Hashing passwords via FastAPI
The FastAPI documentation already has a good article on this topic: Click here!
First thing we have to do is install
passlib
to usebcrypt
pip install passlib[bcrypt]
# If the above does not work use:
pip install passlib
pip install bcrypt
We will have to import the
CryptContext
and tellpasslib
what is the default hashing algorithm
from passlib.context import CryptContext
pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
We also have to update the operation path
@app.post("/users", status_code=status.HTTP_201_CREATED, response_model=schemas.UserOut)
def create_user(user: schemas.UserCreate, db: Session = Depends(get_db), ):
# Hash the Password - user.password
hashed_password = pwd_context.hash(user.password)
user.password = hashed_password
new_user = models.User(**user.dict())
db.add(new_user)
db.commit()
db.refresh(new_user)
return new_user
Before creating the user, we are getting the password hashed via
pwd_context.hash
After which we are replacing
user.password
in the schema with the hashed passwordAs this is updated it should store the hashed password in the database
A better approach would be to create an additional file where we would store useful code
We will call this file
utils.py
In this file we can import all the logic and define a function to hash our password
from passlib.context import CryptContext
pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
def hash(password: str):
return pwd_context.hash(password)
The thing that changes in our
main.py
file is the import and the variable passed in the operation path
from . import models, schemas, utils
@app.post("/users", status_code=status.HTTP_201_CREATED, response_model=schemas.UserOut)
def create_user(user: schemas.UserCreate, db: Session = Depends(get_db), ):
# Hash the Password - user.password
hashed_password = utils.hash(user.password) # Here
user.password = hashed_password
new_user = models.User(**user.dict())
db.add(new_user)
db.commit()
db.refresh(new_user)
return new_user
Last updated