Password Hashers

For those familiar with other frameworks like Django, these password hashers will be very similar to you.

The password hashers, as the name suggests, are used to hash a given string into a salted string formated and therefore making a possible password even more secure.

Ravyn and password hashing

Ravyn supporting Edgy also means providing some of the features internally.

A lof of what is explained here is explained in more detail in the Edgy orm support.

Ravyn already brings some pre-defined password hashers that are available in the Ravyn settings and ready to be used.

@property
def password_hashers(self) -> List[str]:
    return [
        "ravyn.contrib.auth.hashers.BcryptPasswordHasher",
    ]

Ravyn uses passlib under the hood in order to facilitate the process of hashing passwords.

You can always override the property password_hashers in your custom settings and use your own.

from typing import List

from ravyn import RavynSettings
from ravyn.contrib.auth.hashers import BcryptPasswordHasher


class CustomHasher(BcryptPasswordHasher):
    """
    All the hashers inherit from BasePasswordHasher
    """

    salt_entropy = 3000


class MySettings(RavynSettings):
    @property
    def password_hashers(self) -> List[str]:
        return ["myapp.hashers.CustomHasher"]

Current supported hashing

Currently Ravyn supports PBKDF2 and PBKDF2SHA1 password hashing but this does not mean that only supports those. In fact, you can use your own completely from the scratch and use it within your application.

Tip

If you want to create your own password hashing, it is advisable to subclass the BasePasswordHasher.

from ravyn.contrib.auth.hashers import BasePasswordHasher