Comments (3)
VoxWRX
commented on August 11, 2024
The error msg:
File "/home/usr1/.local/lib/python3.9/site-packages/werkzeug/security.py", line 66, in _hash_internal
raise ValueError(f"Invalid hash method '{method}'.")
ValueError: Invalid hash method 'sha256'.
This is what i did to solve the issue:
new_user = User(email=email, first_name=first_name, password=generate_password_hash(password1, method='scrypt', salt_length=16))
from flask-web-app-tutorial.
mohabmohamed44
commented on August 11, 2024
Hi @VoxWRX I wish you are good
Solution for Invalid hash method 'sha256' in Flask-Login
The error "ValueError: Invalid hash method 'sha256'" indicates that the generate_password_hash function from Flask-Login doesn't support the sha256 method for password hashing.
Here's how to fix this:
1. Remove the method='sha256' argument:
The generate_password_hash function in Flask-Login uses a secure hashing algorithm by default, which is typically not sha256. Removing the method argument allows it to use the recommended method.
Here's the corrected line:
new_user = User(email=email, username=username, password=generate_password_hash(password1))
The error "ValueError: Invalid hash method 'sha256'" indicates that the `generate_password_hash` function from Flask-Login doesn't support the `sha256` method for password hashing.
Here's how to fix this:
**1. Remove the `method='sha256'` argument:**
The `generate_password_hash` function in Flask-Login uses a secure hashing algorithm by default, which is typically not `sha256`. Removing the `method` argument allows it to use the recommended method.
Here's the corrected line:
```python
new_user = User(email=email, username=username, password=generate_password_hash(password1))2. Update Flask-Login (if necessary):
In older versions of Flask-Login (prior to 0.5.0), sha256 might have been a supported option. If you're using a very old version, consider updating Flask-Login to benefit from the latest security improvements and potentially gain access to new features. You can update Flask-Login using pip:
pip install --upgrade Flask-LoginImportant Note:
- Never store passwords in plain text. Password hashing is a one-way process, and the original password cannot be retrieved from the hashed value. This is crucial for user security.
- Use a strong hashing algorithm. The default algorithm used by
generate_password_hashis likely more secure thansha256. Changing it unless absolutely necessary is not recommended.
By following these steps, you should be able to resolve the ValueError and ensure secure password hashing in your Flask application.
and here is full code
from flask import Blueprint, render_template, redirect, url_for, request, flash
from . import db
from .models import User
from flask_login import login_user, logout_user, login_required, current_user
from werkzeug.security import generate_password_hash, check_password_hash
auth = Blueprint("auth", __name__)
@auth.route("/login", methods=['GET', 'POST'])
def login():
if request.method == 'POST':
email = request.form.get("email")
password = request.form.get("password")
user = User.query.filter_by(email=email).first()
if user:
if check_password_hash(user.password, password):
flash("Logged in!", category='success')
login_user(user, remember=True)
return redirect(url_for('views.home'))
else:
flash('Password is incorrect.', category='error')
else:
flash('Email does not exist.', category='error')
return render_template("login.html")
@auth.route("/sign-up", methods=['GET', 'POST'])
def sign_up():
if request.method == 'POST':
email = request.form.get("email")
username = request.form.get("username")
password1 = request.form.get("password1")
password2 = request.form.get("password2")
email_exists = User.query.filter_by(email=email).first() if email else None
username_exists = User.query.filter_by(username=username).first() if username else None
if email_exists:
flash('Email is already in use.', category='error')
elif username_exists:
flash('Username is already in use.', category='error')
elif password1 != password2:
flash('Passwords don\'t match!', category='error')
elif username and len(username) < 2:
flash('Username is too short.', category='error')
elif password1 and len(password1) < 7:
flash('Password is too short.', category='error')
elif email is None or len(email) < 4: # Add this condition
flash("Email is invalid.", category='error')
else:
new_user = User(email=email, username=username, password=generate_password_hash(password1))
db.session.add(new_user)
db.session.commit()
login_user(new_user, remember=True)
flash('User created!')
return redirect(url_for('views.home'))
return render_template("signup.html")
@auth.route("/logout")
@login_required
def logout():
logout_user()
return redirect(url_for("views.home"))
from flask-web-app-tutorial.
ChippieZA
commented on August 11, 2024
use
(password1, method='pbkdf2:sha256') )
instead of
(password1, method='sha256') )
from flask-web-app-tutorial.
Related Issues (20)
- ValueError: Invalid hash method 'sha256'. HOT 18
- Noob I am HOT 1
- Alert message in home page HOT 1
- HEEELPPPP!! HOT 1
- I've corrected the call to create_all(), but no database file is created HOT 2
- Error in getting the url address after the installation of pip HOT 4
- Not an issue but a solution
- home.html
- why after reinstallation the database can't be reused
- address challenges encountered in implementing the QC test on the data arrays
- TypeError: object of type 'NoneType' has no len() HOT 1
- AttributeError: type object 'SQLAlchemy' has no attribute 'Model' HOT 1
- Only blank screen HOT 1
- Can't run main.py HOT 2
- Flask Web Dev course
- FLASH MESSAGES NOT SHOWING IN LOGIN PAGE HOT 1
- Getting this Error: TypeError: Response.__call__() missing 2 required positional arguments: 'environ' and 'start_response'
- nothing is being deleted. I think smth to do w buttons. The delete button can't be triggered
- Database not being created.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from flask-web-app-tutorial.