$ easy_install install flask-scrypt

Usage

>>> from flask.ext.scrypt import generate_random_salt, generate_password_hash, check_password_hash
>>> salt = generate_random_salt() #: You can also provide the byte length to return: salt = generate_random_salt(32)
>>> password_hash = generate_password_hash('mypassword', salt)

Remember you sould store the generated salt and hash in your database with each user to use with check_password_hash().

>>> check_password_hash('mypassword', password_hash, salt) # if password matches password used to generate_password_hash function will return True.

API

Flask-Scrypt flask extension provides scrypt password hashing and random salt generation. Hashes and Salts are base64 encoded.

flask_scrypt.generate_password_hash(password, salt, N=16384, r=8, p=1, buflen=64)

Generate password hash givin the password string and salt.

Args:

• password: Password string.
• salt : Random base64 encoded string.

Optional args:

• N : the CPU cost, must be a power of 2 greater than 1, defaults to 1 << 14.
• r : the memory cost, defaults to 8.
• p : the parallelization parameter, defaults to 1.

The parameters r, p, and buflen must satisfy r * p < 2^30 and buflen <= (2^32 - 1) * 32.

The recommended parameters for interactive logins as of 2009 are N=16384, r=8, p=1. Remember to use a good random salt.

Returns:

• base64 encoded scrypt hash.

flask_scrypt.generate_random_salt(byte_size=64)

Generate random salt to use with generate_password_hash().

Optional Args:

• byte_size: The length of salt to return. default = 64.

Returns:

• str of base64 encoded random bytes.

flask_scrypt.check_password_hash(password, password_hash, salt, N=16384, r=8, p=1, buflen=64)

Given a password, hash, salt this function verifies the password is equal to hash/salt.

Args:

• password: The password to perform check on.

Returns:

• bool

flask_scrypt.enbase64(byte_str)

Encode bytes/strings to base64.

Args:

• byte_str: The string or bytes to base64 encode.

Returns:

• byte_str encoded as base64.

flask_scrypt.debase64(byte_str)

Decode base64 encoded bytes/strings.

Args:

• byte_str: The string or bytes to base64 encode.

Returns:

• decoded string as type str for python2 and type byte for python3.

Indices and tables

• Index
• Module Index
• Search Page